Zizaco / confide

Confide is a authentication solution for Laravel 4

1.19k stars 258 forks source link

Check reset token in Controller #451

Closed sloothword closed 9 years ago

sloothword commented 10 years ago

70 adds the function to check for valid tokens to Confide.

But the generated Controller lacks exactly this check. Something like:

if(Confide::isValidToken($token)){
    return View::make(Config::get('confide::reset_password_form'))
        ->with('token', $token);
}else{
    return Redirect::to('login')
        ->withError(Lang::get('confide::confide.alerts.wrong_token'));
}

Zizaco commented 9 years ago

It checks if the token is valid in the post action. But you can modify your controller to do that if you wish.