diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-09-10 20:06:50 +0300 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-09-10 20:06:50 +0300 |
| commit | 6857136f06190acad26a4dfc541c9c688aa75014 (patch) | |
| tree | a6eef94a3dababa542bd055d16ea2e5d924f2fce /core | |
| parent | 43fcd28ea05824b4a69d676ca8934812555f3705 (diff) | |
fixes missing prefix to validate password reset token
- also fixes the test which missed asserting the presence of it
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/LostController.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index cee3837ac5a..a8c459a32e1 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -172,7 +172,8 @@ class LostController extends Controller { */ protected function checkPasswordResetToken(string $token, string $userId): void { try { - $this->verificationToken->check($token, $this->userManager->get($userId), 'lostpassword', '', true); + $user = $this->userManager->get($userId); + $this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true); } catch (InvalidTokenException $e) { $error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED ? $this->l10n->t('Could not reset password because the token is expired') |