Unable to retrieve password using Forgot Password feature while running the DB locally

nafiesl / silsilah

A genealogy/family tree application, built with Laravel.

MIT License

588 stars 284 forks source link

Unable to retrieve password using Forgot Password feature while running the DB locally #44

Open akhan85 opened 4 years ago

akhan85 commented 4 years ago

Is there a way to recover a password from the database for an account created if the application is running on a local server i.e. without being hosted anywhere. I am currently running a DB instance on my laptop and if I try to use the forgot password feature, I run into the following error:

File path: silsilah/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php

nafiesl commented 4 years ago

Hi @akhan85, I will try to reproduce it first, thanks for reporting this.

akhan85 commented 4 years ago

No problem. Let me know if I can add any further details to help reproduce the issue. Thanks.

nafiesl commented 4 years ago

Hi @akhan85, I have managed reproducing the same error like you did.

screen_20-03-15_002

In the current condition, this email reset password is depend on password reset email feature, which is built in feature of laravel.

Possible solutions:

If you were host your app in localhost, then I think we can pick one of these options to reset user's password:

Direct DB update using this hashed "password" string. We can use this sql script

UPDATE `users` SET `password`='$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi' WHERE  `id`='{your-user-id}';

If we were logged in, and we were the one who have created the user, then we can set (replace) the user's password on user's edit page.

screen_20-03-15_006

akhan85 commented 4 years ago

Thank you for your response @nafiesl . So I can't use the second option as it would require that I remember the password in the first place (which I don't) and am able to login. For the first option, can you tell me where to run that script exactly? Thanks again.

nafiesl commented 4 years ago

For the first option, you can run it on your MySQL client app, for me, I can run it on HeidiSQL, on the Query tab.

screen_20-03-16_008

akhan85 commented 4 years ago

Ok so here is what I found on my end. I am using MySQL Workbench client. I had to slightly modify the UPDATE command and use UPDATE 'table_name'.users instead. So in the case of the screenshot that you have attached it would be UPDATE lv_2017_silsilah.users

I think that I have cleared the password field altogether in the DB. I am guessing I was supposed to find the hashed password string first and it would have been unique to my case? In any case, I still get a 'These credentials do not match our records.' when attempting to log in using a blank entry for password or by using what I think is the old password.

gusem commented 3 years ago

assalamualaykum,, Maaf mas mau tanya,, di hosting juga error untuk fitur lupa password,, saya sesuaikan di env untuk smptnya tapi masih dapet error terima kasih