hedera-web/rest/core/recover-password.php

37 lines
829 B
PHP

<?php
use Vn\Web;
class RecoverPassword extends Vn\Web\JsonRequest {
const PARAMS = ['recoverUser'];
function run($db) {
$recoverUser = $_REQUEST['recoverUser'];
$user = $db->getRow(
'SELECT email, active FROM account.user WHERE name = #',
[$recoverUser]
);
if (!($user['active'] && $user['email']))
return TRUE;
$verificationToken = bin2hex(random_bytes(16));
$db->query(
'UPDATE account.user SET verificationToken = #
WHERE name = #',
[$verificationToken, $recoverUser]
);
$service = $this->service;
$token = $service->createToken($recoverUser);
$url = $service->getUrl() ."#!form=account/conf&verificationToken=$verificationToken&token=$token";
$report = new Vn\Web\Report($db, 'recover-password', ['url' => $url]);
$report->sendMail($user['email']);
return TRUE;
}
}