Add the ability to redirect a user to a custom page with custom content after changing their password

2024-06-26 06:29:24 +02:00 · 2017-08-25 15:07:30 +12:00 · 2017-08-25 15:07:30 +12:00 · 0987003053
commit 0987003053
parent 0ceb4cfa18
2 changed files with 18 additions and 2 deletions
--- a/src/Security/MemberAuthenticator/ChangePasswordHandler.php
+++ b/src/Security/MemberAuthenticator/ChangePasswordHandler.php
@ -3,12 +3,15 @@

 namespace SilverStripe\Security\MemberAuthenticator;

+use Psr\Container\NotFoundExceptionInterface;
 use SilverStripe\Control\Controller;
 use SilverStripe\Control\HTTPResponse;
 use SilverStripe\Control\RequestHandler;
+use SilverStripe\Core\Config\Config;
 use SilverStripe\Core\Injector\Injector;
 use SilverStripe\ORM\FieldType\DBDatetime;
 use SilverStripe\ORM\FieldType\DBField;
+use SilverStripe\ORM\ValidationException;
 use SilverStripe\Security\Authenticator;
 use SilverStripe\Security\IdentityStore;
 use SilverStripe\Security\Member;
@ -195,6 +198,8 @@ class ChangePasswordHandler extends RequestHandler
     * @param array $data The user submitted data
     * @param ChangePasswordForm $form
     * @return HTTPResponse
+     * @throws ValidationException
+     * @throws NotFoundExceptionInterface
     */
    public function doChangePassword(array $data, $form)
    {
@ -272,13 +277,12 @@ class ChangePasswordHandler extends RequestHandler
        $member->AutoLoginExpired = DBDatetime::create()->now();
        $member->write();

-        if ($member->canLogIn()) {
+        if ($member->canLogin()) {
            /** @var IdentityStore $identityStore */
            $identityStore = Injector::inst()->get(IdentityStore::class);
            $identityStore->logIn($member, false, $this->getRequest());
        }

-        // TODO Add confirmation message to login redirect
        $session->clear('AutoLoginHash');

        // Redirect to backurl
@ -290,6 +294,10 @@ class ChangePasswordHandler extends RequestHandler
            return $this->redirect($backURL);
        }

+        $backURL = Security::config()->get('default_reset_password_dest');
+        if ($backURL) {
+            return $this->redirect($backURL);
+        }
        // Redirect to default location - the login form saying "You are logged in as..."
        $url = Security::singleton()->Link('login');

--- a/src/Security/Security.php
+++ b/src/Security/Security.php
@ -1266,6 +1266,14 @@ class Security extends Controller implements TemplateGlobalProvider
     */
    private static $default_login_dest = "";

+    /**
+     * @config
+     * @var string Set the default reset password destination
+     * This is the URL that users will be redirected to after they change their password,
+     * By default, it's redirecting to {@link $login}.
+     */
+    private static $default_reset_password_dest;
+
    protected static $ignore_disallowed_actions = false;

    /**