From 22af9a3bcdc636b909a712a27424e1cfa822033c Mon Sep 17 00:00:00 2001
From: IrinaZhadzinets <iryna.zhadzinets@scandiweb.com>
Date: Mon, 25 Jul 2022 15:15:37 +0300
Subject: [PATCH] scandipwa/scandipwa#1623 - Validate reset password token

---
 src/Model/Resolver/ResetPassword.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/Model/Resolver/ResetPassword.php b/src/Model/Resolver/ResetPassword.php
index d84f554..3bb12b5 100644
--- a/src/Model/Resolver/ResetPassword.php
+++ b/src/Model/Resolver/ResetPassword.php
@@ -87,6 +87,12 @@ public function resolve(
             throw new GraphQlInputException(__('No customer found'));
         }
 
+        try {
+            $this->accountManagement->validateResetPasswordLinkToken((int)$customerId, $resetPasswordToken);
+        } catch (\Exception $exception) {
+            throw new GraphQlInputException(__($exception->getMessage()));
+        }
+
         if ($password !== $passwordConfirmation) {
             return [
                 'token' => $resetPasswordToken,