Upon submission of the password reset form by a user, the back-end code will need to be able to handle the transaction and successfully reset a user's password as per #2. See design specification in UC4.
Keep in mind that this will require generating a new salt for the user's password and rehashing it. This transaction handling should also delete the one-time-use token that allowed the user's password reset in the first place, if it wasn't already deleted when the link was navigated to.
Deliverable: PHP code to handle password reset transaction committed to GitHub.
Upon submission of the password reset form by a user, the back-end code will need to be able to handle the transaction and successfully reset a user's password as per #2. See design specification in UC4.
Keep in mind that this will require generating a new salt for the user's password and rehashing it. This transaction handling should also delete the one-time-use token that allowed the user's password reset in the first place, if it wasn't already deleted when the link was navigated to.
Deliverable: PHP code to handle password reset transaction committed to GitHub.