/** * Logic to request password reset for user * * @param array $conditions * @return int */ public static function requestPasswordReset(array $conditions = array()) { $self = static::_object(); if ($user = $self::first(compact('conditions'))) { $time = new \DateTime(); $reset = PasswordResets::first(array('conditions' => array('user_id' => $user->id))); if ($reset) { $expires = new \DateTime($reset->expires); if ($expires <= $time) { $reset->delete(); } else { return PasswordResets::RESET_TOKEN_EXISTS; } } if (!$reset || !$reset->exists()) { $expires = clone $time; $expires->modify(LI3_UM_PasswordResetExpires); $token = Token::generate($user->email); $reset = PasswordResets::create(array('user_id' => $user->id, 'expires' => $expires->format('Y-m-d H:i:s'), 'token' => $token)); if ($reset->save()) { $link = Router::match(array('li3_usermanager.Users::resetPassword', 'id' => $user->id, 'token' => $token), $self::$request, array('absolute' => true)); Mailer::$_data['subject'] = 'Your password reset link!'; Mailer::$_data['from'] = LI3_UM_PasswordResetEmailFrom; Mailer::$_data['to'] = $user->email; Mailer::$_data['body'] = 'This is your password reset link:' . "\n" . $link; return PasswordResets::GENERATED_NEW_RESET_TOKEN; } } } }
/** * Reset password */ public function resetPassword() { $this->_rejectLogged(); $token = $this->request->params['token']; $id = $this->request->params['id']; if (!$token || !$id) { return $this->redirect('li3_usermanager.Session::create'); } if (!($reset = PasswordResets::getResetUser(array('user_id' => $id, 'token' => $token)))) { return $this->redirect('li3_usermanager.Session::create'); } if ($this->request->data) { $reset->user->set(array('password' => $this->request->data['password'], 'confirm_password' => $this->request->data['confirm_password'])); if ($reset->user->save(null, array('events' => array('reset_password')))) { $reset->delete(); return $this->redirect('li3_usermanager.Session::create'); } } return array('user' => $reset->user); }