Reputation: 13162
How can I validate current password in the laravel 5.6
I try like this :
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class ChangePasswordRequest extends FormRequest
{
...
public function rules()
{
return [
'old_password' => 'required|confirmed',
'password' => 'required|min:6',
'password_confirmation' => 'required|min:6|same:password'
];
}
}
I have entered the old password correctly, but there is still a message :
The old password confirmation does not match.
How can I solve this problem?
Upvotes: 2
Views: 5434
Answers (4)
Reputation: 31
(Laravel v7.x) You are looking for rule called 'password':
...
'old_password' => 'password',
...
As well you could specify an authentication guard using the rule's first parameter like this:
...
'old_password' => 'password|web',
...
Here is docs: https://laravel.com/docs/7.x/validation#rule-password
Upvotes: 2
Reputation: 10061
According to the documentation:
Hash::check() function which allows you to check whether the old password entered by a user is correct or not.
if (Hash::check("parameter1", "parameter2")) {
//add logic here
}
parameter1 - user password that has been entered on the form
parameter2 - old password hash stored in a database
It will return true if the old password has been entered correctly and you can add your logic accordingly
new_password and new_confirm_password to be same, you can add your validation in form request like this:
'new_password' => 'required',
'new_confirm_password' => 'required|same:new_password'
Upvotes: 1
Reputation: 1482
what you can do is to make a rule. the following will probably solve your problem.
CurrentPassword.php
<?php
namespace App\Rules;
use Illuminate\Contracts\Validation\Rule;
use Illuminate\Support\Facades\Hash;
class CurrentPassword implements Rule
{
/**
* Determine if the validation rule passes.
*
* @param string $attribute
* @param mixed $value
* @return bool
*/
public function passes($attribute, $value)
{
return Hash::check($value,auth()->user()->password);
}
/**
* Get the validation error message.
*
* @return string
*/
public function message()
{
return 'Current password is incorrect';
}
}
and in your controller, you can make something like this:
$this->validate($request,[
'password_current'=>['required',new CurrentPassword()],
'password'=>'required|string|min:6|confirmed',
]);
$request->user()->update([
'password'=>bcrypt($request->password)
]);
Upvotes: 3
Reputation: 9942
The "confirmed" rule doesn't do what you expect it here to do.
If you set confirmed rule on a field old_password it will look for form input old_password_confirmation and check that its value is equal to the value of old_password. It's basically an inverse of same:field with predefined expected name (it will add _confirmation to the original name).
In your case you would use it like this and it will perform same function as your current password_confirmation => same:password rule:
public function rules()
{
return [
'old_password' => 'required',
'password' => 'required|min:6|confirmed',
];
}
For what you want to achieve you could either create your own validation rule or (in my opinion better) check whether the entered password is correct in the controller.
Upvotes: 0
Related Questions
- How to validate current, new, and new password confirmation in Laravel 5?
- Laravel update password only if it is set
- How to check validation for old password in laravel
- Check if password input matches stored password, using Laravel 5.1
- How to test validation of current password in Laravel 5.8
- laravel 5,update User password
- Form post if password input is current password in Laravel 5.2
- How to validate passwords with Laravel 5.1
- Validate/Authorize Current Password In Laravel 5.1
- Laravel 5 - validator for current user password