Authentication
Security
Forms
Last updated
2 years ago.
Go into the Auth\PasswordController and look into the trait "ResetsPassword".
LukeBro said:
Go into the Auth\PasswordController and look into the trait "ResetsPassword".
Thanks for your reply!
You mean this method right?
vendor\laravel\framework\src\Illuminate\Foundation\Auth
/**
* Reset the given user's password.
*
* @param Request $request
* @return Response
*/
public function postReset(Request $request)
{
$this->validate($request, [
'token' => 'required',
'email' => 'required|email',
'password' => 'required|confirmed',
]);
$credentials = $request->only(
'email', 'password', 'password_confirmation', 'token'
);
$response = $this->passwords->reset($credentials, function($user, $password)
{
$user->password = bcrypt($password);
$user->save();
$this->auth->login($user);
});
switch ($response)
{
case PasswordBroker::PASSWORD_RESET:
return redirect($this->redirectPath());
default:
return redirect()->back()
->withInput($request->only('email'))
->withErrors(['email' => trans($response)]);
}
}
I used this method in my UserController with few changes like below.it's working now. Is this the correct way to do it?
public function postReset(Request $request)
{
$this->validate($request, [
'password' => 'required|confirmed',
]);
$credentials = $request->only(
'email', 'password', 'password_confirmation'
);
$user = \Auth::user();
$user->password = bcrypt($credentials['password']);
$user->save();
return redirect('user/'.$user->id);
}
Thanks again!
Last updated
9 years ago.
You would also want to validate the email and password_confirmation like in the trait. You should always sanitize and validate ALL input from requests. But other than that yes, and no problem.
Luke
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast