Permalink
Browse files

Clearing the token request date when resetting the password

  • Loading branch information...
1 parent 2a59bb3 commit cb5f09d786b1a73f996e092a196ea3053477dc5b @felds felds committed Jan 31, 2012
Showing with 18 additions and 4 deletions.
  1. +2 −1 Changelog.md
  2. +1 −0 Form/Handler/ResettingFormHandler.php
  3. +1 −1 Model/User.php
  4. +1 −1 Model/UserInterface.php
  5. +1 −1 Propel/UserProxy.php
  6. +12 −0 Tests/Model/UserTest.php
View
@@ -4,6 +4,7 @@ Changelog
### 1.2.0
* Removed the user-level algorithm. Use FOSAdvancedEncoderBundle instead if you need such feature.
+* Fixed resetting password clearing the token but not the token expiration. Github issue #501
### 1.1.0 (2011-12-15)
@@ -23,4 +24,4 @@ Changelog
### 1.0.0 (2011-08-01)
-* Initial release
+* Initial release
@@ -57,6 +57,7 @@ protected function onSuccess(UserInterface $user)
{
$user->setPlainPassword($this->getNewPassword());
$user->setConfirmationToken(null);
+ $user->clearPasswordRequestedAt();
$user->setEnabled(true);
$this->userManager->updateUser($user);
}
View
@@ -635,7 +635,7 @@ public function setConfirmationToken($confirmationToken)
*
* @param \DateTime $date
*/
- public function setPasswordRequestedAt(\DateTime $date)
+ public function setPasswordRequestedAt(\DateTime $date = null)
{
$this->passwordRequestedAt = $date;
}
View
@@ -149,7 +149,7 @@ function setConfirmationToken($confirmationToken);
*
* @param \DateTime $date
*/
- function setPasswordRequestedAt(\DateTime $date);
+ function setPasswordRequestedAt(\DateTime $date = null);
/**
* Checks whether the password reset request has expired.
View
@@ -383,7 +383,7 @@ public function setConfirmationToken($confirmationToken)
*
* @param \DateTime $date
*/
- public function setPasswordRequestedAt(\DateTime $date)
+ public function setPasswordRequestedAt(\DateTime $date = null)
{
$this->user->setPasswordRequestedAt($date);
}
View
@@ -45,6 +45,18 @@ public function testIsPasswordRequestNonExpired()
$this->assertFalse($user->isPasswordRequestNonExpired(5));
}
+ public function testIsPasswordRequestAtCleared()
+ {
+ $user = $this->getUser();
+ $passwordRequestedAt = new \DateTime('-10 seconds');
+
+ $user->setPasswordRequestedAt($passwordRequestedAt);
+ $user->setPasswordRequestedAt(null);
+
+ $this->assertFalse($user->isPasswordRequestNonExpired(15));
+ $this->assertFalse($user->isPasswordRequestNonExpired(5));
+ }
+
public function testTrueHasRole()
{
$user = $this->getUser();

0 comments on commit cb5f09d

Please sign in to comment.