PasswordResetter
in package
implements
IPasswordResetter
Password reset service.
Handles password reset token generation, validation, and password updates.
Table of Contents
Interfaces
- IPasswordResetter
- Password reset service interface
Properties
- $_basePath : string
- $_passwordHasher : PasswordHasher
- $_random : IRandom
- $_resetUrl : string
- $_settings : SettingManager
- $_tokenExpirationMinutes : int
- $_tokenRepository : IPasswordResetTokenRepository
- $_userRepository : IUserRepository
Methods
- __construct() : mixed
- Constructor
- cleanupExpiredTokens() : int
- Clean up expired tokens
- requestReset() : bool
- Request a password reset for a user
- resetPassword() : bool
- Reset password using a valid token
- setTokenExpirationMinutes() : self
- Set token expiration time in minutes
- validateToken() : PasswordResetToken|null
- Validate a reset token
- sendResetEmail() : void
- Send password reset email
Properties
$_basePath
private
string
$_basePath
$_passwordHasher
private
PasswordHasher
$_passwordHasher
$_random
private
IRandom
$_random
$_resetUrl
private
string
$_resetUrl
$_settings
private
SettingManager
$_settings
$_tokenExpirationMinutes
private
int
$_tokenExpirationMinutes
= 60
$_tokenRepository
private
IPasswordResetTokenRepository
$_tokenRepository
$_userRepository
private
IUserRepository
$_userRepository
Methods
__construct()
Constructor
public
__construct(IPasswordResetTokenRepository $tokenRepository, IUserRepository $userRepository, PasswordHasher $passwordHasher, SettingManager $settings, string $basePath, string $resetUrl[, IRandom|null $random = null ]) : mixed
Parameters
- $tokenRepository : IPasswordResetTokenRepository
-
Token repository
- $userRepository : IUserRepository
-
User repository
- $passwordHasher : PasswordHasher
-
Password hasher
- $settings : SettingManager
-
Settings manager with email configuration
- $basePath : string
-
Base path for template loading
- $resetUrl : string
-
Base URL for password reset (token will be appended)
- $random : IRandom|null = null
-
Random generator (defaults to cryptographically secure)
cleanupExpiredTokens()
Clean up expired tokens
public
cleanupExpiredTokens() : int
Return values
int —Number of tokens deleted
requestReset()
Request a password reset for a user
public
requestReset(string $email) : bool
Generates a secure token, stores it, and sends an email to the user.
Parameters
- $email : string
-
User's email address
Tags
Return values
bool —True if reset email was sent, false if user not found
resetPassword()
Reset password using a valid token
public
resetPassword(string $plainToken, string $newPassword) : bool
Parameters
- $plainToken : string
-
Plain text token from URL
- $newPassword : string
-
New password to set
Tags
Return values
bool —True if password was reset, false if token invalid or expired
setTokenExpirationMinutes()
Set token expiration time in minutes
public
setTokenExpirationMinutes(int $minutes) : self
Parameters
- $minutes : int
-
Expiration time in minutes
Return values
selfvalidateToken()
Validate a reset token
public
validateToken(string $plainToken) : PasswordResetToken|null
Parameters
- $plainToken : string
-
Plain text token from URL
Return values
PasswordResetToken|null —Token if valid and not expired, null otherwise
sendResetEmail()
Send password reset email
private
sendResetEmail(string $email, string $plainToken) : void
Parameters
- $email : string
-
Recipient email
- $plainToken : string
-
Plain text token to include in URL