/** * @Request({"email": "string"}) */ public function requestAction($email) { try { if (App::user()->isAuthenticated()) { return App::redirect(); } if (!App::csrf()->validate()) { throw new Exception(__('Invalid token. Please try again.')); } if (empty($email)) { throw new Exception(__('Enter a valid email address.')); } if (!($user = User::findByEmail($email))) { throw new Exception(__('Unknown email address.')); } if ($user->isBlocked()) { throw new Exception(__('Your account has not been activated or is blocked.')); } $user->activation = App::get('auth.random')->generateString(32); $url = App::url('@user/resetpassword/confirm', ['user' => $user->username, 'key' => $user->activation], 0); try { $mail = App::mailer()->create(); $mail->setTo($user->email)->setSubject(__('Reset password for %site%.', ['%site%' => App::module('system/site')->config('title')]))->setBody(App::view('system/user:mails/reset.php', compact('user', 'url', 'mail')), 'text/html')->send(); } catch (\Exception $e) { throw new Exception(__('Unable to send confirmation link.')); } $user->save(); return ['message' => __('Check your email for the confirmation link.')]; } catch (Exception $e) { App::abort(400, $e->getMessage()); } }