Yii2 a forgotten password operation based on mailbox authentication

This article describes the content is about YII2 based on the mailbox verification of the forgotten password operation, has a certain reference value, now share to everyone, the need for friends can refer to

Before I talked about the Send mail feature, now we're using email to do a little demo

Let's first take a look at what we need to do to forget the password

1. Pop-up window prompting the user to enter the user name and mailbox. 2. Verify the mailbox, use MD5 and so on encryption splicing token, send token, current timestamp, account name and other attributes. 3. The user clicks on the email link to the designated controller to verify that our token and time are timed out. 4. If both verify successful, enter the Change password action

1. If you click Forgot Password, we will enter the corresponding method of the current controller.
   Verify that the user entered the mailbox and user name, and if the validation succeeds, perform our Send mailbox action

Model file code Public Function Seekpass ($post) {$this->scenario = "Seekpass";        if ($this->load ($post) && $this->validate ()) {$time = time ();                $adminuser = $post [' Admin '] [' adminuser '];             $token = $this->createtoken ($post [' Admin '] [' adminuser '], $time); Custom method to create a unique token $mailer = \yii:: $app->mailer->compose (' Seekpass ', [' text ' = ' = ' text ', ' Adminuser ' =>$ post[' Admin ' [' Adminuser '], ' token ' =>$_server[' http_host ']. Url::toroute ([' Manage/emailchangepass ']). " &timestamp= ". $time." &token= ". $token."                    &adminuser= ". $adminuser]); $mailer->setfrom ("1115007981@qq.com")->setto ("1115007981@qq.com")->setsu        Bject ("Black Forces Technology")->send ();        if ($mailer) return true;    } return false; }//The email address for stitching is: http://web.demo.com/shop/access/backend/web/index.php?r=manage/Femailchangepassxtamp=1524052534&token=4575d5050f57baf4a896c3924d972c12&adminuser=admin 

2. If we click on the stitching email address, then we will enter the Emailchangepass method in our Manage controller and transfer the properties of our token,time,adminuser through the Get method.
   In the controller

   In the model layer, we need to write the method, and only the Changepass () method. Verify successful call to UpdateAll () method

• We need to verify the timeliness of our time, over 5 minutes of connection failure

• We need to verify that the token is the token we initially created.

• We need to identify whether there is currently a POST request, there is a user entered the modified password, you need to enter the model file Commander Test password rules
  

  Public Function Actionemailchangepass () {   $this->layout= ' login ';       $time =  Yii:: $app->request->get (' timestamp ');          $adminuser = Yii:: $app->request->get (' Adminuser ');       $token =  Yii:: $app->request->get (' token ');       $model = new Admin ();       $mytoken =  $model->createtoken ($adminuser, $time);       if ($token! = $mytoken)       {           $this->redirect ([' Public/login ']);           Yii:: $app->end ();       }       if (Time ()-$time >300)       {           $this->redirect ([' Public/login ']);           Yii:: $app->end ();       }   if (yii:: $app->request->ispost)   {       $post = Yii:: $app->request->post ();      if ($model->changepass ($post))      {          Yii:: $app->session->setflash (' info ', ' Password modified successfully ');      }   }   $model->adminuser = $adminuser;   return $this->render (' Emailchangepass ', [' model ' = + $model]);

This is the end of this share.

Before I talked about the Send mail feature, now we're using email to do a little demo

Let's first take a look at what we need to do to forget the password

1. Pop-up window prompting the user to enter the user name and mailbox. 2. Verify the mailbox, use MD5 and so on encryption splicing token, send token, current timestamp, account name and other attributes. 3. The user clicks on the email link to the designated controller to verify that our token and time are timed out. 4. If both verify successful, enter the Change password action

1. If you click Forgot Password, we will enter the corresponding method of the current controller.
   Verify that the user entered the mailbox and user name, and if the validation succeeds, perform our Send mailbox action

Model file code Public Function Seekpass ($post) {$this->scenario = "Seekpass";        if ($this->load ($post) && $this->validate ()) {$time = time ();        $adminuser = $post [' Admin '] [' adminuser '];     $token = $this->createtoken ($post [' Admin '] [' adminuser '], $time); Custom method to create a unique token $mailer = \yii:: $app->mailer->compose (' Seekpass ', [' text ' = ' = ' text ', ' Adminuser ' =>$ post[' Admin ' [' Adminuser '], ' token ' =>$_server[' http_host ']. Url::toroute ([' Manage/emailchangepass ']). " &timestamp= ". $time." &token= ". $token."            &adminuser= ". $adminuser]); $mailer->setfrom ("1115007981@qq.com")->setto ("1115007981@qq.com")->setsu        Bject ("Black Forces Technology")->send ();        if ($mailer) return true;    } return false; }//The email address for stitching is: http://web.demo.com/shop/access/backend/web/index.php?r=manage/Femailchangepassxtamp=1524052534 &token=4575d5050f57Baf4a896c3924d972c12&adminuser=admin 

2. If we click on the stitching email address, then we will enter the Emailchangepass method in our Manage controller and transfer the properties of our token,time,adminuser through the Get method.
   In the controller

   In the model layer, we need to write the method, and only the Changepass () method. Verify successful call to UpdateAll () method

• We need to verify the timeliness of our time, over 5 minutes of connection failure

• We need to verify that the token is the token we initially created.

• We need to identify whether there is currently a POST request, there is a user entered the modified password, you need to enter the model file Commander Test password rules
  

  Public Function Actionemailchangepass () {   $this->layout= ' login ';       $time =  Yii:: $app->request->get (' timestamp ');       $adminuser = Yii:: $app->request->get (' Adminuser ');       $token =  Yii:: $app->request->get (' token ');       $model = new Admin ();       $mytoken =  $model->createtoken ($adminuser, $time);       if ($token! = $mytoken)       {           $this->redirect ([' Public/login ']);           Yii:: $app->end ();       }       if (Time ()-$time >300)       {           $this->redirect ([' Public/login ']);           Yii:: $app->end ();       }   if (yii:: $app->request->ispost)   {       $post = Yii:: $app->request->post ();      if ($model->changepass ($post))      {          Yii:: $app->session->setflash (' info ', ' Password modified successfully ');      }   }   $model->adminuser = $adminuser;   return $this->render (' Emailchangepass ', [' model ' = + $model]);

This is the end of this share.