CODEWITHSUNDEEP
phplaravelpasswordslaravel-5.3
nameless
nameless

Reputation: 1521

Laravel 5.3 Change Password

I'm building a Laravel 5.3 app and using the basic auth of laravel (artisan make:auth). Now, the "Forgot Password" functionality works fine, so if a user can't login because he doesn't know his password, he can get a mail to reset it. But now I want that logged in users can change their password as well. I found that, but this doesn't really help me. I also know that there's a ResetsPasswords trait but how do I use it? And is there already a view as well I can use?

Can somebody help me here?

Upvotes: 2

Views: 1875

Answers (2)

Dan Streeter
Dan Streeter

Reputation: 2381

If you want to keep your AppServiceProvider.php file clean of closures (for whatever reason; personally I like these small files neat and tidy) you can add perform the following two things:

1) Add the following to the boot() method of the AppServiceProvider.php 

Validator::extend('current_password_match', 'App\Validators\PasswordMatch@check');

2) Add a new file 'app/Validators/PasswordMatch.php' in line with the closure mentioned above. 

<?php

namespace App\Validators;
use Hash;
use Auth;

class PasswordMatch
{
    public function check($attribute, $value, $parameters, $validator){

        return Hash::check($value, Auth::user()->password);

    }

}

You can then also add the validation rule messages to your extended FormRequest class messages() method like: 

'current_password_match' => 'Current password is incorrect',

Upvotes: 0

user6612690
user6612690

Reputation:

You don't actually need to use the default password controller to achieve this, you can write your own function to get the same result, for example:

public function postUpdatePassword() {

        $user = Auth::user();

        $password = $this->request->only([
            'current_password', 'new_password', 'new_password_confirmation'
        ]);

        $validator = Validator::make($password, [
            'current_password' => 'required|current_password_match',
            'new_password'     => 'required|min:6|confirmed',
        ]);

        if ( $validator->fails() )
            return back()
                ->withErrors($validator)
                ->withInput();


        $updated = $user->update([ 'password' => bcrypt($password['new_password']) ]);

        if($updated)
            return back()->with('success', 1);

        return back()->with('success', 0);
    }

As you can see I registered a new custom validation rule to check if the new passowrd match the old one, to register the rule just go to "app/Providers/AppServiceProvider.php" and add to the boot function the next lines:

Validator::extend('current_password_match', function($attribute, $value, $parameters, $validator) {
            return Hash::check($value, Auth::user()->password);
        });

Now the validation rule works but you won't get the error message, to add an error message to the new rule you just created you will have to modify these lines in "resources/lang/en/validation.php":

'custom' => [
        'current_password' => [
            'current_password_match' => 'Current password is incorrect.',
        ],
    ],

That's it, now you can use this function to change your the current user password :)

Upvotes: 4

Related Questions