This method will get the new password associated with a reset token and set it
as the specified user's password.
public confirmNewPassword ( string $login, string $resetToken ) | ||
$login | string | The login of the user whose password is being reset. |
$resetToken | string | The generated string token contained in the reset password email. |
/** * Password reset confirmation action. Finishes the password reset process. * Users visit this action from a link supplied in an email. */ public function confirmResetPassword() { $errorMessage = null; $login = Common::getRequestVar('login', ''); $resetToken = Common::getRequestVar('resetToken', ''); try { $this->passwordResetter->confirmNewPassword($login, $resetToken); } catch (Exception $ex) { Log::debug($ex); $errorMessage = $ex->getMessage(); } if (is_null($errorMessage)) { // if success, show login w/ success message // have to do this as super user since redirectToIndex checks if there's a default website ID for // the current user and if not, doesn't redirect to the requested action. TODO: this behavior is wrong. somehow. $self = $this; Access::doAsSuperUser(function () use($self) { $self->redirectToIndex(Piwik::getLoginPluginName(), 'resetPasswordSuccess'); }); return null; } else { // show login page w/ error. this will keep the token in the URL return $this->login($errorMessage); } }
/** * Password reset confirmation action. Finishes the password reset process. * Users visit this action from a link supplied in an email. */ public function confirmResetPassword() { $errorMessage = null; $login = Common::getRequestVar('login', ''); $resetToken = Common::getRequestVar('resetToken', ''); try { $this->passwordResetter->confirmNewPassword($login, $resetToken); } catch (Exception $ex) { Log::debug($ex); $errorMessage = $ex->getMessage(); } if (is_null($errorMessage)) { // if success, show login w/ success message return $this->resetPasswordSuccess(); } else { // show login page w/ error. this will keep the token in the URL return $this->login($errorMessage); } }