Your IP : 216.73.216.97

Current Path : /var/www/clients/client3/web2/web/vendor/magento/module-user/Controller/Adminhtml/
Upload File :
Current File : /var/www/clients/client3/web2/web/vendor/magento/module-user/Controller/Adminhtml/Auth.php

<?php
/**
 * Copyright © Magento, Inc. All rights reserved.
 * See COPYING.txt for license details.
 */

namespace Magento\User\Controller\Adminhtml;

use Magento\Framework\Encryption\Helper\Security;
use Magento\Backend\App\AbstractAction;
use Magento\Backend\App\Action\Context;
use Magento\User\Model\UserFactory;
use Magento\Framework\Exception\LocalizedException;

/**
 * \Magento\User Auth controller
 */
abstract class Auth extends AbstractAction
{
    /**
     * User model factory
     *
     * @var UserFactory
     */
    protected $_userFactory;

    /**
     * Construct
     *
     * @param Context $context
     * @param UserFactory $userFactory
     */
    public function __construct(
        Context $context,
        UserFactory $userFactory
    ) {
        parent::__construct($context);
        $this->_userFactory = $userFactory;
    }

    /**
     * Check if password reset token is valid
     *
     * @param int $userId
     * @param string $resetPasswordToken
     * @return void
     * @throws LocalizedException
     */
    protected function _validateResetPasswordLinkToken($userId, $resetPasswordToken)
    {
        if (!is_int(
            $userId
        ) || !is_string(
            $resetPasswordToken
        ) || empty($resetPasswordToken) || empty($userId) || $userId < 0
        ) {
            throw new LocalizedException(__('Please correct the password reset token.'));
        }

        /** @var $user \Magento\User\Model\User */
        $user = $this->_userFactory->create()->load($userId);
        if (!$user->getId()) {
            throw new LocalizedException(
                __('Please specify the correct account and try again.')
            );
        }

        $userToken = $user->getRpToken();
        if (!Security::compareStrings($userToken, $resetPasswordToken) || $user->isResetPasswordLinkTokenExpired()) {
            throw new LocalizedException(__('Your password reset link has expired.'));
        }
    }

    /**
     * Check if user has permissions to access this controller
     *
     * @return bool
     */
    protected function _isAllowed()
    {
        return true;
    }
}