Skip to content

Commit

Permalink
PasswordChange should reset any pending password reset requests (#1409)
Browse files Browse the repository at this point in the history
  • Loading branch information
glaubinix authored Jan 8, 2024
1 parent 9e34e90 commit 175cebe
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 2 deletions.
1 change: 1 addition & 0 deletions src/Controller/ChangePasswordController.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ public function changePasswordAction(Request $request, UserPasswordHasherInterfa
$form->handleRequest($request);

if ($form->isSubmitted() && $form->isValid()) {
$user->resetPasswordRequest();
$user->setPassword(
$passwordHasher->hashPassword(
$user,
Expand Down
3 changes: 1 addition & 2 deletions src/Controller/ResetPasswordController.php
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,7 @@ public function reset(Request $request, UserPasswordHasherInterface $passwordHas
$form->handleRequest($request);

if ($form->isSubmitted() && $form->isValid()) {
$user->setPasswordRequestedAt(null);
$user->clearConfirmationToken();
$user->resetPasswordRequest();
if (!$user->hasRole('ROLE_SPAMMER')) {
$user->setEnabled(true);
}
Expand Down
6 changes: 6 additions & 0 deletions src/Entity/User.php
Original file line number Diff line number Diff line change
Expand Up @@ -454,6 +454,12 @@ public function setPasswordRequestedAt(DateTimeInterface|null $date = null): voi
$this->passwordRequestedAt = $date;
}

public function resetPasswordRequest(): void
{
$this->setPasswordRequestedAt(null);
$this->clearConfirmationToken();
}

/**
* Gets the timestamp that the user requested a password reset.
*/
Expand Down

0 comments on commit 175cebe

Please sign in to comment.