CODEWITHSUNDEEP
phplaravel
Dronax
Dronax

Reputation: 289

Disable password reset from Laravel

How I can disable password reset? I need prevent resetting passwords on login page. How I can do it?

I tried do:

Auth::routes(['register' => false, 'password.request' => false, 'password.reset' => false]);

But not working. Password reset is working.

Upvotes: 6

Views: 11868

Answers (3)

Brice Habets
Brice Habets

Reputation: 11

Because I can not add a comment yet, I'd like to add to Omid Reza Heidari's comment. Using

Route::post('password/reset', 'Auth\ResetPasswordController@reset');

without ->name('password.update') will results in error "Route [password.update] not defined" when using the default view. The last route should thus be

Route::post('password/reset', 'Auth\ResetPasswordController@reset')->name('password.update');

Upvotes: 1

Omid Reza Heidari
Omid Reza Heidari

Reputation: 688

Inside of :

Auth::routes();

You can use :

    // Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');

// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
Route::post('register', 'Auth\RegisterController@register');

// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset')->name('password.update');

And delete which you don't want.

Upvotes: 4

Script47
Script47

Reputation: 14540

Change,

'password.reset' => false

To,

'reset' => false

If that doesn't work, in ForgotPasswordController, you will see that a trait SendsPasswordResetEmails is used, in that you will find the function showLinkRequestForm which you can override:

public function showLinkRequestForm()
{
    return view('auth.passwords.email');
}

and replace it with a redirect to go back, or a 404, or something else that you want.

Alternatively, you could override the routes.

Upvotes: 16

Related Questions