'How can i update or reset my password without entering email field in laravel-8?
i have some users in my usertable ,when ever i sent to reset token to my mail based on that mail i am updating my user account password(reset-password)that's working fine but when i want to update my password i need to pass these fields (password,password_confirmation,resetToken,email)[How i am passing]1.what i need is when ever i want to update/reset my password it should get updated without passing email. how can i acheive this thing(without email i want to update), please help me
ChangePasswordController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests\UpdatePasswordRequest;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\DB;
use App\Models\User;
class ChangePasswordController extends Controller
{
public function passwordResetProcess(UpdatePasswordRequest $request){
return $this->updatePasswordRow($request)->count() > 0 ? $this->resetPassword($request) : $this->tokenNotFoundError();
}
// Verify if token is valid
private function updatePasswordRow($request){
return DB::table('password_resets')->where([
'email' => $request->email,
'token' => $request->resetToken
]);
}
// Token not found response
private function tokenNotFoundError() {
return response()->json([
'error' => 'Either your email or token is wrong.'
],Response::HTTP_UNPROCESSABLE_ENTITY);
}
// Reset password
private function resetPassword($request) {
// find email
$userData = User::whereEmail($request->email)->first();
// update password
$userData->update([
'password'=>bcrypt($request->password)
]);
// remove verification data from db
$this->updatePasswordRow($request)->delete();
// reset password response
return response()->json([
'data'=>'Password has been updated.'
],Response::HTTP_CREATED);
}
}
UpdatePasswordRequest.php
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class UpdatePasswordRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'email'=>'required|email',
'password'=>'required|confirmed|required|regex:/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{6,}$/'
];
}
}
password reset table(Migration table)
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreatePasswordResetsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('password_resets', function (Blueprint $table) {
$table->string('email')->index();
$table->string('token');
$table->timestamp('created_at')->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('password_resets');
}
}
Solution 1:[1]
I will recommend my solution for your case. Firstly you should override existing reset link generation method like below;
add below code inside AuthServiceProvider.php inside boot method.
ResetPassword::createUrlUsing(function ($user, string $token) {
return env('APP_URL').'/reset-password/'.$token.'?email='.$user->email;
});
Now you can grap user email easily from reset url. --request('email')
Put that inside reset-password form;
<input type="hidden" name="email" value="{{ $email }}" />
It's done. Now your users can reset their password without entering email.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Tuncay Elvanağaç |