diff --git a/composer.json b/composer.json
index 84f1c9e..75ad7be 100644
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
{
"name": "fwdekker/death-notifier",
"description": "Get notified when a famous person dies.",
- "version": "0.0.25", "_comment_version": "Also update version in `package.json`!",
+ "version": "0.0.26", "_comment_version": "Also update version in `package.json`!",
"type": "project",
"license": "MIT",
"homepage": "https://git.fwdekker.com/tools/death-notifier",
diff --git a/package.json b/package.json
index cd2818f..2452661 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "death-notifier",
- "version": "0.0.25", "_comment_version": "Also update version in `composer.json`!",
+ "version": "0.0.26", "_comment_version": "Also update version in `composer.json`!",
"description": "Get notified when a famous person dies.",
"author": "Florine W. Dekker",
"browser": "dist/bundle.js",
diff --git a/src/main/api.php b/src/main/api.php
index 22aea1c..3cda932 100644
--- a/src/main/api.php
+++ b/src/main/api.php
@@ -104,10 +104,11 @@ if (isset($_POST["action"])) {
$response =
Validator::validate_inputs($_POST,
[
- "token" => [new IsSetRule()],
+ "token" => [new EqualsRule($_SESSION["token"])],
"email" => [new IsSetRule(), new EmailRule()],
+ "verify_token" => [new IsSetRule()],
])
- ?? $user_manager->verify_email($_POST["email"], $_POST["token"]);
+ ?? $user_manager->verify_email($_POST["email"], $_POST["verify_token"]);
break;
case "resend-verify-email":
$response =
@@ -118,29 +119,29 @@ if (isset($_POST["action"])) {
case "send-password-reset":
$response =
Validator::validate_inputs($_POST,
- [
- "token" => [new EqualsRule($_SESSION["token"])],
- "email" => [new IsSetRule(), new EmailRule()],
- ])
+ [
+ "token" => [new EqualsRule($_SESSION["token"])],
+ "email" => [new IsSetRule(), new EmailRule()],
+ ])
?? $user_manager->send_password_reset($_POST["email"]);
break;
case "reset-password":
$response =
Validator::validate_inputs($_POST,
- [
- "token" => [new EqualsRule($_SESSION["token"])],
- "password" => [
- new IsSetRule(),
- new LengthRule(UserManager::MIN_PASSWORD_LENGTH, UserManager::MAX_PASSWORD_LENGTH)
- ],
- "password_confirm" => [new IsSetRule()],
- ])
+ [
+ "token" => [new EqualsRule($_SESSION["token"])],
+ "password" => [
+ new IsSetRule(),
+ new LengthRule(UserManager::MIN_PASSWORD_LENGTH, UserManager::MAX_PASSWORD_LENGTH)
+ ],
+ "password_confirm" => [new IsSetRule()],
+ ])
?? $user_manager->reset_password(
- $_POST["email"],
- $_POST["reset_token"],
- $_POST["password"],
- $_POST["password_confirm"]
- );
+ $_POST["email"],
+ $_POST["reset_token"],
+ $_POST["password"],
+ $_POST["password_confirm"]
+ );
break;
case "update-password":
$response =
@@ -222,6 +223,15 @@ if (isset($_POST["action"])) {
$_SESSION["token"] = Util::generate_csrf_token($logger) ?? Util::http_exit(500);
}
break;
+ case "validate-password-reset-token":
+ $response = Validator::validate_inputs($_GET,
+ [
+ "token" => [new EqualsRule($_SESSION["token"])],
+ "reset_token" => [new IsSetRule()],
+ "email" => [new IsSetRule(), new EmailRule()]
+ ])
+ ?? $user_manager->validate_password_reset_token($_GET["email"], $_GET["reset_token"]);
+ break;
case "get-user-data":
$response =
Validator::validate_inputs($_SESSION, ["uuid" => [new IsSetRule()]])
diff --git a/src/main/index.html b/src/main/index.html
index 250df18..90e4daf 100644
--- a/src/main/index.html
+++ b/src/main/index.html
@@ -117,8 +117,12 @@
Set a new password for your account.