/**
* Allows the user to enter a new password.
*
* @param string $token
* @param array $options
* @return void
*/
public function resetPassword($token = null, $options = [])
{
$options = Hash::merge($this->_defaultConfig['resetPassword'], $options);
if (!empty($this->request->query[$options['queryParam']])) {
$token = $this->request->query[$options['queryParam']];
}
try {
$entity = $this->UserTable->verifyPasswordResetToken($token, $options['tokenOptions']);
} catch (RecordNotFoundException $e) {
if (empty($this->_config['resetPassword']['invalidErrorMessage'])) {
$this->_config['resetPassword']['invalidErrorMessage'] = $e->getMessage();
}
$this->handleFlashAndRedirect('invalidError', $options);
$entity = $this->UserTable->newEntity();
}
if (isset($entity->token_is_expired) && $entity->token_is_expired === true) {
if (empty($this->_config['resetPassword']['invalidErrorMessage'])) {
$this->_config['resetPassword']['invalidErrorMessage'] = $e->getMessage();
}
$this->handleFlashAndRedirect('expiredError', $options);
}
if ($this->request->is('post')) {
$entity = $this->UserTable->patchEntity($entity, $this->request->data);
if ($this->UserTable->resetPassword($entity)) {
$this->handleFlashAndRedirect('success', $options);
} else {
$this->handleFlashAndRedirect('error', $options);
}
} else {
$entity = $this->UserTable->newEntity();
}
$this->_controller->set('entity', $entity);
}