From 55490582a5f78dc049856d37cdbc5e09d18689fc Mon Sep 17 00:00:00 2001
From: Keshav Kumar <keshav.kumar@axelerant.com>
Date: Thu, 13 Jul 2023 18:56:23 +0530
Subject: [PATCH 1/2] Fix Module breaks core's password reset form

---
 change_pwd_page.module | 39 +++++++++++++++++++++++++++++++--------
 1 file changed, 31 insertions(+), 8 deletions(-)

diff --git a/change_pwd_page.module b/change_pwd_page.module
index 80a1ad9..440d57f 100644
--- a/change_pwd_page.module
+++ b/change_pwd_page.module
@@ -23,6 +23,19 @@ function change_pwd_page_help($route_name, RouteMatchInterface $route_match) {
   }
 }
 
+/**
+ * Implements hook_menu_local_tasks_alter().
+ */
+function change_pwd_page_menu_local_tasks_alter(&$data, $route_name) {
+  if ($route_name == 'entity.user.edit_form') {
+    // Unset tab when user reset the password using One Time Login URL.
+    $password_rest_token = \Drupal::request()->query->get('pass-reset-token');
+    if ($password_rest_token) {
+      unset($data['tabs'][0]['change_pwd_page.change_password_form']);
+    }
+  }
+}
+
 /**
  * Implements hook_module_implements_alter().
  */
@@ -44,14 +57,24 @@ function change_pwd_page_module_implements_alter(&$implementations, $hook) {
  * (user/%/edit).
  */
 function change_pwd_page_form_alter(&$form, &$form_state, $form_id) {
-  if ($form_id == 'user_form') {
-    $url = Url::fromRoute('user.pass');
-    $form['account']['current_pass']['#description'] = t('Required if you want to change the %mail below. <a href=":request_new_url" title="Send password reset instructions via email.">Reset your password</a>.', [
-      '%mail' => $form['account']['mail']['#title'],
-      ':request_new_url' => $url->toString(),
-    ]);
-    // Hide the new password fields.
-    $form['account']['pass']['#access'] = FALSE;
+  if ($form_id === 'user_form') {
+    if (!$form_state->get('user_pass_reset')) {
+      $url = Url::fromRoute('user.pass');
+      $form['account']['current_pass']['#description'] = t('Required if you want to change the %mail below. <a href=":request_new_url" title="Send password reset instructions via email.">Reset your password</a>.', [
+        '%mail' => $form['account']['mail']['#title'],
+        ':request_new_url' => $url->toString(),
+      ]);
+      // Hide the new password fields.
+      $form['account']['pass']['#access'] = FALSE;
+    }
+    else {
+      // This is the password reset form. Hide the mail field.
+      $form['account']['mail']['#access'] = FALSE;
+      if (isset($form['language'])) {
+        // Hide the language field.
+        $form['language']['#access'] = FALSE;
+      }
+    }
 
     // Password Policy module adds a validatation handler
     // We need to remove this if it is present.
-- 
GitLab