Author

Password Broker in Laravel

Image

by Samarth Sinha on 2017-06-30 16:03:37

Password Broker: Password Broker in laravel is used to reset forgotten password for users. PasswordBroker class will create a token for user and send an email for the set new password link, where user can set a new password.

To reset password make PasswordsController and a form which will submit your email. It will point to your store() in PasswordsController which will have codes.

public function store(Request $request, PasswordBroker $broker)
    {
        $user = User::where('email', $request->user['email'])->first();
        if ($user)
        {
            $token = $broker->createToken($user); //It will create a token for the user a record will be saved in password_reset table
            Mail::to($user->email)->queue(new ForgotPasswordMail($token)); //Here an email will be send to the submitted email if it exists in the user database.
            //---------- OR -------------------------
            $broker->sendResetLink($user->toArray()); //It will create a token and send the default laravel email with the link and token to reset password.
            return redirect()->route('login')->with('msg', 'Email has sent to your account.');
        }
        else
        {
            return view('Passwords.forgot-password', ['errors' => 'Email not exist in Database.']);
        }
    }

After this the user will receive an email with link to reset password, which will open a form and ask for email, password and password_confirmation. On submit of that form it will point to the update() in your PasswordsController.

public function update(Request $request, PasswordBroker $broker, $token)
    {
        $user = User::where('email', $request->user['email'])->first();
        if ($user && $broker->tokenExists($user, $request->token))
        {
            $user->setValidationType('password'); //Validating password check my validation blog for more details
            if ($user->update($request->user)) //If the validation is passed and token is valid it will update the password
            {
                $broker->deleteToken($user); //It will delete the reset password token since we no longer require it anymore.
                return redirect()->route('login')->with('msg', 'Password reset successfully.');
            }
            else
            {
                return view('Passwords.edit', compact('token', 'user'));
            }
        }
        else
        {
            return redirect()->route('login')->with('errors', 'Something went wrong. Your password is not reset.');
        }
    }

 

About the Author

  • avatar
    Samarth Sinha

    My name Samarth Sinha. I work on developing Web Applications using PHP and MySQL and in different frameworks of PHP like Laravel, CakePHP, CodeIgnitor and Smarty. In databases I have worked in MySQL and Postgres. I started this blog to share my knowledge to those who wants to start developing Web Applications using PHP.