shijunti19
commented
6 years ago db saves one character and then matches
Open lCHECHOl opened 6 years ago
shijunti19
commented
6 years ago db saves one character and then matches
lCHECHOl
commented
6 years ago @shijunti19 I do not understand, you can be a little more specific, thanks in advance
aarabmed
commented
5 years ago its 2019 and i'm at the same spot as you were lol , i'm using React Ant admin with an api built with api platform, in order to use PUT, POST , UPDATE or DELETE request a token must be generated a with username and password and paced on the header, for now everything works great, but when i arrived to phase of making a Forgot password functionality , i did some research and found some useful tutorials , but i ended up with some confusing questions :
1) how could i check for a user in database if i have already forgotten the password,
2) how do i use the UPDATE or the PUT request to edit a user's password knowing that this request require a token that supposed to be generated by both username and password , which again is forgotten password :/ .
Thanks in advance, BTW: i'm a rookie
lCHECHOl
commented
5 years ago This worked for me
routes/api.php
`
Route::post('password/email', 'Auth\ForgotPasswordController@getResetToken');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
ForgotPasswordController.php
`<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\SendsPasswordResetEmails; use App\Transformers\Json; use App\User; use Illuminate\Http\Request;
| class ForgotPasswordController extends Controller { /* | -------------------------------------------------------------------------- | Password Reset Controller |
|---|---|---|
| This controller is responsible for handling password reset emails and | ||
| includes a trait which assists in sending these notifications from | ||
| your application to your users. Feel free to explore this trait. | ||
*/
use SendsPasswordResetEmails;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Send a reset link to the given user.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function getResetToken(Request $request)
{
$this->validate($request, ['email' => 'required|email']);
if ($request->wantsJson()) {
$user = User::where('email', $request->input('email'))->first();
if (!$user) {
return response()->json(Json::response(null, trans('passwords.user')), 400);
}
$token = $this->broker()->createToken($user);
return response()->json(Json::response(['token' => $token]));
}
}} `
ResetPasswordController.php
`<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\ResetsPasswords; use App\Transformers\Json; use Illuminate\Http\Request; use Illuminate\Support\Facades\Password;
| class ResetPasswordController extends Controller { /* | -------------------------------------------------------------------------- | Password Reset Controller |
|---|---|---|
| This controller is responsible for handling password reset requests | ||
| and uses a simple trait to include this behavior. You're free to | ||
| explore this trait and override any methods you wish to tweak. | ||
*/
use ResetsPasswords;
/**
* Where to redirect users after resetting their password.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Reset the given user's password.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function reset(Request $request)
{
$this->validate($request, $this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
if ($request->wantsJson()) {
if ($response == Password::PASSWORD_RESET) {
return response()->json(Json::response(null, trans('passwords.reset')));
} else {
return response()->json(Json::response($request->input('email'), trans($response), 202));
}
}
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($response)
: $this->sendResetFailedResponse($request, $response);
}} `
App\Transformers\Json
`
<?php
namespace App\Transformers;
class Json
{
public static function response($data = null, $message = null)
{
return [
'data' => $data,
'message' => $message,
];
}
}
stale[bot]
commented
3 years ago Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Subject of the issue
how can I generate a token if the user is not authenticated only with his mail, is to recover the password of the api with the email, some idea to do it
Thanks in advance
Your environment
Expected behaviour
I want that when the user places the email to reset the password, I return a token to send an email with this, then it will be addressed when the password is changed, if the token matches that allows it to change