function UserAuthenticationController::resetPassword

Same name in other branches
  1. 9 core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()
  2. 8.9.x core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()
  3. 11.x core/modules/user/src/Controller/UserAuthenticationController.php \Drupal\user\Controller\UserAuthenticationController::resetPassword()

Resets a user password.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

\Symfony\Component\HttpFoundation\Response The response object.

1 string reference to 'UserAuthenticationController::resetPassword'
user.routing.yml in core/modules/user/user.routing.yml
core/modules/user/user.routing.yml

File

core/modules/user/src/Controller/UserAuthenticationController.php, line 251

Class

UserAuthenticationController
Provides controllers for login, login status and logout via HTTP requests.

Namespace

Drupal\user\Controller

Code

public function resetPassword(Request $request) {
    $format = $this->getRequestFormat($request);
    $content = $request->getContent();
    $credentials = $this->serializer
        ->decode($content, $format);
    // Check if a name or mail is provided.
    if (!isset($credentials['name']) && !isset($credentials['mail'])) {
        throw new BadRequestHttpException('Missing credentials.name or credentials.mail');
    }
    // Load by name if provided.
    $identifier = '';
    if (isset($credentials['name'])) {
        $identifier = $credentials['name'];
        $users = $this->userStorage
            ->loadByProperties([
            'name' => trim($identifier),
        ]);
    }
    elseif (isset($credentials['mail'])) {
        $identifier = $credentials['mail'];
        $users = $this->userStorage
            ->loadByProperties([
            'mail' => trim($identifier),
        ]);
    }
    
    /** @var \Drupal\user\UserInterface $account */
    $account = reset($users);
    if ($account && $account->id()) {
        if ($account->isBlocked()) {
            $this->logger
                ->error('Unable to send password reset email for blocked or not yet activated user %identifier.', [
                '%identifier' => $identifier,
            ]);
            return new Response();
        }
        // Send the password reset email.
        $mail = _user_mail_notify('password_reset', $account);
        if (empty($mail)) {
            throw new BadRequestHttpException('Unable to send email. Contact the site administrator if the problem persists.');
        }
        else {
            $this->logger
                ->info('Password reset instructions mailed to %name at %email.', [
                '%name' => $account->getAccountName(),
                '%email' => $account->getEmail(),
            ]);
            return new Response();
        }
    }
    // Error if no users found with provided name or mail.
    $this->logger
        ->error('Unable to send password reset email for unrecognized username or email address %identifier.', [
        '%identifier' => $identifier,
    ]);
    return new Response();
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.