Forgot password

Author: jaydeepakbari

README.md

@@ -1,29 +1,37 @@
-# Codeigniter Admin Panel ( Startup Kit )
+# CI Admin ( Startup Kit )
 
-[![](https://user-images.githubusercontent.com/6220995/72037880-95b78580-32c5-11ea-994c-8165e8a717e6.png)](https://user-images.githubusercontent.com/6220995/72037880-95b78580-32c5-11ea-994c-8165e8a717e6.png)
+CI Admin is Powerfull Codeigniter Admin Panel for starting a new project with Codeigniter Framework. It is developed for custom CodeIgniter projects. It’s cover most common features that needed for nowadays project. It will make your development task more easier then before. We are working hard to create many free features on this project.
+
+The main objective is to speed up web development effort by providing configurable and ready modules. Configurations can be made easily using the Control Panel, or programmatically. Use Admin Lite Admin Panel to create your own web application with the following benefits.
+
+[![](https://user-images.githubusercontent.com/6220995/72045524-4df02880-32dc-11ea-8fec-3d76a7a4f891.png)](https://user-images.githubusercontent.com/6220995/72045524-4df02880-32dc-11ea-8fec-3d76a7a4f891.png)
 
 ### Features
 
 - Support Laravel equivalent
 - Support Route naming conventions 
 - User Login Registration
 - Forget Password 
-
+- Message Helpers (success., info, warning, error)
+- Responsive Design With Bootstrap based HTML template.
+- Pagination
+- Secure Authentication
+- Structured & Clean Code
 
 ### Installation  
 
-        git clone https://github.com/jaydeepakbari/Codeigniter-Admin-Panel.git
-        cd Codeigniter-Admin-Panel
+        git clone https://github.com/jaydeepakbari/CI-admin.git
+        cd CI-admin
         composer install
 
 ### Database SQL
 
 Find file inside database folder and import in your project database
 
 ### Default Admin Login
-`[email protected] / 111111`
+`Username : [email protected] Password : 111111`
 
-### Credits
+### Libraries used :
 
 - [ingeniasoftware/luthier-ci](https://github.com/ingeniasoftware/luthier-ci "ingeniasoftware/luthier-ci")
 - [tabler/tabler](https://github.com/tabler/tabler "tabler/tabler")

application/config/email.php

@@ -0,0 +1,14 @@
+<?php defined('BASEPATH') OR exit('No direct script access allowed');
+
+$config = array(
+    'protocol'     => 'smtp', // 'mail', 'sendmail', or 'smtp'
+    'smtp_host'    => 'smtp.example.com', 
+    'smtp_port'    => 465,
+    'smtp_user'    => '[email protected]',
+    'smtp_pass'    => '12345!',
+    'smtp_crypto'  => 'ssl', //can be 'ssl' or 'tls' for example
+    'mailtype'     => 'text', //plaintext 'text' mails or 'html'
+    'smtp_timeout' => '4', //in seconds
+    'charset'      => 'iso-8859-1',
+    'wordwrap'     => TRUE
+);

application/controllers/admin/Authentication.php

@@ -1,6 +1,8 @@
 <?php
 defined('BASEPATH') OR exit('No direct script access allowed');
 use Model\User;
+use Model\PasswordReset;
+
 
 class Authentication extends CI_Controller {
 	public function index(){
@@ -9,7 +11,20 @@ public function index(){
         	redirect(route('admin.dashboard'));
         }
 
-		$this->load->view('admin/auth/login');
+		View::load('admin/auth/login',[],'auth');
+	}
+
+	public function forget_form(){
+        if(Auth::check()){ redirect(route('admin.dashboard')); }
+
+		View::load('admin/auth/forgot-email',[],'auth');
+	}
+
+	public function reset_password_form($token){
+        if(Auth::check()){ redirect(route('admin.dashboard')); }
+
+        $data['token'] = $token;
+		View::load('admin/auth/reset-password',$data,'auth');
 	}
 
 	public function logout(){
@@ -35,7 +50,7 @@ public function check_login(){
 		    } else if(!$user->status){
 		    	$json['errors']['email'] = 'User must be active for login';
 		    } else if(!bcrypt_check($data['password'], $user->password)){
-	    		$json['errors']['email'] = 'User must be active for login';
+	    		$json['errors']['email'] = 'Invalid Email Address or Password';
 	    	} else {
 		    	$this->session->set_userdata('login_admin', $user->id);
 		    	$json['redirect'] = route("admin.dashboard");
@@ -44,4 +59,98 @@ public function check_login(){
 
