Username: $_{username}
Password: <your new password>
Reset token: $token
+
+The token is valid for 24 hours.
EOF
my $email = Email::Simple->create(
header => [
my $user = db->user($_{username});
return reply 'No such user' unless $user;
my ($token, $exp) = split ':', $_{token};
+ return reply 'Reset token is expired' if time >= $exp;
return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
$user->set_passphrase($_{password});
reply 'Password reset successfully';