. */ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; use Fig\Http\Message\StatusCodeInterface; use Fisharebest\Webtrees\Auth; use Fisharebest\Webtrees\FlashMessages; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Log; use Fisharebest\Webtrees\Services\UserService; use Fisharebest\Webtrees\Tree; use Fisharebest\Webtrees\User; use Fisharebest\Webtrees\Validator; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; /** * Set a new password. */ class PasswordResetAction implements RequestHandlerInterface, StatusCodeInterface { private UserService $user_service; /** * @param UserService $user_service */ public function __construct(UserService $user_service) { $this->user_service = $user_service; } /** * @param ServerRequestInterface $request * * @return ResponseInterface */ public function handle(ServerRequestInterface $request): ResponseInterface { $tree = Validator::attributes($request)->treeOptional(); $token = $request->getAttribute('token'); $user = $this->user_service->findByToken($token); if ($user instanceof User) { $password = Validator::parsedBody($request)->string('password'); $user->setPreference('password-token', ''); $user->setPreference('password-token-expire', ''); $user->setPassword($password); Auth::login($user); Log::addAuthenticationLog('Password reset for user: ' . $user->userName()); $message = I18N::translate('Your password has been updated.'); FlashMessages::addMessage($message, 'success'); return redirect(route(HomePage::class)); } $message1 = I18N::translate('The password reset link has expired.'); $message2 = I18N::translate('Please try again.'); $message = $message1 . '
' . $message2; FlashMessages::addMessage($message, 'danger'); return redirect(route(PasswordRequestPage::class, ['tree' => $tree?->name()])); } }