Can update user password using reset token

RestControllers/accountController.php

@@ -182,20 +182,32 @@ class accountController {
 	 */
 	public function checkResetAccountToken(){
 
-		//Get the token
+		//Get user ID
-		$token = postString("token", 10);
+		$userID = $this->getUserIDFromPasswordResetToken("token");
-		
-		//Validate the tokens
-		$userID = components()->account->getUserIDfromResetToken($token);
-
-		//Check if the user ID is valid
-		if($userID < 1)
-			Rest_fatal_error(401, "Invalid token!");
 		
 		//The token is valid
 		return array("success" => "The token is valid.");
 	}
 
+	/**
+	 * Reset user password using reset token
+	 * 
+	 * @url POST /account/reset_user_passwd 
+	 */
+	public function resetPasswordUsingToken(){
+
+		//Get user ID
+		$userID = $this->getUserIDFromPasswordResetToken("token");
+
+		//Save new password
+		$newPassword = postString("password");
+		if(!components()->account->set_new_user_password($userID, $newPassword))
+			Rest_fatal_error(500, "Could not update user password!");
+
+		//Success
+		return array("success" => "Your password has been updated!");
+	}
+
 	/**
 	 * Create an account
 	 * 
@@ -362,4 +374,26 @@ class accountController {
 		return $userID;
 
 	}
+
+	/**
+	 * Get the ID of a user from a password reset token
+	 * 
+	 * @param string $name The name of the post field containing token
+	 * @return int Associated user ID
+	 */
+	private function getUserIDFromPasswordResetToken(string $name) : int {
+
+		//Get the token
+		$token = postString($name, 10);
+		
+		//Validate the tokens
+		$userID = components()->account->getUserIDfromResetToken($token);
+
+		//Check if the user ID is valid
+		if($userID < 1)
+			Rest_fatal_error(401, "Invalid token!");
+
+		return $userID;
+
+	}
 }