N°8545 - Standardize return message from password reset (#812)

steffunky · Copilot · web-flow · commit 9fd0ffd84ee6 · 2026-02-19T16:12:34.000+01:00
* N°8545 - Standardize return message from password reset

* N°8545 - Change log severity depending on the error source

* Add copyrights

* Update application/loginwebpage.class.inc.php

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

* Update application/loginwebpage.class.inc.php

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

* Avoid using dictionary entries in logs

* Update application/loginwebpage.class.inc.php

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

---------

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;
diff --git a/application/exceptions/ForgotPasswordApplicationException.php b/application/exceptions/ForgotPasswordApplicationException.php
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordApplicationException extends Exception
+{
+}
diff --git a/application/exceptions/ForgotPasswordUserInputException.php b/application/exceptions/ForgotPasswordUserInputException.php
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordUserInputException extends Exception
+{
+}
diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php
@@ -221,16 +221,16 @@ protected function ForgotPwdGo()
 
 			if ($oUser != null) {
 				if (!MetaModel::IsValidAttCode(get_class($oUser), 'reset_pwd_token')) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NotPossible'));
-				}
-				if (!$oUser->CanChangePassword()) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-FixedPwd'));
-				}
+                    throw new ForgotPasswordUserInputException('External accounts do not allow password reset');
+                }
+                if (!$oUser->CanChangePassword()) {
+                    throw new ForgotPasswordUserInputException('The account does not allow password reset');
+                }
 
-				$sTo = $oUser->GetResetPasswordEmail(); // throws Exceptions if not allowed
-				if ($sTo == '') {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NoEmail'));
-				}
+                $sTo = $oUser->GetResetPasswordEmail(); // throws Exceptions if not allowed
+                if ($sTo == '') {
+                    throw new ForgotPasswordUserInputException('Missing email address for this account');
+                }
 
 				// This token allows the user to change the password without knowing the previous one
 				$sToken = bin2hex(random_bytes(32));
@@ -255,17 +255,21 @@ protected function ForgotPwdGo()
 
 					case EMAIL_SEND_ERROR:
 					default:
-						IssueLog::Error('Failed to send the email with the NEW password for '.$oUser->Get('friendlyname').': '.implode(', ', $aIssues));
-						throw new Exception(Dict::S('UI:ResetPwd-Error-Send'));
+                    throw new ForgotPasswordApplicationException('Failed to send the password reset email for ' . $oUser->Get('friendlyname') . ': ' . implode(', ', $aIssues));
 				}
 			}
 
-			$oTwigContext = new LoginTwigRenderer();
-			$aVars = $oTwigContext->GetDefaultVars();
-			$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
-		} catch (Exception $e) {
-			$this->DisplayForgotPwdForm(true, $e->getMessage());
+        } catch (ForgotPasswordApplicationException $e) {
+            IssueLog::Error('Failed to process the forgot password request for user "' . $sAuthUser . '" [reason=' . get_class($e) . ']: ' . $e->getMessage());
+        } catch (ForgotPasswordUserInputException $e) {
+            IssueLog::Info('Failed to process the forgot password request for user "' . $sAuthUser . '" [reason=' . get_class($e) . ']: ' . $e->getMessage());
+        } catch (\Throwable $e) {
+            IssueLog::Error('Unexpected error while processing the forgot password request for user "' . $sAuthUser . '": ' . $e->getMessage());
 		}
+
+		$oTwigContext = new LoginTwigRenderer();
+		$aVars = $oTwigContext->GetDefaultVars();
+		$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
 	}
 
 	public function DisplayResetPwdForm($sErrorMessage = null)
diff --git a/lib/composer/autoload_classmap.php b/lib/composer/autoload_classmap.php
@@ -744,6 +744,8 @@
     'Firebase\\JWT\\JWTExceptionWithPayloadInterface' => $vendorDir . '/firebase/php-jwt/src/JWTExceptionWithPayloadInterface.php',
     'Firebase\\JWT\\Key' => $vendorDir . '/firebase/php-jwt/src/Key.php',
     'Firebase\\JWT\\SignatureInvalidException' => $vendorDir . '/firebase/php-jwt/src/SignatureInvalidException.php',
+    'ForgotPasswordApplicationException' => $baseDir . '/application/exceptions/ForgotPasswordApplicationException.php',
+    'ForgotPasswordUserInputException' => $baseDir . '/application/exceptions/ForgotPasswordUserInputException.php',
     'FunctionExpression' => $baseDir . '/core/oql/expression.class.inc.php',
     'FunctionOqlExpression' => $baseDir . '/core/oql/oqlquery.class.inc.php',
     'GraphEdge' => $baseDir . '/core/simplegraph.class.inc.php',
diff --git a/lib/composer/autoload_static.php b/lib/composer/autoload_static.php
@@ -127,6 +127,10 @@ class ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f
         array (
             0 => __DIR__ . '/..' . '/symfony/polyfill-php83',
         ),
+        'Symfony\\Polyfill\\Php80\\' =>
+        array (
+            0 => __DIR__ . '/..' . '/symfony/polyfill-php80',
+        ),
         'Symfony\\Polyfill\\Mbstring\\' =>
         array (
             0 => __DIR__ . '/..' . '/symfony/polyfill-mbstring',
@@ -1103,6 +1107,8 @@ class ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f
         'Firebase\\JWT\\JWTExceptionWithPayloadInterface' => __DIR__ . '/..' . '/firebase/php-jwt/src/JWTExceptionWithPayloadInterface.php',
         'Firebase\\JWT\\Key' => __DIR__ . '/..' . '/firebase/php-jwt/src/Key.php',
         'Firebase\\JWT\\SignatureInvalidException' => __DIR__ . '/..' . '/firebase/php-jwt/src/SignatureInvalidException.php',
+        'ForgotPasswordApplicationException' => __DIR__ . '/../..' . '/application/exceptions/ForgotPasswordApplicationException.php',
+        'ForgotPasswordUserInputException' => __DIR__ . '/../..' . '/application/exceptions/ForgotPasswordUserInputException.php',
         'FunctionExpression' => __DIR__ . '/../..' . '/core/oql/expression.class.inc.php',
         'FunctionOqlExpression' => __DIR__ . '/../..' . '/core/oql/oqlquery.class.inc.php',
         'GraphEdge' => __DIR__ . '/../..' . '/core/simplegraph.class.inc.php',
@@ -3542,7 +3548,7 @@ class ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f
         'privUITransactionFile' => __DIR__ . '/../..' . '/application/transaction.class.inc.php',
         'privUITransactionSession' => __DIR__ . '/../..' . '/application/transaction.class.inc.php',
         'utils' => __DIR__ . '/../..' . '/application/utils.inc.php',
-        '�' => __DIR__ . '/..' . '/symfony/cache/Traits/ValueWrapper.php',
+        '©' => __DIR__ . '/..' . '/symfony/cache/Traits/ValueWrapper.php',
     );
 
     public static function getInitializer(ClassLoader $loader)
