예제 #1
0
 public function passwordReset(Request $request, $db)
 {
     $token = filter_var($request->getParameter("token"), FILTER_SANITIZE_STRING);
     if (empty($token)) {
         throw new Exception("Reset token must be supplied", 400);
     }
     $password = $request->getParameter("password");
     if (empty($password)) {
         throw new Exception("New password must be supplied", 400);
     }
     // now check the password complies with our rules
     $user_mapper = new UserMapper($db, $request);
     $validity = $user_mapper->checkPasswordValidity($password);
     if (true === $validity) {
         // OK, go ahead
         $success = $user_mapper->resetPassword($token, $password);
         if ($success) {
             header("Content-Length: 0", null, 204);
             exit;
             // no more content
         } else {
             throw new Exception("Password could not be reset", 400);
         }
     } else {
         // the password wasn't acceptable, tell the user why
         throw new Exception(implode(". ", $validity), 400);
     }
 }