Reset password #2652
Description
Hi
looking at the code of sendEmailAction() method, in ResettingController.php, it looks like there are no messages handled when the user enters a wrong "username" or "email".
The line
<?php if (null !== $user && !$user->isPasswordRequestNonExpired($ttl)) ?>
with no "else" indicates that nothing makes the difference between these 2 errors:
- user not found
- password request has no expired, and the user has to wait until $ttl is available again.
Is that correct ?
I have ideas to do it myself but I just wanted to be sure that FOSUserBundle does not cover these features.
Thanks.