public function getUserByResetCode(array $data) { $user = $this->userRepo->getUserByEmail($data['email']); if (!$user) { return null; } $passwordResetToken = $user->passwordResetToken; if (!$passwordResetToken) { return null; } if (!$passwordResetToken->isActive()) { $passwordResetToken->delete(); return null; } if (!Str::equals($passwordResetToken->getDecryptedCode(), $data['code'])) { return null; } if ($user->email !== $passwordResetToken->email) { $passwordResetToken->delete(); return null; } return $user; }