OXID-eSales
diff --git a/‎metadata.php‎
Lines changed: 1 addition & 1 deletion b/‎metadata.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎migration/data/Version20251128093245.php‎
Lines changed: 2 additions & 0 deletions b/‎migration/data/Version20251128093245.php‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎migration/data/Version20260114104913.php‎
Lines changed: 0 additions & 25 deletions b/‎migration/data/Version20260114104913.php‎
Lines changed: 0 additions & 25 deletions
diff --git a/‎src/Authentication/OAuth2/Infrastructure/Repository/UserRepository.php‎
Lines changed: 4 additions & 3 deletions b/‎src/Authentication/OAuth2/Infrastructure/Repository/UserRepository.php‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎…aptcha/Shop/ForgotPasswordController.php‎ ‎…/Controller/ForgotPasswordController.php‎src/Captcha/Shop/ForgotPasswordController.php renamed to src/Shared/Controller/ForgotPasswordController.php
Lines changed: 22 additions & 1 deletion b/‎…aptcha/Shop/ForgotPasswordController.php‎ ‎…/Controller/ForgotPasswordController.php‎src/Captcha/Shop/ForgotPasswordController.php renamed to src/Shared/Controller/ForgotPasswordController.php
Lines changed: 22 additions & 1 deletion
diff --git a/‎src/Shared/Core/ViewConfig.php‎
Lines changed: 7 additions & 0 deletions b/‎src/Shared/Core/ViewConfig.php‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎tests/Integration/Captcha/Shop/ForgotPasswordControllerTest.php‎
Lines changed: 0 additions & 124 deletions b/‎tests/Integration/Captcha/Shop/ForgotPasswordControllerTest.php‎
Lines changed: 0 additions & 124 deletions
@@ -34,7 +34,7 @@
     'email'       => 'info@oxid-esales.com',
     'extend'      => [
         \OxidEsales\Eshop\Application\Controller\NewsletterController::class => \OxidEsales\SecurityModule\Captcha\Shop\NewsletterController::class,
-        \OxidEsales\Eshop\Application\Controller\ForgotPasswordController::class => \OxidEsales\SecurityModule\Captcha\Shop\ForgotPasswordController::class,
+        \OxidEsales\Eshop\Application\Controller\ForgotPasswordController::class => \OxidEsales\SecurityModule\Shared\Controller\ForgotPasswordController::class,
         \OxidEsales\Eshop\Application\Model\User::class => \OxidEsales\SecurityModule\Shared\Model\User::class,
         \OxidEsales\Eshop\Core\InputValidator::class    => \OxidEsales\SecurityModule\Shared\Core\InputValidator::class,
         \OxidEsales\Eshop\Core\ViewConfig::class        => \OxidEsales\SecurityModule\Shared\Core\ViewConfig::class
 
@@ -19,6 +19,8 @@ public function up(Schema $schema): void
         $this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPCODE` VARCHAR(128) default NULL COMMENT "OTP code"');
         $this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPEXPTIME` DATETIME default NULL COMMENT "OTP code expiration time"');
         $this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPATTEMPTS` INT NOT NULL default 0 COMMENT "OTP code attempts"');
+        $this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPLASTSENT` DATETIME default NULL COMMENT "Last OTP sent timestamp"');
+        $this->addSql('ALTER TABLE `oxuser` ADD column `OESMEXTERNALAUTH` TINYINT(1) NOT NULL default 0 COMMENT "User registered via external authentication"');
     }
 
     public function down(Schema $schema): void
 
@@ -41,9 +41,10 @@ public function createUser(OAuth2UserDTOInterface $userDTO): UserDTOInterface
     {
         $userModel = $this->userFactory->create();
         $userModel->assign([
-            'OXFNAME'    => $userDTO->getFirstName(),
-            'OXLNAME'    => $userDTO->getLastName(),
-            'OXUSERNAME' => $userDTO->getEmail(),
+            'OXFNAME'          => $userDTO->getFirstName(),
+            'OXLNAME'          => $userDTO->getLastName(),
+            'OXUSERNAME'       => $userDTO->getEmail(),
+            'OESMEXTERNALAUTH' => 1,
         ]);
         $userModel->setPassword($this->passwordGenerator->generatePasswordForOAuthUser());
         $userModel->createUser();
 
@@ -7,13 +7,18 @@
 
 declare(strict_types=1);
 
-namespace OxidEsales\SecurityModule\Captcha\Shop;
+namespace OxidEsales\SecurityModule\Shared\Controller;
 
+use OxidEsales\Eshop\Application\Model\User;
 use OxidEsales\Eshop\Core\Exception\StandardException;
 use OxidEsales\Eshop\Core\Registry;
 use OxidEsales\SecurityModule\Captcha\Service\CaptchaServiceInterface;
 use OxidEsales\SecurityModule\Captcha\Service\ModuleSettingsServiceInterface;
 
+/**
+ * @mixin \OxidEsales\Eshop\Application\Controller\ForgotPasswordController
+ * @eshopExtension
+ */
 class ForgotPasswordController extends ForgotPasswordController_parent
 {
     public function forgotPassword(): ?bool
@@ -36,4 +41,20 @@ public function forgotPassword(): ?bool
 
         return parent::forgotPassword();
     }
+
+    public function updatePassword()
+    {
+        $result = parent::updatePassword();
+
+        if ($result === 'forgotpwd?success=1') {
+            $userId = Registry::getSession()->getVariable('usr');
+            $user = oxNew(User::class);
+            if ($userId && $user->load($userId) && $user->getFieldData('oesmexternalauth')) {
+                $user->assign(['OESMEXTERNALAUTH' => 0]);
+                $user->save();
+            }
+        }
+
+        return $result;
+    }
 }
@@ -64,4 +64,11 @@ public function getRemainingAttempts(): int
     {
         return $this->getService(AuthorizeServiceInterface::class)->getRemainingAttempts();
     }
+
+    public function isExternalAuthUser(): bool
+    {
+        $user = $this->getUser();
+
+        return $user && (bool) $user->getFieldData('oesmexternalauth');
+    }
 }
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,8 @@ public function up(Schema $schema): void`
`19`	`19`	$this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPCODE` VARCHAR(128) default NULL COMMENT "OTP code"');
`20`	`20`	$this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPEXPTIME` DATETIME default NULL COMMENT "OTP code expiration time"');
`21`	`21`	$this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPATTEMPTS` INT NOT NULL default 0 COMMENT "OTP code attempts"');
	`22`	+ $this->addSql('ALTER TABLE `oxuser` ADD column `OESMOTPLASTSENT` DATETIME default NULL COMMENT "Last OTP sent timestamp"');
	`23`	+ $this->addSql('ALTER TABLE `oxuser` ADD column `OESMEXTERNALAUTH` TINYINT(1) NOT NULL default 0 COMMENT "User registered via external authentication"');
`22`	`24`	`}`
`23`	`25`
`24`	`26`	`public function down(Schema $schema): void`
Original file line number	Diff line number	Diff line change
`@@ -64,4 +64,11 @@ public function getRemainingAttempts(): int`
`64`	`64`	`{`
`65`	`65`	`return $this->getService(AuthorizeServiceInterface::class)->getRemainingAttempts();`
`66`	`66`	`}`
	`67`	`+`
	`68`	`+ public function isExternalAuthUser(): bool`
	`69`	`+ {`
	`70`	`+ $user = $this->getUser();`
	`71`	`+`
	`72`	`+ return $user && (bool) $user->getFieldData('oesmexternalauth');`
	`73`	`+ }`
`67`	`74`	`}`