src/application/actions/pwreset/get.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

<?php

$token = $_GET["token"] ?? null;
$signature = $_GET["sig"] ?? null;

if ($token !== null && $signature !== null) {
    $resetUser = decodePasswordResetLink($db, $token, $signature);
    if ($resetUser === null) {
        http_response_code(400);
        msg_error(__("The password reset link is either invalid or it expired"), true);
        exit;
    }

    render("new_password.twig");
} else {
    render("password_reset.twig");
}