 	    View::json($json);
 	}
+
+	public function forget_form_check(){
+		$json = array();
+
+		$this->form_validation->set_rules('email', 'Email Address', 'required');
+	    $data = $this->input->post(NULL,true);
+		if($this->form_validation->run() == FALSE){
+			$json['errors'] = $this->form_validation->error_array();	
+		}
+			
+		if (!isset($json['errors'])) {
+    		$user = User::where("email","like",$data['email'])->first();
+		    if(!$user){
+		    	$json['errors']['email'] = 'Invalid Email Address or Password';
+		    } else if(!$user->status){
+		    	$json['errors']['email'] = 'User must be active for reset password';
+		    } else {
+		    	PasswordReset::where('email','like',$this->input->post('email') )->delete();
+
+		    	$newToken = new PasswordReset();
+		    	$newToken->token = token(20);
+		    	$newToken->email = $this->input->post('email');
+		    	$newToken->save();
+
+		    	$this->load->config('email');
+		        $this->load->library('email');
+		        
+		        $from = $this->config->item('smtp_user');
+		        $to = $this->input->post('email');
+		        $subject = 'Reset Password Notification';
+		        $message = "<p>Hello!</p><br>
+					<p>You are receiving this email because we received a password reset request for your account.</p>
+
+					<a href='". route('admin.reset_password_form',['token' => $newToken->token]) ."'>Reset Password</a>
+					<p>This password reset link will expire in 60 minutes.</p>
+
+					<p>If you did not request a password reset, no further action is required.</p>
+
+					<br>
+					<b>Thanks</b>
+				";
+
+		        $this->email->set_newline("\r\n");
+		        $this->email->from($from);
+		        $this->email->to($to);
+		        $this->email->subject($subject);
+		        $this->email->message($message);
+
+	            
+		        if ($this->email->send()) {
+		        	set_message('success', 'An email has been sent to your email address. Please check its inbox to continue reseting password.');
+		            $json['redirect'] = route('admin.forget_form');
+		        } else {
+		            show_error($this->email->print_debugger());
+		        }
+		    }
+		}
+
+	    View::json($json);
+	}
+
+	public function reset_password_check(){
+		$json = array();
+
+		$this->form_validation->set_rules('password', 'Password', 'required');
+		$this->form_validation->set_rules('token', 'token', 'required');
+		$this->form_validation->set_rules('c_password', 'Confirm Password', 'required|matches[password]');
+
+	    $data = $this->input->post(NULL,true);
+		if($this->form_validation->run() == FALSE){
+			$json['errors'] = $this->form_validation->error_array();	
+		}
+			
+		if (!isset($json['errors'])) {
+    		$token = PasswordReset::where('token',$data['token'])->first();
+    		if(!$token){
+    			$json['errors']['password'] = 'Invalid token..';
+    		} else{
+    			$user = User::where('email',$token->email)->first();
+    			if(!$user){
+    				$json['errors']['password'] = 'Invalid token..';
+    			} else {
+    				$user->password = bcrypt_hash($data['password']);
+    				$user->save();
+
+    				set_message('success', 'Password reset successfully');
+    				PasswordReset::where('email','like',$user->email )->delete();
+    				$json['redirect'] = route('admin.login');
+    			}
+    		}
+		}
+
+	    View::json($json);
+	}
 }

application/controllers/admin/UserController.php

@@ -55,6 +55,7 @@ public function submit_form($user_id = 0){
 			}
 
 		    $user->save();
+		    set_message('success', 'User save successfully');
 		    $json['redirect'] = route("admin.user.list");
 		}
 
@@ -64,6 +65,7 @@ public function submit_form($user_id = 0){
 
 	public function destory($user_id){
 		User::where("id",$user_id)->delete();
+		set_message('success', 'User deleted successfully');
 		redirect(route('admin.user.list'));
 	}
 
@@ -73,6 +75,8 @@ public function destory_multiple(){
 		if(is_array($ids) && $ids){
 			User::whereIn("id",$ids)->delete();
 		}
+
+		set_message('success', 'User deleted successfully');
 		redirect(route('admin.user.list'));
 	}
 }

application/core/Auth.php

@@ -20,6 +20,6 @@ public static function user(){
 
 	public static function check(){
 		self::initClass();
-		return self::$user->id > 0;
+		return (self::$user && self::$user->id) > 0 ? true : false;
 	}
 }

application/helpers/util_helper.php

@@ -40,6 +40,11 @@ function makePaginate(&$query, $config){
 	$query->paginate = $ci->pagination->create_links();
 }
 
