/**
* The first step in the forgot password sequence.
*
* @param string $email email address
* @param string $ip ip address making the request
* @param string $userAgent user agent used to make the request
*
* @throws AuthException when the step cannot be completed.
*
* @return bool
*/
public function step1($email, $ip, $userAgent)
{
$email = trim(strtolower($email));
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new AuthException('Please enter a valid email address.');
}
$userClass = $this->auth->getUserClass();
$user = $userClass::where('email', $email)->first();
if (!$user || $user->isTemporary()) {
throw new AuthException('We could not find a match for that email address.');
}
// can only issue a single active forgot token at a time
$expiration = U::unixToDb(time() - UserLink::$forgotLinkTimeframe);
$nExisting = UserLink::totalRecords(['user_id' => $user->id(), 'type' => UserLink::FORGOT_PASSWORD, 'created_at > "' . $expiration . '"']);
if ($nExisting > 0) {
return true;
}
// generate a reset password link
$link = $this->buildLink($user->id(), $ip, $userAgent);
// and send it
return $user->sendEmail('forgot-password', ['ip' => $ip, 'forgot' => $link->link]);
}
public function isVerified($withinTimeWindow = true)
{
$timeWindow = $withinTimeWindow ? time() - UserLink::$verifyTimeWindow : time();
return UserLink::totalRecords(['user_id' => $this->id(), 'type' => UserLink::VERIFY_EMAIL, 'created_at <= "' . U::unixToDb($timeWindow) . '"']) == 0;
}