Реализована форма восстановления пароля от аккаунта

Логика проверки пароля вынесена в отдельный валидатор
В composer.json докинута зависимость от php7

tests/codeception/api/_pages/AuthenticationRoute.php

@@ -23,4 +23,13 @@ class AuthenticationRoute extends BasePage {
         ]);
     }
 
+    public function recoverPassword($key = null, $newPassword = null, $newRePassword = null) {
+        $this->route = ['authentication/recover-password'];
+        $this->actor->sendPOST($this->getUrl(), [
+            'key' => $key,
+            'newPassword' => $newPassword,
+            'newRePassword' => $newRePassword,
+        ]);
+    }
+
 }

tests/codeception/api/functional/RecoverPasswordCest.php

@@ -0,0 +1,36 @@
+<?php
+namespace codeception\api\functional;
+
+use tests\codeception\api\_pages\AccountsRoute;
+use tests\codeception\api\_pages\AuthenticationRoute;
+use tests\codeception\api\FunctionalTester;
+
+class RecoverPasswordCest {
+
+    public function testDataForFrequencyError(FunctionalTester $I) {
+        $authRoute = new AuthenticationRoute($I);
+
+        $I->wantTo('change my account password, using key from email');
+        $authRoute->recoverPassword('H24HBDCHHAG2HGHGHS', '12345678', '12345678');
+        $I->canSeeResponseContainsJson([
+            'success' => true,
+        ]);
+        $I->canSeeResponseJsonMatchesJsonPath('$.jwt');
+
+        $I->wantTo('ensure, that jwt token is valid');
+        $jwt = $I->grabDataFromResponseByJsonPath('$.jwt')[0];
+        $I->amBearerAuthenticated($jwt);
+        $accountRoute = new AccountsRoute($I);
+        $accountRoute->current();
+        $I->canSeeResponseCodeIs(200);
+        $I->canSeeResponseIsJson();
+        $I->notLoggedIn();
+
+        $I->wantTo('check, that password is really changed');
+        $authRoute->login('Notch', '12345678');
+        $I->canSeeResponseContainsJson([
+            'success' => true,
+        ]);
+    }
+
+}

tests/codeception/api/unit/models/RecoverPasswordFormTest.php

@@ -0,0 +1,44 @@
+<?php
+namespace tests\codeception\api\models;
+
+use api\models\RecoverPasswordForm;
+use Codeception\Specify;
+use common\models\Account;
+use common\models\EmailActivation;
+use tests\codeception\api\unit\DbTestCase;
+use tests\codeception\common\fixtures\EmailActivationFixture;
+use Yii;
+
+/**
+ * @property array $emailActivations
+ */
+class RecoverPasswordFormTest extends DbTestCase {
+    use Specify;
+
+    public function fixtures() {
+        return [
+            'emailActivations' => [
+                'class' => EmailActivationFixture::class,
+                'dataFile' => '@tests/codeception/common/fixtures/data/email-activations.php',
+            ],
+        ];
+    }
+
+    public function testRecoverPassword() {
+        $fixture = $this->emailActivations['freshPasswordRecovery'];
+        $this->specify('change user account password by email confirmation key', function() use ($fixture) {
+            $model = new RecoverPasswordForm([
+                'key' => $fixture['key'],
+                'newPassword' => '12345678',
+                'newRePassword' => '12345678',
+            ]);
+            expect($model->recoverPassword())->notEquals(false);
+            $activationExists = EmailActivation::find()->andWhere(['key' => $fixture['key']])->exists();
+            expect($activationExists)->false();
+            /** @var Account $account */
+            $account = Account::findOne($fixture['account_id']);
+            expect($account->validatePassword('12345678'))->true();
+        });
+    }
+
+}