/**
* Check for matching token, and a matching interval period
*
* @return PasswordResetRequest
*/
public static function match($token)
{
$request = PasswordResetRequest::where('nonce', $token)->where('used', false)->first();
if ($request instanceof PasswordResetRequest && $request->isActive()) {
return $request;
} else {
return null;
}
}
public function testPostResetWithInvalidatedTokenYeildsError()
{
$token = '34838383838';
PasswordResetRequest::generate($this->account, $token);
$request = Request::create('/resetpassword.php');
$request->setMethod('POST');
$request->request->set('token', $token);
$password = '******';
$request->request->set('new_password', $password);
$request->request->set('password_confirmation', $password);
$request->request->set('email', $this->account->getActiveEmail());
// Invalidate the token
PasswordResetRequest::where('_account_id', '=', $this->account->id())->update(['used' => true]);
// Now run the controller method to reset!
$controller = new PasswordController();
$response = $controller->postReset($request);
$this->assertTrue(stripos($response->getTargetUrl(), url('Token was invalid')) !== false, 'Url was [' . $response->getTargetUrl() . '] instead of expected not long enough password error url.');
// Password should be changed.
$this->assertFalse($this->checkTestPasswordMatches($password), 'Password should not have been changed on a rejection!');
}
public function testGeneratedResetCanBeFoundByAccount()
{
$req = PasswordResetRequest::generate($this->account);
$req_dup = PasswordResetRequest::where('_account_id', '=', $this->account->id())->first();
$this->assertEquals($req->id(), $req_dup->id());
}