+function set_message($type, $message){
+	$ci = &get_instance();
+	$ci->session->set_flashdata($type, $message);
+}
+
 function bcrypt_hash($password, $work_factor = 8){    
     if (! function_exists('openssl_random_pseudo_bytes')) {
         throw new Exception('Bcrypt requires openssl PHP extension');
@@ -66,4 +71,10 @@ function bcrypt_check($password, $stored_hash, $legacy_handler = NULL){
     return crypt($password, $stored_hash) == $stored_hash;
 }
 
-function bcrypt_is_legacy_hash($hash) { return substr($hash, 0, 4) != '$2a$'; }
+function bcrypt_is_legacy_hash($hash) { return substr($hash, 0, 4) != '$2a$'; }
+
+function token($length_of_string=10){ 
+    $str_result = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 
+  
+    return substr(str_shuffle($str_result),0, $length_of_string); 
+} 

application/helpers/view_helper.php

@@ -2,11 +2,11 @@
 class View{
 	function __construct(){}
 
-	public static function load($file, $data = array()){
+	public static function load($file, $data = array(), $layout = 'dashboard'){
 		$ci = &get_instance();
 		$data['content'] = $ci->load->view($file, $data, true);
 
-		$ci->load->view('admin/layout/dashboard', $data);		
+		$ci->load->view('admin/layout/'. $layout, $data);		
 	}
 
 	public static function json($json = array()){

application/models/PasswordReset.php

@@ -0,0 +1,7 @@
+<?php
+namespace Model;
+use \Illuminate\Database\Eloquent\Model as Eloquent;
+
+class PasswordReset extends Eloquent {
+	const UPDATED_AT = null;	
+}

application/routes/web.php

@@ -7,7 +7,11 @@
 /* BACKEND ROUTES */
 Route::get('/admin/login', 'admin/Authentication@index')->name('admin.login');
 Route::get('/admin/logout', 'admin/Authentication@logout')->name('admin.logout');
-Route::post('/admin/login', 'admin/Authentication/check_login@index')->name('admin.check_login');
+Route::post('/admin/login', 'admin/Authentication@check_login')->name('admin.check_login');
+Route::get('/admin/forgot-password', 'admin/Authentication@forget_form')->name('admin.forget_form');
+Route::post('/admin/forgot-password', 'admin/Authentication@forget_form_check')->name('admin.forget_form_check');
+Route::get('/admin/reset-password/{token}', 'admin/Authentication@reset_password_form')->name('admin.reset_password_form');
+Route::post('/admin/reset-password', 'admin/Authentication@reset_password_check')->name('admin.reset_password_check');
 
 Route::group('admin',['namespace' => 'admin','middleware' => ['CheckIfLogin']], function(){
 	Route::get('/', 'dashboard@index')->name('admin.dashboard');

application/views/admin/auth/forgot-email.php

@@ -0,0 +1,55 @@
+<div class="d-flex h-auto min-h-full justify-content-center">
+    <div class="d-flex align-items-center justify-content-center flex-fill">
+        <div class="container">
+            <div class="row">
+                <div class="col col-login mx-auto">
+                    <div class="text-center mb-4 mt-4">
+                        <img src="<?= base_url('assets/admin/img/logo-black.png') ?>" class="w-50" alt="">
+                    </div>
+                    <?php if($message = $this->session->flashdata('success')){ ?>
+                        <div class="alert alert-success alert-dismissible" role='alert'>
+                            <h3>Email Sent!</h3>
+                            <p><?= $message ?></p>
+                        </div>
+                    <?php } ?>
+                    <form class="card" action="<?= route('admin.forget_form_check') ?>" id="forgot_form" method="post">
+                        
+                        <div class="card-body p-5">
+                            <div class="card-title">Forgot password</div>
+                            <p class="text-muted">Enter your email address and your password will be reset and emailed to you.</p>
+                            <div class="mb-2">
+                                <label class="form-label" for="exampleInputEmail1">Email address</label>
+                                <input type="email" name="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" placeholder="Enter email">
+                            </div>
+                            <div class="form-footer">
+                                <button type="submit" class="btn btn-submit btn-primary btn-block">Send confirmation link</button>
+                            </div>
+                        </div>
+                        
+                    </form>
+                    <div class="text-center text-muted">
+                        Have account yet? <a href="<?= route('admin.login') ?>">Sign in</a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script type="text/javascript">
+    $("#forgot_form").submit(function(){
+        $this = $(this);
+        $.ajax({
+            url:$this.attr("action"),
+            type:'POST',
+            dataType:'json',
+            data:$this.serialize(),
+            beforeSend:function(){ $this.find('.btn-submit').btn("loading"); },
+            complete:function(){ $this.find('.btn-submit').btn("reset"); },
+            success:function(json){
+                json_callback(json,$this);
+            },
+        })
+        return false;
+    })
+</script>