public function testResetPasswordConfirmInvalidToken() { $app = $this->getApp(); $this->addDefaultUser($app); $entityName = 'Bolt\\Storage\\Entity\\Users'; $repo = $app['storage']->getRepository($entityName); $logger = $this->getMock('\\Monolog\\Logger', ['error'], ['testlogger']); $logger->expects($this->atLeastOnce())->method('error')->with($this->equalTo('Somebody tried to reset a password with an invalid token.')); $app['logger.system'] = $logger; $shadowToken = $app['randomgenerator']->generateString(32); $userEntity = $repo->getUser('admin'); $userEntity->setShadowpassword('hash-my-password'); $userEntity->setShadowtoken('this should not work'); $userEntity->setShadowvalidity(Carbon::create()->addHours(2)); $repo->save($userEntity); $event = new AccessControlEvent(Request::createFromGlobals()); $password = new Password($app); $result = $password->resetPasswordConfirm($shadowToken, '8.8.8.8', $event); $this->assertFalse($result); }