. */ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; use Fig\Http\Message\StatusCodeInterface; use Fisharebest\Webtrees\Auth; use Fisharebest\Webtrees\FlashMessages; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Log; use Fisharebest\Webtrees\Services\UserService; use Fisharebest\Webtrees\User; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; /** * Set a new password. */ class PasswordResetAction implements RequestHandlerInterface, StatusCodeInterface { /** @var UserService */ private $user_service; /** * PasswordRequestForm constructor. * * @param UserService $user_service */ public function __construct(UserService $user_service) { $this->user_service = $user_service; } /** * @param ServerRequestInterface $request * * @return ResponseInterface */ public function handle(ServerRequestInterface $request): ResponseInterface { $token = $request->getParsedBody()['token'] ?? ''; $user = $this->user_service->findByToken($token); if ($user instanceof User) { $password = $request->getParsedBody()['password'] ?? ''; $user->setPreference('password-token', ''); $user->setPreference('password-token-expire', ''); $user->setPassword($password); Auth::login($user); Log::addAuthenticationLog('Password reset for user: ' . $user->userName()); $message = I18N::translate('Your password has been updated.'); FlashMessages::addMessage($message, 'success'); return redirect(route('user-page')); } $message1 = I18N::translate('The password reset link has expired.'); $message2 = I18N::translate('Please try again.'); $message = $message1 . '
' . $message2; FlashMessages::addMessage($message, 'danger'); return redirect(route(PasswordRequestPage::class)); } }