From fded095c60c60884c1802babfc970e83603d2bd8 Mon Sep 17 00:00:00 2001
From: Diatrex <diahshalabi@hotmail.com>
Date: Fri, 6 Mar 2020 17:26:42 +0300
Subject: [PATCH] #1042 Send new password if user passoword is empty (for
 migration)

---
 .../resources/lang/en/message.php             |  1 +
 .../src/Profile/Events/SendEmptyPassword.php  | 27 ++++++++++++++
 .../Validation/ValidateCredentials.php        | 37 ++++++++++++++++++-
 3 files changed, 64 insertions(+), 1 deletion(-)
 create mode 100644 addons/default/visiosoft/profile-module/src/Profile/Events/SendEmptyPassword.php

diff --git a/addons/default/visiosoft/profile-module/resources/lang/en/message.php b/addons/default/visiosoft/profile-module/resources/lang/en/message.php
index 7e45bd0f9..807baad52 100644
--- a/addons/default/visiosoft/profile-module/resources/lang/en/message.php
+++ b/addons/default/visiosoft/profile-module/resources/lang/en/message.php
@@ -26,4 +26,5 @@ return [
     'error_valid_phone' => 'Phone number format is not correct.',
     'registered_phone' => 'This phone number has already been registered.',
     'ajax_address_error' => 'No address or not authorized to view.',
+    'empty_password_sms_message' => 'Due to security issues, we changed your password! Your new password is:',
 ];
diff --git a/addons/default/visiosoft/profile-module/src/Profile/Events/SendEmptyPassword.php b/addons/default/visiosoft/profile-module/src/Profile/Events/SendEmptyPassword.php
new file mode 100644
index 000000000..e9f16537f
--- /dev/null
+++ b/addons/default/visiosoft/profile-module/src/Profile/Events/SendEmptyPassword.php
@@ -0,0 +1,27 @@
+<?php namespace Visiosoft\ProfileModule\Profile\Events;
+
+use Anomaly\UsersModule\User\UserModel;
+
+class SendEmptyPassword
+{
+    public $password;
+    public $userId;
+
+    public function __construct($userId, $password)
+    {
+        $this->password = $password;
+        $this->userId = $userId;
+    }
+
+    public function user()
+    {
+        $user_model = new UserModel();
+        $user = $user_model->find($this->userId);
+        return $user;
+    }
+
+    public function password()
+    {
+        return $this->password;
+    }
+}
\ No newline at end of file
diff --git a/addons/default/visiosoft/profile-module/src/Profile/Validation/ValidateCredentials.php b/addons/default/visiosoft/profile-module/src/Profile/Validation/ValidateCredentials.php
index 6aaeac328..9b089f911 100644
--- a/addons/default/visiosoft/profile-module/src/Profile/Validation/ValidateCredentials.php
+++ b/addons/default/visiosoft/profile-module/src/Profile/Validation/ValidateCredentials.php
@@ -4,20 +4,28 @@ use Anomaly\Streams\Platform\Addon\Extension\ExtensionCollection;
 use Anomaly\UsersModule\User\Authenticator\Contract\AuthenticatorExtensionInterface;
 use Anomaly\UsersModule\User\Contract\UserInterface;
 use Anomaly\UsersModule\User\Contract\UserRepositoryInterface;
+use Illuminate\Contracts\Events\Dispatcher;
 use Illuminate\Http\RedirectResponse;
 use Symfony\Component\HttpFoundation\Response;
+use Visiosoft\ProfileModule\Profile\Events\SendEmptyPassword;
 use Visiosoft\ProfileModule\Profile\SignIn\SignInFormBuilder;
 
 
 class ValidateCredentials
 {
+    private $extensions;
+    private $repository;
+    private $dispatcher;
+
     public function __construct(
         ExtensionCollection $extensions,
-        UserRepositoryInterface $userRepository
+        UserRepositoryInterface $userRepository,
+        Dispatcher $dispatcher
     )
     {
         $this->extensions = $extensions;
         $this->repository = $userRepository;
+        $this->dispatcher = $dispatcher;
     }
 
     public function authenticate(array $credentials)
@@ -41,6 +49,23 @@ class ValidateCredentials
                 }
                 $response = $this->repository->findByCredentials($credentials);
 
+                // Send new password if users password is empty
+                if (is_null($response)) {
+                    if (isset($credentials['email'])) {
+                        $probableUser = $this->repository->findByEmail($credentials['email']);
+                    } elseif (isset($credentials['username'])) {
+                        $probableUser = $this->repository->findByUsername($credentials['username']);
+                    }
+                    if ($probableUser) {
+                        if (is_null($probableUser->password) || empty($probableUser->password)) {
+                            $password = $this->randomPassword();
+                            $probableUser->setAttribute('password', $password);
+                            $probableUser->update();
+                            $this->dispatcher->dispatch(new SendEmptyPassword($probableUser->id, $password));
+                        }
+                    }
+                }
+
             } else {
                 $response = $authenticator->authenticate($credentials);
             }
@@ -57,6 +82,16 @@ class ValidateCredentials
         return false;
     }
 
+    public function randomPassword() {
+        $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
+        $pass = array(); //remember to declare $pass as an array
+        $alphaLength = strlen($alphabet) - 1; //put the length -1 in cache
+        for ($i = 0; $i < 8; $i++) {
+            $n = rand(0, $alphaLength);
+            $pass[] = $alphabet[$n];
+        }
+        return implode($pass); //turn the array into a string
+    }
 
     public function handle(SignInFormBuilder $builder)
     {