/**
* Send reset password form with KEY
*/
public function resetPassword()
{
$input = Input::all();
$validator = Validator::make($input, User::getResetRules());
if ($validator->passes()) {
$reset = ResetKey::where('key', $input['key'])->first();
$user = User::where('email', $input['email'])->first();
if (!$reset instanceof ResetKey) {
return ApiResponse::errorUnauthorized("Invalid reset key.");
}
if ($reset->user_id != $user->_id) {
return ApiResponse::errorUnauthorized("Reset key does not belong to this user.");
}
if ($reset->isExpired()) {
$reset->delete();
return ApiResponse::errorUnauthorized("Reset key is expired.");
}
$user = $reset->user;
$user->password = Hash::make($input['password']);
$user->save();
$reset->delete();
return ApiResponse::json('Password reset successfully!');
} else {
return ApiResponse::validation($validator);
}
}
public function generateResetKey()
{
return ResetKey::getInstance($this);
}