middleware('guest'); } protected function rules() { return [ 'token' => 'required', 'username' => 'required', 'password' => 'confirmed|'.Setting::passwordComplexityRulesSaving('store'), ]; } protected function credentials(Request $request) { return $request->only( 'username', 'password', 'password_confirmation', 'token' ); } public function showResetForm(Request $request, $token = null) { \Log::debug(print_r($this->rules(),true)); return view('auth.passwords.reset')->with( [ 'token' => $token, 'username' => $request->input('username') ] ); } public function reset(Request $request) { $messages = [ 'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'), ]; $validator = $request->validate($this->rules(), $request->all(), $this->validationErrorMessages()); // Check to see if the user even exists $user = User::where('username', '=', $request->input('username'))->first(); $broker = $this->broker(); if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== FALSE) { \Log::debug('disallow_same_pwd_as_user_fields is active on the password settings'); $request->validate( [ 'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"' ], $messages); } $response = $broker->reset( $this->credentials($request), function ($user, $password) { \Log::debug('resetting the password to '.$password); $this->resetPassword($user, $password); } ); return $response == \Password::PASSWORD_RESET ? $this->sendResetResponse($request, $response) : $this->sendResetFailedResponse($request, $response); } protected function sendResetFailedResponse(Request $request, $response) { return redirect()->back() ->withInput(['username'=> $request->input('username')]) ->withErrors(['username' => trans($response), 'password' => trans($response)]); } }