<?php

$token = $_GET["token"] ?? null;
$signature = $_GET["sig"] ?? null;

if ($token !== null && $signature !== null) {
    $resetUser = decodePasswordResetLink($db, $token, $signature);
    if ($resetUser === null) {
        http_response_code(400);
        msg_error(__("The password reset link is either invalid or it expired"), true);
        exit;
    }

    render("new_password.twig");
} else {
    render("password_reset.twig");
}