/** * The first step in the forgot password sequence. * * @param string $email email address * @param string $ip ip address making the request * @param string $userAgent user agent used to make the request * * @throws AuthException when the step cannot be completed. * * @return bool */ public function step1($email, $ip, $userAgent) { $email = trim(strtolower($email)); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { throw new AuthException('Please enter a valid email address.'); } $userClass = $this->auth->getUserClass(); $user = $userClass::where('email', $email)->first(); if (!$user || $user->isTemporary()) { throw new AuthException('We could not find a match for that email address.'); } // can only issue a single active forgot token at a time $expiration = U::unixToDb(time() - UserLink::$forgotLinkTimeframe); $nExisting = UserLink::totalRecords(['user_id' => $user->id(), 'type' => UserLink::FORGOT_PASSWORD, 'created_at > "' . $expiration . '"']); if ($nExisting > 0) { return true; } // generate a reset password link $link = $this->buildLink($user->id(), $ip, $userAgent); // and send it return $user->sendEmail('forgot-password', ['ip' => $ip, 'forgot' => $link->link]); }
public function isVerified($withinTimeWindow = true) { $timeWindow = $withinTimeWindow ? time() - UserLink::$verifyTimeWindow : time(); return UserLink::totalRecords(['user_id' => $this->id(), 'type' => UserLink::VERIFY_EMAIL, 'created_at <= "' . U::unixToDb($timeWindow) . '"']) == 0; }