Detailed explanation of Laravel password reset example

If you need to use laravel to build a back-end content management system, but laravel's default login registration cannot meet the current needs, reset the password because it is used in the back-end and does not need to send an email to reset, so the default reset is Passwords definitely won't work. Follow this article to see how to reset the password in Laravel.

1. First determine the route to reset the password

The reset password generated by default when we install laravel is Performed when the user is not logged in. Therefore, it is not feasible to use the original controller, and the original reset password does not need to check whether the original password is correct, but to directly change the password through email, so for the controller method, we also need to rewrite it . We use php artisan make:controller UserController to create a controller class, and then create two routes Route::get('reset', 'UserController@getReset') and Route::post('reset', 'UserController@postReset').

The former is a get request to reset the password, followed by a post request to reset the password.

2. Display the password reset page

This uses the getReset method , this method only needs to display a view, so there is no special logic

public function getReset()
{
  return view('auth.reset');
}

3. Request to reset password

This uses the postReset method. To receive data, we can use two methods to receive the passed data: One is to use the request method to receive data, The other is to use the Input::get method to obtain data. If Request you need to introduce the use Illuminate\Http\Request class, if Input you need to introduce the use Input class, here we choose to use request to receive.

4. Verification rules

For verification, laravel provides us with a set of verification rules, use validator The Validator::make() method is used to verify

$data = $request->all(); //接收所有的数据
$rules = [
  'oldpassword'=>'required|between:6,20',
  'password'=>'required|between:6,20|confirmed',
];
$messages = [
  'required' => '密码不能为空',
  'between' => '密码必须是6~20位之间',
  'confirmed' => '新密码和确认密码不匹配'
];
$validator = Validator::make($data, $rules, $messages);

$data Receive the data information passed from;

rules Judge the received value, where oldpassword and password in front of the array are the name field data of the original password and new password received from the front end for verification;

The verification rules are all in the verification chapter of the manual. It is worth noting that using confirmed is to make the same judgment on the new password and the confirmed password. The name value required for the confirmed password must be the new password. Add '_confirmation' after the name value. For example, if the name value of the new password is newpassword, the name value of the confirmed password must be newpassword_confirmation before the judgment can be made. messagesWhat prompts are displayed for verified data requests.

After passing the above verification, there is another situation that is not verified, that is, whether the original password entered is the same as the original password in the database.

Here we can first check out the user's information from the database, and then compare it with the original password entered. Here we use Auth::user() to obtain user information. This method needs to introduce the use Auth; class, and then pass Hash::check() to determine the password. After the judgment, there is still a question, that is, how to push the error message into the error message of the validator. Here laravel provides us with the after method:

$user = Auth::user();
$validator->after(function($validator) use ($oldpassword, $user) {
  if (!\Hash::check($oldpassword, $user->password)) { //原始密码和数据库里的密码进行比对
    $validator->errors()->add('oldpassword', '原密码错误'); //错误的话显示原始密码错误
  }
});
if ($validator->fails()) {   //判断是否有错误
  return back()->withErrors($validator); //重定向页面，并把错误信息存入一次性session里
}
$user->password = bcrypt($password);    //使用bcrypt函数进行新密码加密
$user->save();   //成功后，保存新密码

Here because after An anonymous function of PHP is introduced, so we need to use the use keyword to pass external data into the anonymous function (PS: PHP new features, closures and anonymous functions)

In the anonymous function, we introduced a global function, so we need to add \(PS:php new features, namespace chapter, global namespace) in front of the function

5. The front-end displays error information

If the front-end displays it, we use the $errors variable to display the error. According to the official documentation, the call is# If you are interested, you can take a look at the example of ##Illuminate\Support\MessageBag. We use count($errors) > 0 to determine whether there is an error, and use $errors->first() to display an error message:

@if(count($errors) > 0)
  <p class="alert alert-danger display-hide" style="display: block;">
    <button class="close" data-close="alert"></button>
    <span>  </span>
  </p>
@endif

Some people may ask, if my error is not displayed in a fixed place, but the error message is displayed behind each form, how should we judge and display it? The answer is to use

$errors->has('oldpassword') to determine whether there is an error with this name. If there is, use $errors->first('oldpassword') Display this error:

@if( $errors->has('oldpassword') )
  <p class="alert alert-danger display-hide" style="display: block;">
    <button class="close" data-close="alert"></button>
    <span>  </span>
  </p>
@endif

其中oldpassword是每个表单的里的name值，所以在使用after方法添加自定义错误的时候 $validator->errors()->add('oldpassword', '原密码错误');中，oldpassword一定要写对是在哪个表单的错误，这样才能正确的显示。

6、完成后的示例

UserController

public function getReset()
{
  return view('auth.reset');
}

public function postReset(Request $request)
{
  $oldpassword = $request->input('oldpassword');
  $password = $request->input('password');
  $data = $request->all();
  $rules = [
    'oldpassword'=>'required|between:6,20',
    'password'=>'required|between:6,20|confirmed',
  ];
  $messages = [
    'required' => '密码不能为空',
    'between' => '密码必须是6~20位之间',
    'confirmed' => '新密码和确认密码不匹配'
  ];
  $validator = Validator::make($data, $rules, $messages);
  $user = Auth::user();
  $validator->after(function($validator) use ($oldpassword, $user) {
    if (!\Hash::check($oldpassword, $user->password)) {
      $validator->errors()->add('oldpassword', '原密码错误');
    }
  });
  if ($validator->fails()) {
    return back()->withErrors($validator); //返回一次性错误
  }
  $user->password = bcrypt($password);
  $user->save();
  Auth::logout(); //更改完这次密码后，退出这个用户
  return redirect('/login');
}

reset.blade

<form class="login-form" action="" method="post">
    <h3 class="font-green">修改密码</h3>
    @if($errors->first())
      <p class="alert alert-danger display-hide" style="display: block;">
        <button class="close" data-close="alert"></button>
        <span>  </span>
      </p>
    @endif
    {!! csrf_field() !!}

    <p class="form-group">
      <label class="control-label visible-ie8 visible-ie9">原始密码</label>
      <input class="form-control placeholder-no-fix" type="password" autocomplete="off" placeholder="Old Password" name="oldpassword"> </p>
    <p class="form-group">
      <label class="control-label visible-ie8 visible-ie9">新密码</label>
      <input class="form-control placeholder-no-fix" type="password" autocomplete="off" id="register_password" placeholder="New password" name="password"> </p>
    <p class="form-group">
      <label class="control-label visible-ie8 visible-ie9">重复密码</label>
      <input class="form-control placeholder-no-fix" type="password" autocomplete="off" placeholder="Repeat password" name="password_confirmation"> </p>
    <p class="form-actions">
      <button type="submit" id="register-submit-btn" class="btn btn-success uppercase pull-right">确定</button>
    </p>
  </form>

相关推荐：

学习Laravel5的Eloquent 关系

laravel编写APP接口（API）

laravel5.5控制器传参顺序问题及解决方案

The above is the detailed content of Detailed explanation of Laravel password reset example. For more information, please follow other related articles on the PHP Chinese website!