mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-11-23 13:59:29 +00:00
Password reset token can be now used only once.
This commit is contained in:
parent
d149eadfbe
commit
f011d06e5b
@ -204,6 +204,9 @@ class accountController {
|
||||
if(!components()->account->set_new_user_password($userID, $newPassword))
|
||||
Rest_fatal_error(500, "Could not update user password!");
|
||||
|
||||
//Cancel password reset token of the password
|
||||
components()->account->remove_password_reset_token($userID);
|
||||
|
||||
//Success
|
||||
return array("success" => "Your password has been updated!");
|
||||
}
|
||||
|
@ -310,6 +310,24 @@ class AccountComponent {
|
||||
return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete the password reset token for an account
|
||||
*
|
||||
* @param int $userID Target user ID
|
||||
* @return bool TRUE for a success / FALSE else
|
||||
*/
|
||||
public function remove_password_reset_token(int $userID) : bool {
|
||||
|
||||
//Prepare database update
|
||||
$modifs = array(
|
||||
"password_reset_token" => "",
|
||||
"password_reset_token_time_create" => 84 //Too low value to be valid
|
||||
);
|
||||
|
||||
//Apply update
|
||||
return cs()->db->updateDB(self::USER_TABLE, "ID = ?", $modifs, array($userID));
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate password reset token with user ID
|
||||
*
|
||||
|
Loading…
Reference in New Issue
Block a user