/**
* Password reset confirmation action. Finishes the password reset process.
* Users visit this action from a link supplied in an email.
*/
public function confirmResetPassword($messageNoAccess = null)
{
$login = Common::getRequestVar('login', '');
$storage = new Storage($login);
$authCodeValidOrNotRequired = !$storage->isActive();
if (!$authCodeValidOrNotRequired) {
$googleAuth = new PHPGangsta\GoogleAuthenticator();
$form = $this->getAuthCodeForm();
if ($form->getSubmitValue('form_authcode') && $form->validate()) {
$nonce = $form->getSubmitValue('form_nonce');
if (Nonce::verifyNonce('Login.login', $nonce)) {
if ($googleAuth->verifyCode($storage->getSecret(), $form->getSubmitValue('form_authcode'))) {
$authCodeValidOrNotRequired = true;
}
Nonce::discardNonce('Login.login');
$form->getElements()[0]->setError(Piwik::translate('GoogleAuthenticator_AuthCodeInvalid'));
} else {
$messageNoAccess = $this->getMessageExceptionNoAccess();
}
}
if (!$authCodeValidOrNotRequired) {
return $this->renderAuthCode($login, Piwik::translate('General_ChangePassword'), 0, $messageNoAccess);
}
}
return parent::confirmResetPassword();
}