/**
* Reset
*/
public function actionReset($token)
{
/** @var User $user */
// get user token and check expiration
$userToken = UserToken::findByToken($token, UserToken::TYPE_PASSWORD_RESET);
if (!$userToken) {
return ["error" => "Invalid token"];
}
// get user and load post
// return user email if user hasn't submitted yet
$user = User::findOne($userToken->user_id);
if (!$user->loadPost()) {
return ["success" => $user->email];
}
// set scenario and save new password
$user->setScenario("reset");
if ($user->save(true, ["password", "newPassword", "newPasswordConfirm"])) {
$userToken->delete();
return ["success" => true];
}
return ["errors" => $user->errors];
}
