1<?php
2/*
3 * vim:set softtabstop=4 shiftwidth=4 expandtab:
4 *
5 * LICENSE: GNU Affero General Public License, version 3 (AGPL-3.0-or-later)
6 * Copyright 2001 - 2020 Ampache.org
7 *
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
20 *
21 */
22
23declare(strict_types=0);
24
25namespace Ampache\Module\Application\LostPassword;
26
27use Ampache\Config\ConfigContainerInterface;
28use Ampache\Config\ConfigurationKeyEnum;
29use Ampache\Module\Application\ApplicationActionInterface;
30use Ampache\Module\Application\Exception\AccessDeniedException;
31use Ampache\Module\Authorization\GuiGatekeeperInterface;
32use Ampache\Module\System\Core;
33use Ampache\Module\User\NewPasswordSenderInterface;
34use Ampache\Module\Util\Mailer;
35use Ampache\Module\Util\Ui;
36use Ampache\Module\Util\UiInterface;
37use Psr\Http\Message\ResponseInterface;
38use Psr\Http\Message\ServerRequestInterface;
39
40final class SendAction implements ApplicationActionInterface
41{
42    public const REQUEST_KEY = 'send';
43
44    private ConfigContainerInterface $configContainer;
45
46    private NewPasswordSenderInterface $newPasswordSender;
47
48    private UiInterface $ui;
49
50    public function __construct(
51        ConfigContainerInterface $configContainer,
52        NewPasswordSenderInterface $newPasswordSender,
53        UiInterface $ui
54    ) {
55        $this->configContainer   = $configContainer;
56        $this->newPasswordSender = $newPasswordSender;
57        $this->ui                = $ui;
58    }
59
60    public function run(ServerRequestInterface $request, GuiGatekeeperInterface $gatekeeper): ?ResponseInterface
61    {
62        if (
63            !Mailer::is_mail_enabled() ||
64            $this->configContainer->isFeatureEnabled(ConfigurationKeyEnum::DEMO_MODE)
65        ) {
66            throw new AccessDeniedException();
67        }
68
69        /* Check for posted email */
70        $result = false;
71        if (filter_has_var(INPUT_POST, 'email') && Core::get_post('email')) {
72            /* Get the email address and the current ip*/
73            $email      = scrub_in(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL));
74            $current_ip = filter_has_var(
75                INPUT_SERVER,
76                'HTTP_X_FORWARDED_FOR') ? Core::get_server('HTTP_X_FORWARDED_FOR') : Core::get_server('REMOTE_ADDR'
77            );
78            $result     = $this->newPasswordSender->send($email, $current_ip);
79        }
80        // Do not acknowledge a password has been sent or failed and go back to login
81        require Ui::find_template('show_login_form.inc.php');
82
83        return null;
84    }
85}
86