Sign.php

<?php defined('SYSPATH') or die('No direct script access.');

class Controller_Handler_Sign extends Controller_Handler
{
    public function before() {
        parent::before();
    }

    public function action_in() {
        $ok = User::instance()->signIn($_POST['login'], $_POST['password']);
        if (!$ok) $this->fail();
    }

    public function action_up() {
        $res['success'] = false;

        $config = Kohana::$config->load('security.securityPolicy');

        $this->post->rule('activation_code', 'alpha_numeric')
            ->rule('login', 'not_empty')
            ->rule('password', 'min_length', [':value', $config['password']['length']])
            ->rule('confirm_password', 'matches', [':validation', 'confirm_password', 'password'])
            ->rule('email', 'not_empty')
            ->rule('email', 'email');

        if ($this->post->check()) {
            list($res['success'], $attempt) = User::instance()->signUp(
                $_POST['activation_code'], $_POST['email'], $_POST['login'], $_POST['password']);

            if (!$res['success']) {
                switch ($attempt) {
                    case 'login_exists':
                        $this->post->error('login', 'already_exists');
                        break;
                    case 'mail_exists':
                        $this->post->error('email', 'already_exists');
                        break;
                    case 'invalid_code':
                        $this->post->error('activation_code', 'invalid_code');
                        break;
                }
            }
        }

        if (!$res['success']) {
            $res['errors'] = $this->post->errors('signin');
        }

        $this->response->body(json_encode($res));
    }

    public function action_remindPassword() {
        $res['success'] = false;

        $this->post->rule('email', 'not_empty')->rule('email', 'email');

        if ($this->post->check()) {
            if (Account::doesEmailExist($_POST['email'])) {
                Account::createRecoveryRequest($_POST['email']);
                $res['success'] = true;
            } else {
                $res['error'] = 'Пользователь с таким e-mail адресом не зарегистрирован в системе!';
            }
        } else {
            $res['error'] = 'Введенная строка не является e-mail адресом!';
        }

        $this->response->body(json_encode($res));
    }

    public function action_changePassword() {
        $res['success'] = false;

        $config = Kohana::$config->load('security.securityPolicy');

        $this->post->rule('token', 'alpha_numeric')
            ->rule('password', 'min_length', [':value', $config['password']['length']])
            ->rule('confirm_password', 'matches', [':validation', 'confirm_password', 'password']);

        if ($this->post->check()) {
            $token = $_POST['token'];
            if (Account::checkToken($token)) {
                Account::changePasswordByToken($token, $_POST['password']);
                $res['success'] = true;
            }
        }

        if (!$res['success']) {
            $res['errors'] = $this->post->errors('signin');
        }

        $this->response->body(json_encode($res));
    }
}