Laravel default reset Password function code refactoring method

Source: Internet
Author: User
Tags anonymous auth button type hash reset


Need to use Laravel to build a background content management system, but laravel default login can not meet the current requirements, reset the password because it is used in the background, and do not need to send mail to reset, so the default reset password is certainly not.

1, first determine the Reset password routing

When we installed the Laravel, the default generated reset password was performed without the user logging in. So using the original controller is not feasible, and the original reset password, do not need to see the original password is correct, but through the mail to make a direct change of password, so the controller method, we also need to write a new one. We use PHP artisan Make:controller usercontroller To create a controller class and then create two routes route::get (' Reset ', ' Usercontroller@getreset ') and Route::p ost (' Reset ', ' Usercontroller@postreset '). The former is a page get request that displays a reset password, followed by a reset password post request.

2. Display the Reset Password page

This uses the Getreset method, which only needs to display a view so there is no particular logic.

Public Function Getreset ()
{
Return view (' Auth.reset ');
}
3. Request Reset Password

This is using the Postreset method, when receiving data, we use two methods to receive the data passed by: one is to receive the data using the request method, the other is to use the Input::get method to get the data. Request words need to introduce use illuminate\http\request class, input words need to introduce using input class, here we choose Request to receive.

4. Validation rules

Verification, Laravel provides us with a set of validation rules that are validated using the validator Validator::make () method

$data = $request->all (); Receive all the data
$rules = [
' OldPassword ' => ' required|between:6,20 ',
' Password ' => ' required|between:6,20|confirmed ',
];
$messages = [
' Required ' => ' password cannot be empty ',
' Between ' => ' password must be between the 6~20 bits ',
' Confirmed ' => ' new password and Confirm password mismatch '
];
$validator = Validator::make ($data, $rules, $messages);
The $data receives the data from the from, the rules butt to the received value, where the OldPassword and password in front of the array are validated from the original password received from the front end and the name field data of the new password;

Validation rules are in the manual verification section, it is noteworthy that the use of confirmed words is for the new password and confirm the password to make the same judgment, confirm the password must be the name value must be the new password after the name value Plus ' _confirmation ', For example, if the name value of the new password is newpassword, the name value of the confirmation password must be newpassword_confirmation before it can be judged messages to verify the data request, show what hint.

And then through the above verification, there is also a case is not validated, that is, the original password entered is the same as the original password in the database. Here we can first the user's information from the database to find out, and then enter the original password to compare. Here we use the Auth::user () to obtain the user's information, this method needs to introduce uses Auth; class, and then use the Hash::check () to determine the password. After judgment, there is a problem, that is, how to put the error message into the validator error message, here Laravel provide us with the After method:

$user = Auth::user ();
$validator->after (function ($validator) use ($oldpassword, $user) {
if (!\hash::check ($oldpassword, $user->password)) {//The original password and the password in the database are compared
$validator->errors ()->add (' OldPassword ', ' original password error '); Incorrect display of original password error
}
});
if ($validator->fails ()) {//To determine if there are errors
return back ()->witherrors ($validator); redirect the page and deposit the error message in a one-time session
}
$user->password = Bcrypt ($password); New password encryption using the Bcrypt function
$user->save (); After successful, save the new password
This is because we introduced a PHP anonymous function, so we need to pass the external data to the anonymous function using the USE keyword (ps:php new features, closures, and anonymous functions)

We introduced a global function in the anonymous function, so we need to add \ (ps:php new features, namespace chapters, global namespaces) to the function.

5, Front end display error message

On the front end, we use the $errors variable to display the error, according to the official documentation, called the illuminate\support\messagebag example, if you are interested, you can look at it. We use COUNT ($errors) > 0来 to determine if there is an error, and use $errors->first () to display an error message:

@if (Count ($errors) > 0)
<div class= "alert Alert-danger display-hide" style= "Display:block;" >
<button class= "Close" data-close= "alert" ></button>
<span> </span>
</div>
@endif
Some people may ask if my error is not displayed in a fixed place, but instead displays the error message after each form, so how do we judge and display it? The answer is to use $errors->has (' OldPassword ') to determine if there is an error with this name, and if so, use $errors->first (' OldPassword ') to display the error:

@if ($errors->has (' OldPassword '))
<div class= "alert Alert-danger display-hide" style= "Display:block;" >
<button class= "Close" data-close= "alert" ></button>
<span> </span>
</div>
@endif
Where OldPassword is the name value of each form, it is $validator->errors ()->add (' OldPassword ', ' original password error ') when adding custom errors using the After method; , OldPassword must write an error on which form it is in so that it can be displayed correctly.

6, after the completion of the example

Usercontroller

Public Function Getreset ()
{
Return view (' Auth.reset ');
}

Public Function Postreset (Request $request)
{
$oldpassword = $request->input (' OldPassword ');
$password = $request->input (' password ');
$data = $request->all ();
$rules = [
' OldPassword ' => ' required|between:6,20 ',
' Password ' => ' required|between:6,20|confirmed ',
];
$messages = [
' Required ' => ' password cannot be empty ',
' Between ' => ' password must be between the 6~20 bits ',
' Confirmed ' => ' new password and Confirm password mismatch '
];
$validator = Validator::make ($data, $rules, $messages);
$user = Auth::user ();
$validator->after (function ($validator) use ($oldpassword, $user) {
if (!\hash::check ($oldpassword, $user->password)) {
$validator->errors ()->add (' OldPassword ', ' original password error ');
}
});
if ($validator->fails ()) {
return back ()->witherrors ($validator); Returns a one-time error
}
$user->password = Bcrypt ($password);
$user->save ();
Auth::logout (); After you change this password, quit this user
Return redirect ('/login ');
}
Reset.blade

<form class= "Login-form" action= "" method= "POST" >

@if ($errors->first ())
<div class= "alert Alert-danger display-hide" style= "Display:block;" >
<button class= "Close" data-close= "alert" ></button>
<span> </span>
</div>
@endif
{!! Csrf_field ()!!}

<div class= "Form-group" >
<label class= "Control-label visible-ie8 visible-ie9" > Original password </label>
<input class= "Form-control placeholder-no-fix" type= "password" autocomplete= "off" placeholder= "Old password" name= "OldPassword" > </div>
<div class= "Form-group" >
<label class= "Control-label visible-ie8 visible-ie9" > New password </label>
<input class= "Form-control placeholder-no-fix" type= "password" autocomplete= "Off" id= "Register_password" placeholder= "New password" name= "password" > </div>
<div class= "Form-group" >
<label class= "Control-label visible-ie8 visible-ie9" > Duplicate password </label>
<input class= "Form-control placeholder-no-fix" type= "password" autocomplete= "Off" placeholder= "Repeat password" Name= "Password_confirmation" > </div>
<div class= "Form-actions" >
<button type= "Submit" id= "register-submit-btn" class= "btn btn-success uppercase Pull-right" > OK </button>
</div>
</form>

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.