1<?php
2/*
3 * vim:set softtabstop=4 shiftwidth=4 expandtab:
4 *
5 * LICENSE: GNU Affero General Public License, version 3 (AGPL-3.0-or-later)
6 * Copyright 2001 - 2020 Ampache.org
7 *
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
20 *
21 */
22
23declare(strict_types=0);
24
25namespace Ampache\Module\User;
26
27use Ampache\Module\Util\Mailer;
28use Ampache\Repository\UserRepositoryInterface;
29use PHPMailer\PHPMailer\Exception;
30
31final class NewPasswordSender implements NewPasswordSenderInterface
32{
33    private PasswordGeneratorInterface $passwordGenerator;
34
35    private UserRepositoryInterface $userRepository;
36
37    public function __construct(
38        PasswordGeneratorInterface $passwordGenerator,
39        UserRepositoryInterface $userRepository
40    ) {
41        $this->passwordGenerator = $passwordGenerator;
42        $this->userRepository    = $userRepository;
43    }
44
45    /**
46     * @throws Exception
47     */
48    public function send(
49        string $email,
50        string $current_ip
51    ): bool {
52        // get the Client and set the new password
53        $client = $this->userRepository->findByEmail($email);
54
55        // do not do anything if they aren't a user
56        if ($client === null) {
57            return false;
58        }
59
60        // do not allow administrator password resets
61        if ($client->has_access(100)) {
62            return false;
63        }
64        if ($client->email == $email && Mailer::is_mail_enabled()) {
65            $newpassword = $this->passwordGenerator->generate();
66            $client->update_password($newpassword);
67
68            $mailer = new Mailer();
69            $mailer->set_default_sender();
70            $mailer->subject        = T_('Lost Password');
71            $mailer->recipient_name = $client->fullname;
72            $mailer->recipient      = $client->email;
73
74            $message  = sprintf(
75            /* HINT: %1 IP Address, %2 Username */
76                T_('A user from "%1$s" has requested a password reset for "%2$s"'),
77                $current_ip,
78                $client->username
79            );
80            $message .= "\n";
81            $message .= sprintf(T_("The password has been set to: %s"), $newpassword);
82            $mailer->message = $message;
83
84            return $mailer->send();
85        }
86
87        return false;
88    }
89}
90