<?php

use Vn\Web;

class RecoverPassword extends Vn\Web\JsonRequest {
	const PARAMS = ['recoverUser'];

	function run($db) {
		$recoverUser = $_REQUEST['recoverUser'];

		$user = $db->getRow(
			'SELECT email, active FROM account.user WHERE name = #',
			[$recoverUser]
		);

		if (!($user['active'] && $user['email']))
			return TRUE;

		$verificationToken = bin2hex(random_bytes(16));
		$db->query(
			'UPDATE account.user SET verificationToken = #
				WHERE name = #',
			[$verificationToken, $recoverUser]
		);

		$service = $this->service;
		$token = $service->createToken($recoverUser);
		$url = $service->getUrl() ."#!form=account/conf&verificationToken=$verificationToken&token=$token";

		$report = new Vn\Web\Report($db, 'recover-password', ['url' => $url]);
		$report->sendMail($user['email']);

		return TRUE;
	}
}