public function testFormValidation()
{
$form = \Yii::createObject(RecoveryForm::className());
$form->scenario = 'reset';
$this->specify('password is required', function () use($form) {
verify($form->validate(['password']))->false();
});
$this->specify('password is too short', function () use($form) {
$form->password = '******';
verify($form->validate(['password']))->false();
});
$this->specify('password is ok', function () use($form) {
$form->password = '******';
verify($form->validate(['password']))->true();
});
}
/**
* Displays page where user can reset password.
* @param integer $id
* @param string $code
* @return string
* @throws \yii\web\NotFoundHttpException
*/
public function actionReset($id, $code)
{
if (!$this->module->enablePasswordRecovery) {
throw new NotFoundHttpException();
}
/** @var Token $token */
$token = $this->finder->findToken(['user_id' => $id, 'code' => $code, 'type' => Token::TYPE_RECOVERY])->one();
if ($token === null || $token->isExpired || $token->user === null) {
\Yii::$app->session->setFlash('danger', \Yii::t('users', 'Recovery link is invalid or out-of-date. Please try requesting a new one.'));
return $this->render('/message', ['title' => \Yii::t('users', 'Invalid or out-of-date link'), 'module' => $this->module]);
}
$model = \Yii::createObject(['class' => RecoveryForm::className(), 'scenario' => 'reset']);
$this->performAjaxValidation($model);
if ($model->load(\Yii::$app->getRequest()->post()) && $model->resetPassword($token)) {
return $this->render('/message', ['title' => \Yii::t('users', 'Password has been changed'), 'module' => $this->module]);
}
return $this->render('reset', ['model' => $model]);
}