/**
* Complete password reset
*
* @param string $hash Identification hash of a password reset token
* @param string $password New password of the user
* @param string $passwordRepeat Confirmation of the new password
* @return void
*
* @validate $password NotEmpty
* @validate $passwordRepeat NotEmpty
*/
public function completePasswordResetAction($hash, $password, $passwordRepeat)
{
$token = $this->tokenCache->get($hash);
if ($token !== FALSE) {
$user = $this->frontendUserRepository->findByIdentifier($token['uid']);
if ($user !== NULL) {
if ($this->hashService->validateHmac($user->getPassword(), $token['hmac'])) {
$user->setPassword($this->passwordService->applyTransformations($password));
$this->frontendUserRepository->update($user);
$this->tokenCache->remove($hash);
if ($this->getSettingValue('passwordReset.loginOnSuccess')) {
$this->authenticationService->authenticateUser($user);
$this->addLocalizedFlashMessage('resetPassword.completed.login', NULL, FlashMessage::OK);
} else {
$this->addLocalizedFlashMessage('resetPassword.completed', NULL, FlashMessage::OK);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.invalid', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
$loginPageUid = $this->getSettingValue('login.page');
$this->redirect('showLoginForm', NULL, NULL, NULL, $loginPageUid);
}
/**
* Returns the currently authenticated user
*
* @return FrontendUser
*/
public function getAuthenticatedUser()
{
return $this->frontendUserRepository->findByIdentifier($this->getFrontendController()->fe_user->user['uid']);
}
