I’m attempting to add a basic password reset to my site. I’m probably missing something simple, but I can’t seem to get the password to update. The code to update the password:
$newpass = get('newpassword');
error_log(print_r($newpass, true));
//This prints the expected string.
$pass_hash = password::hash($newpass);
error_log(print_r($pass_hash, true));
//This prints a hash as expected.
$user->update(array(
'password' => $pass_hash
));
After running this, my user’s account file shows a modification. However, the password hash that appears in the file doesn’t match the error_log. Is that expected? Is the password re-hashed before it is added to the text file?
In any event, my new password doesn’t work. Am I oversimplifying the password update process? I’ve tried reading through the relevant core and the panel code, but I can’t figure out what I might be missing. Any insight? TIA.
Well, I’m not now. I thought I had to mimic the code in core but I now understand that I should leave that up to Kirby. I’m just updating the user array with the chosen password. (I’m not sure if this is what you mean, but I’m not emailing the passwords at all. This is just for a user reset form on the site.)