2016-12-14 05:06:15 -08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
|
|
|
|
use App\Http\Controllers\Controller;
|
2020-11-03 11:42:42 -08:00
|
|
|
use App\Http\Requests\SaveUserRequest;
|
2020-10-08 18:43:39 -07:00
|
|
|
use App\Models\Setting;
|
2020-11-03 11:42:42 -08:00
|
|
|
use App\Models\User;
|
2016-12-14 05:06:15 -08:00
|
|
|
use Illuminate\Foundation\Auth\ResetsPasswords;
|
2018-08-14 20:05:57 -07:00
|
|
|
use Illuminate\Http\Request;
|
2020-11-03 11:42:42 -08:00
|
|
|
use Illuminate\Validation\Rule;
|
|
|
|
use Illuminate\Validation\Validator;
|
2018-08-14 20:05:57 -07:00
|
|
|
|
2016-12-14 05:06:15 -08:00
|
|
|
class ResetPasswordController extends Controller
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
| Password Reset Controller
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
| This controller is responsible for handling password reset requests
|
|
|
|
| and uses a simple trait to include this behavior. You're free to
|
|
|
|
| explore this trait and override any methods you wish to tweak.
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
use ResetsPasswords;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Where to redirect users after resetting their password.
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
2017-09-27 16:23:21 -07:00
|
|
|
protected $redirectTo = '/';
|
2016-12-14 05:06:15 -08:00
|
|
|
|
2020-11-02 23:58:37 -08:00
|
|
|
protected $username = 'username';
|
|
|
|
|
2016-12-14 05:06:15 -08:00
|
|
|
/**
|
|
|
|
* Create a new controller instance.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function __construct()
|
|
|
|
{
|
|
|
|
$this->middleware('guest');
|
|
|
|
}
|
2018-10-31 18:03:24 -07:00
|
|
|
|
|
|
|
protected function rules()
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'token' => 'required',
|
|
|
|
'username' => 'required',
|
2020-11-02 23:58:37 -08:00
|
|
|
'password' => 'confirmed|'.Setting::passwordComplexityRulesSaving('store'),
|
2018-10-31 18:03:24 -07:00
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
protected function credentials(Request $request)
|
|
|
|
{
|
|
|
|
return $request->only(
|
|
|
|
'username', 'password', 'password_confirmation', 'token'
|
|
|
|
);
|
|
|
|
}
|
2018-08-14 20:05:57 -07:00
|
|
|
|
2018-10-31 18:03:24 -07:00
|
|
|
public function showResetForm(Request $request, $token = null)
|
|
|
|
{
|
|
|
|
return view('auth.passwords.reset')->with(
|
2020-10-08 18:43:39 -07:00
|
|
|
[
|
|
|
|
'token' => $token,
|
2021-06-10 13:15:52 -07:00
|
|
|
'username' => $request->input('username'),
|
2020-10-08 18:43:39 -07:00
|
|
|
]
|
2018-10-31 18:03:24 -07:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2020-11-03 11:42:42 -08:00
|
|
|
public function reset(Request $request)
|
|
|
|
{
|
2022-06-21 14:15:38 -07:00
|
|
|
|
2020-11-03 11:42:42 -08:00
|
|
|
$messages = [
|
|
|
|
'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'),
|
|
|
|
];
|
|
|
|
|
2020-11-03 11:45:19 -08:00
|
|
|
$request->validate($this->rules(), $request->all(), $this->validationErrorMessages());
|
2020-11-03 11:42:42 -08:00
|
|
|
|
|
|
|
// Check to see if the user even exists
|
2022-06-21 14:33:10 -07:00
|
|
|
if ($user = User::where('username', '=', $request->input('username'))->whereNotNull('email')->first()) {
|
2022-06-21 14:15:38 -07:00
|
|
|
$broker = $this->broker();
|
|
|
|
|
2022-06-21 14:33:10 -07:00
|
|
|
// handle the password validation rules set by the admin settings
|
2022-06-21 14:15:38 -07:00
|
|
|
if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== false) {
|
|
|
|
$request->validate(
|
|
|
|
[
|
|
|
|
'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"',
|
|
|
|
], $messages);
|
|
|
|
}
|
2020-11-03 11:42:42 -08:00
|
|
|
|
2022-06-21 14:33:10 -07:00
|
|
|
// send the reset
|
2022-06-21 14:15:38 -07:00
|
|
|
$response = $broker->reset(
|
|
|
|
$this->credentials($request), function ($user, $password) {
|
2020-11-03 11:42:42 -08:00
|
|
|
$this->resetPassword($user, $password);
|
2022-06-21 14:33:10 -07:00
|
|
|
});
|
2020-11-03 11:42:42 -08:00
|
|
|
|
2022-06-21 14:15:38 -07:00
|
|
|
}
|
2022-06-21 14:33:10 -07:00
|
|
|
// This is laravel magic - we override the sendResetFailedResponse further down to send a success message even if it failed
|
|
|
|
return $response == \Password::PASSWORD_RESET
|
|
|
|
? $this->sendResetResponse($request, $response)
|
|
|
|
: $this->sendResetFailedResponse($request, $response);
|
2022-06-21 14:15:38 -07:00
|
|
|
|
2020-11-03 11:42:42 -08:00
|
|
|
}
|
2020-11-02 23:58:37 -08:00
|
|
|
|
2022-06-21 14:15:38 -07:00
|
|
|
|
2018-10-31 18:03:24 -07:00
|
|
|
protected function sendResetFailedResponse(Request $request, $response)
|
2018-08-14 20:05:57 -07:00
|
|
|
{
|
2018-10-31 18:03:24 -07:00
|
|
|
return redirect()->back()
|
2020-10-08 18:43:39 -07:00
|
|
|
->withInput(['username'=> $request->input('username')])
|
2022-06-21 14:33:10 -07:00
|
|
|
->with('success', trans('passwords.sent'));
|
2018-08-14 20:05:57 -07:00
|
|
|
}
|
2016-12-14 05:06:15 -08:00
|
|
|
}
|