function UserAuthenticationController::resetPassword

Same name and namespace in other branches
  1. 9 core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()
  2. 8.9.x core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()
  3. 11.x core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()

Resets a user password.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

\Symfony\Component\HttpFoundation\Response The response object.

1 string reference to 'UserAuthenticationController::resetPassword'
user.routing.yml in core/modules/user/user.routing.yml
core/modules/user/user.routing.yml

File

core/modules/user/src/Controller/UserAuthenticationController.php, line 251

Class

UserAuthenticationController
Provides controllers for login, login status and logout via HTTP requests.

Namespace

Drupal\user\Controller

Code

public function resetPassword(Request $request) {
  $format = $this->getRequestFormat($request);
  $content = $request->getContent();
  $credentials = $this->serializer
    ->decode($content, $format);
  // Check if a name or mail is provided.
  if (!isset($credentials['name']) && !isset($credentials['mail'])) {
    throw new BadRequestHttpException('Missing credentials.name or credentials.mail');
  }
  // Load by name if provided.
  $identifier = '';
  if (isset($credentials['name'])) {
    $identifier = $credentials['name'];
    $users = $this->userStorage
      ->loadByProperties([
      'name' => trim($identifier),
    ]);
  }
  elseif (isset($credentials['mail'])) {
    $identifier = $credentials['mail'];
    $users = $this->userStorage
      ->loadByProperties([
      'mail' => trim($identifier),
    ]);
  }
  /** @var \Drupal\user\UserInterface $account */
  $account = reset($users);
  if ($account && $account->id()) {
    if ($account->isBlocked()) {
      $this->logger
        ->error('Unable to send password reset email for blocked or not yet activated user %identifier.', [
        '%identifier' => $identifier,
      ]);
      return new Response();
    }
    // Send the password reset email.
    $mail = _user_mail_notify('password_reset', $account);
    if (empty($mail)) {
      throw new BadRequestHttpException('Unable to send email. Contact the site administrator if the problem persists.');
    }
    else {
      $this->logger
        ->info('Password reset instructions mailed to %name at %email.', [
        '%name' => $account->getAccountName(),
        '%email' => $account->getEmail(),
      ]);
      return new Response();
    }
  }
  // Error if no users found with provided name or mail.
  $this->logger
    ->error('Unable to send password reset email for unrecognized username or email address %identifier.', [
    '%identifier' => $identifier,
  ]);
  return new Response();
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.