You are here

Home » API reference » Bakery Single Sign-On System 6.2 » bakery.module

function _bakery_reset_submit in Bakery Single Sign-On System 6.2

Submit handler for the password reset form.

1 string reference to '_bakery_reset_submit'
bakery_form_alter in ./bakery.module
Implementation of hook_form_alter().

File

./bakery.module, line 356

Code

function _bakery_reset_submit($form, &$form_state) {
  global $base_url;

  // If we're here it means the user has validated their email correctly.
  $master = variable_get('bakery_master', 'http://drupal.org/');
  $key = variable_get('bakery_key', '');

  // It's safe to use arg(2) here to load the user and log in because the
  // callback has validated the request and Drupal's Form API protects us
  // against forgery.
  $account = user_load(array(
    'uid' => arg(2),
  ));

  // If they have not logged in before we need to update the master site.
  if ($account->login == 0) {
    $type = 'thinmint';
    $payload = array();
    $payload['name'] = $account->name;
    $payload['slave'] = rtrim($base_url, '/') . '/';

    // Match how slaves are set on the master.
    $payload['uid'] = $account->uid;
    $payload['timestamp'] = $_SERVER['REQUEST_TIME'];
    $payload['type'] = $type;
    $data = bakery_bake_data($payload);
    $payload = drupal_query_string_encode(array(
      $type => $data,
    ));

    // Push validation to master.
    $result = drupal_http_request($master . 'bakery/validate', array(
      'Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8',
    ), 'POST', $payload);
  }

  // If they have logged in before or the master updated correctly, log them in.
  if ($account->login > 0 || $result->code == 200) {

    // Log the user in.
    $init = _bakery_init_field($account->uid);
    _bakery_bake_chocolatechip_cookie($account->name, $account->mail, $init);
    global $user;
    $user = $account;
    $edit = array(
      'name' => $user->name,
    );
    bakery_user_authenticate_finalize($edit);

    // Inform them that they need to reset their password.
    drupal_set_message(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password at <a href="!url">@master</a>.', array(
      '!url' => check_url(_bakery_init_field_url($user->init)),
      '@master' => variable_get('bakery_master', ''),
    )));
    drupal_goto('user/' . $user->uid);
  }
  else {
    drupal_goto('user/login');
  }
}