Add page for reset auth type [NOT WORKING]

See https://github.com/marienfressinaud/FreshRSS/issues/521

app/Controllers/indexController.php

@@ -420,4 +420,81 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 		self::deleteLongTermCookie();
 		Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 	}
+
+	public function resetAuthAction() {
+		Minz_View::prependTitle(_t('reset_auth') . ' · ');
+
+		$this->view->no_form = false;
+		// Enable changement of auth only if Persona!
+		if (Minz_Configuration::authType() != 'persona') {
+			$this->view->message = array(
+				'status' => 'bad',
+				'title' => _t('damn'),
+				'body' => _t('auth_not_persona')
+			);
+			$this->view->no_form = true;
+			return;
+		}
+
+		$conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser());
+		// Admin user must have set its master password.
+		if (!$conf->passwordHash) {
+			$this->view->message = array(
+				'status' => 'bad',
+				'title' => _t('damn'),
+				'body' => _t('auth_no_password_set')
+			);
+			$this->view->no_form = true;
+			return;
+		}
+
+		if (Minz_Request::isPost()) {
+			$nonce = Minz_Session::param('nonce');
+			$username = Minz_Request::param('username', '');
+			$c = Minz_Request::param('challenge', '');
+			if (!(ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce))) {
+				Minz_Log::debug('Invalid credential parameters:' .
+				                ' user=' . $username .
+				                ' challenge=' . $c .
+				                ' nonce=' . $nonce);
+				Minz_Session::_param('notification', array(
+					'type' => 'bad',
+					'content' => Minz_Translate::t('invalid_login')
+				));
+				return;
+			}
+
+			if (!function_exists('password_verify')) {
+				include_once(LIB_PATH . '/password_compat.php');
+			}
+
+			try {
+				$s = $conf->passwordHash;
+				$ok = password_verify($nonce . $s, $c);
+				if (!$ok) {
+					Minz_Log::debug('Password mismatch for user ' . $username .
+					                ', nonce=' . $nonce . ', c=' . $c);
+					Minz_Session::_param('notification', array(
+						'type' => 'bad',
+						'content' => Minz_Translate::t('invalid_login')
+					));
+					return;
+				}
+
+				Minz_Configuration::_authType('form');
+				$ok = Minz_Configuration::writeFile();
+
+				if ($ok) {
+					Minz_Request::good(_t('auth_form_set'));
+				} else {
+					Minz_Session::_param('notification', array(
+						'type' => 'bad',
+						'content' => _t('auth_form_not_set')
+					));
+				}
+			} catch (Minz_Exception $e) {
+				Minz_Log::warning('Login failure: ' . $e->getMessage());
+			}
+		}
+	}
 }

app/views/index/resetAuth.phtml

@@ -0,0 +1,33 @@
+<div class="post content">
+	<h1><?php echo _t('reset_auth'); ?></h1>
+
+	<?php if (!empty($this->message)) { ?>
+	<p class="alert <?php echo $this->message['status'] === 'bad' ? 'alert-error' : 'alert-warn'; ?>">
+		<span class="alert-head"><?php echo $this->message['title']; ?></span>
+		<?php echo $this->message['body']; ?>
+	</p>
+	<?php } ?>
+
+	<?php if (!$this->no_form) { ?>
+	<form id="loginForm" method="post" action="<?php echo _url('index', 'resetAuth'); ?>">
+		<p class="alert alert-warn">
+			<span class="alert-head"><?php echo _t('attention'); ?></span>
+			<?php echo _t('auth_will_reset'); ?>
+		</p>
+
+		<div>
+			<label for="username"><?php echo _t('username'); ?></label>
+			<input type="text" id="username" name="username" size="16" required="required" maxlength="16" pattern="[0-9a-zA-Z]{1,16}" autofocus="autofocus" />
+		</div>
+		<div>
+			<label for="passwordPlain"><?php echo _t('password'); ?></label>
+				<input type="password" id="passwordPlain" required="required" />
+				<input type="hidden" id="challenge" name="challenge" /><br />
+				<noscript><strong><?php echo _t('javascript_should_be_activated'); ?></strong></noscript>
+		</div>
+		<div>
+			<button id="loginButton" type="submit" class="btn btn-important"><?php echo _t('reset'); ?></button>
+		</div>
+	</form>
+	<?php } ?>
+</div>