refactor(auth): change contributor's role logic to have it included in the users_podcasts table

- update myth-auth and codeigniter to latest develop changes - improve permission check: remove all dynamic permissions per podcast and overwrite myth-auth services and permission filter - remove unnecessary code because of myth-auth upgrade - refactor some controller code for better clarity - add remaining seeders in docs closes #19, #20
2026-04-14 12:07:46 +02:00 · 2020-07-31 16:05:10 +00:00 · 2020-07-31 16:05:10 +00:00 · 58364bfed1
commit 58364bfed1
parent e0da11517d
39 changed files with 1197 additions and 685 deletions
--- a/app/Controllers/Auth.php
+++ b/app/Controllers/Auth.php
@ -1,98 +0,0 @@
-<?php
-
-/**
- * @copyright  2020 Podlibre
- * @license    https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
- * @link       https://castopod.org/
- */
-
-namespace App\Controllers;
-
-use Myth\Auth\Models\UserModel;
-
-class Auth extends \Myth\Auth\Controllers\AuthController
-{
-    /**
-     * An array of helpers to be loaded automatically upon
-     * class instantiation. These helpers will be available
-     * to all other controllers that extend BaseController.
-     *
-     * @var array
-     */
-    protected $helpers = ['auth'];
-
-    /**
-     * Displays the login form, or redirects
-     * the user to their destination/home if
-     * they are already logged in.
-     */
-    public function changePassword()
-    {
-        return view('auth/change_password', [
-            'config' => $this->config,
-            'email' => user()->email,
-            'token' => user()->reset_hash,
-        ]);
-    }
-
-    public function attemptChange()
-    {
-        $users = new UserModel();
-
-        // First things first - log the reset attempt.
-        $users->logResetAttempt(
-            $this->request->getPost('email'),
-            $this->request->getPost('token'),
-            $this->request->getIPAddress(),
-            (string) $this->request->getUserAgent()
-        );
-
-        $rules = [
-            'token' => 'required',
-            'email' => 'required|valid_email',
-            'password' => 'required|strong_password',
-            'pass_confirm' => 'required|matches[password]',
-        ];
-
-        if (!$this->validate($rules)) {
-            return redirect()
-                ->back()
-                ->withInput()
-                ->with('errors', $users->errors());
-        }
-
-        $user = $users
-            ->where('email', $this->request->getPost('email'))
-            ->where('reset_hash', $this->request->getPost('token'))
-            ->first();
-
-        if (is_null($user)) {
-            return redirect()
-                ->back()
-                ->with('error', lang('Auth.forgotNoUser'));
-        }
-
-        // Reset token still valid?
-        if (
-            !empty($user->reset_expires) &&
-            time() > $user->reset_expires->getTimestamp()
-        ) {
-            return redirect()
-                ->back()
-                ->withInput()
-                ->with('error', lang('Auth.resetTokenExpired'));
-        }
-
-        // Success! Save the new password, and cleanup the reset hash.
-        $user->password = $this->request->getPost('password');
-        $user->reset_hash = null;
-        $user->reset_at = date('Y-m-d H:i:s');
-        $user->reset_expires = null;
-        $user->force_pass_reset = false;
-        $users->save($user);
-
-        return redirect()
-            ->route('login')
-            ->with('message', lang('Auth.resetSuccess'));
-    }
-}