[5.2] Separate activation from resetToken

[Arpit-24]

Pull Request for Issue #24269 .

Summary of Changes

Added new column of resetToken to users table. Reset token expires after 3 days The issue originally for 3.9 also existed in 4.0

Testing Instructions

Please refer to the original issue for details.

[Kaustubharas]

I have tested this item :white_check_mark: successfully on 3f1645c20bc2b4961534787f110204ccaeab6e86

Tested this successfully.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.}

[ahghatol]

I have tested this item :white_check_mark: successfully on 3f1645c20b

[euismod2336]

I doubt the change in the template is intentional ;) also, seems like a very convoluted way to determine if the resettoken is > 3 days? wouldn't now - date > (24 * 3600) * 3 be simpler to check? Do I also read it correct that now if you have an activationToken, you can never complete the reset process?

[anibalsanchez]

I have tested this item :white_check_mark: successfully on 3f1645c20bc2b4961534787f110204ccaeab6e86

From #JMAD19 PBF

This PR already has two tests on the same commit ... but the system is counting only one....

I'm retesting it and making it count... it has 3 tests now.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.}

[alikon]

@Arpit-24 can you solve conflict please

[Arpit-24]

@Arpit-24 can you solve conflict please

Made the required changes

[alikon]

you need to add that new field resetToken on installation too

[roland-d]

@Arpit-24 Can you fix the conflicts once more please?

[Quy]

@Arpit-24 Please add new field to \installation\sql\mysql\base.sql and \installation\sql\postgresql\base.sql. Thanks.

[tushar33]

I have tested this item :white_check_mark: successfully on 602056ca1e52b5cb623ca4c5708e1091e0506fb0

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.}

[degobbis]

I have tested this item :white_check_mark: successfully on 602056ca1e52b5cb623ca4c5708e1091e0506fb0

Now the only thing missing is the possibility to set the expiration time for the token to the minute instead of having hardcoded 3 days.

I also think it would be a good practice to delete the reset token after confirmation and forwarding to the password change form, so that it can be used only once.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.}

[richard67]

@Arpit-24 Please add new field to \installation\sql\mysql\base.sql and \installation\sql\postgresql\base.sql. Thanks.

This is still to be done, it seems.

[drmenzelit]

@Arpit-24 can you review the comments on this PR?

[bembelimen]

@Arpit-24 I've updated the branche to 4.1, because I think the idea behind this PR is not bad.

Probabla you could clean up the PR (like using DateTime classes for handling diffs etc) and we give it another go?

[richard67]

The update SQL scripts would need a rename so they have the right version 4.1 and a newer date than the latest one which is already in the 4.1-dev branch, for example rename them from "4.0.0-2021-03-15.sql" to "4.1.0-2022-01-22.sql".

[laoneo]

@Arpit-24 any intention to add the feedback?

[HLeithner]

This pull request has automatically rebased to 4.2-dev.

[joomla-bot]

This pull requests has been automatically converted to the PSR-12 coding standard.

[HLeithner]

This pull request has been automatically rebased to 5.1-dev.

[emedinainnotec]

I have tested this item :white_check_mark: successfully on f1012435da80c86a61bac8f84521f882880e4fab

Tested successfully

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.}