From c483934a13fd28780ad2a4da5c1d41e824eee879 Mon Sep 17 00:00:00 2001
From: Alex <40072887+alexdcrane@users.noreply.github.com>
Date: Thu, 22 Jan 2026 10:42:57 -0700
Subject: [PATCH] Add password reset attempts to user logs (#7710)

* Add password reset attempts to user logs
---
 resources/login.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/resources/login.php b/resources/login.php
index 25994998ae..08a9a3ac0c 100644
--- a/resources/login.php
+++ b/resources/login.php
@@ -154,6 +154,22 @@
 					}
 				}
 
+			//build the user log array
+			$log_array['type'] = 'Password Reset';
+			if (!empty($result)) {
+				$log_array['domain_uuid'] = $result['domain_uuid'];
+				$log_array['username'] 	  = $result['username'];
+				$log_array['user_uuid']   = $result['user_uuid'];
+				$log_array['authorized']  = true;
+			}
+			else {
+				$log_array["domain_uuid"] = $_SESSION["domain_uuid"];
+				$log_array['authorized']  = false;
+			}
+
+			//add the result to the user logs
+			user_logs::add($log_array);
+
 			//always show the email sent message
 			message::add($text['message-reset_link_sent'], 'positive', 2500);
 		}
@@ -229,6 +245,15 @@
 			$database->execute($sql, $parameters);
 			unset($sql, $parameters);
 
+			//build the user log array
+			$log_array['type'] = 'Password Changed';
+			$log_array['domain_uuid'] = $_SESSION['valid_domain'];
+			$log_array['username'] 	  = $_SESSION['valid_username'];
+			$log_array['authorized']  = $_SESSION['valid_reset'];
+
+			//add the result to the user logs
+			user_logs::add($log_array);
+
 			//set the message to password reset completed
 			message::add($text['message-password_reset'], 'positive', 2500);