Same name and namespace in other branches

1. 11.x core/modules/user/src/Controller/UserController.php \Drupal\user\Controller\UserController::validatePathParameters()

Validates hash and timestamp.

Parameters

\Drupal\user\UserInterface $user: User requesting reset.

int $timestamp: The timestamp.

string $hash: Login link hash.

int $timeout: Link expiration timeout.

Return value

bool Whether the provided data are valid.

3 calls to UserController::validatePathParameters()

UserController::confirmCancel in core/modules/user/src/Controller/UserController.php

Confirms cancelling a user account via an email link.

UserController::determineErrorRedirect in core/modules/user/src/Controller/UserController.php

Validates user, hash, and timestamp.

UserController::resetPass in core/modules/user/src/Controller/UserController.php

Redirects to the user password reset form.

File

core/modules/user/src/Controller/UserController.php, line 346

Class

UserController

Controller routines for user routes.

Namespace

Drupal\user\Controller

Code

protected function validatePathParameters(UserInterface $user, int $timestamp, string $hash, int $timeout = 0) : bool {
    $current = \Drupal::time()->getRequestTime();
    $timeout_valid = !empty($timeout) && $current - $timestamp < $timeout || empty($timeout);
    return $timestamp >= $user->getLastLoginTime() && $timestamp <= $current && $timeout_valid && hash_equals($hash, user_pass_rehash($user, $timestamp));
}

---