TYPO3 Core

Current there is no possibility to validate new Passwords from "forgot Passwort" with a Hook.
I would like to add a validation Hook to check the Password with my own validator Hook.
This is possible with only a small change within the "password_changed"-Hook:
-Add a "hookPasswordValid" variable
-When "hookPasswordValid" is not valid -> don`t change the password and do the exisiting "not done" way.
The Patch is included.

...

// Hash password using configured salted passwords hash mechanism for FE
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('FE');
$newPass = $hashInstance->getHashedPassword($postData['password1']);

// Call a hook for further password processing
if ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed']) {
    $_params = [
        'user' => $user,
        'newPassword' => $newPass,
        'newPasswordUnencrypted' => $postData['password1'],
        'passwordValid' => TRUE
    ];
    foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed'] as $_funcRef) {
        if ($_funcRef) {
            GeneralUtility::callUserFunction($_funcRef, $_params, $this);
        }
    }
    $newPass = $_params['newPassword'];
    $hookPasswordValid = $_params['passwordValid'];
}
else {
    $hookPasswordValid = TRUE;
}

// Change Password only if Hook returns valid
if ($hookPasswordValid) {
    // Save new password and clear DB-hash

...