I'm following the documentation on this link about resetting the password:
So first I create the view containing a form just to request the email and once the email has been received I click on the button to reset the password.
So far everything ok! Once I reset the password I try to log into my app with the new password but I cannot log in with this new password.
Can anyone kindly tell me where the problem lies? Thank you all
Route:
Route::get('/forgot-password', [Controller::class,'passwordRequest'])->middleware('guest')->name('password.request');
Route::post('/forgot-password', [Controller::class,'passwordEmail'])->middleware('guest')->name('password.email');
Route::get('/reset-password/{token}', [Controller::class,'passwordReset'])->middleware('guest')->name('password.reset');
Route::post('/reset-password', [Controller::class,'passwordUpdate'])->middleware('guest')->name('password.update');
Controller:
public function passwordRequest() {
return view('auth.forgot-password');
}
public function passwordEmail(Request $request) {
$request->validate(['email' => 'required|email']);
$status = Password::sendResetLink(
$request->only('email')
);
return $status === Password::RESET_LINK_SENT
? back()->with(['status' => __($status)])
: back()->withErrors(['email' => __($status)]);
}
public function passwordReset($token) {
return view('auth.reset-password', ['token' => $token]);
}
public function passwordUpdate(Request $request) {
$request->validate([
'token' => 'required',
'email' => 'required|email',
'password' => 'required|min:8|confirmed',
]);
$status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'),
function ($user, $password) {
$user->forceFill([
'password' => Hash::make($password)
])->setRememberToken(Str::random(60));
$user->save();
event(new PasswordReset($user));
}
);
return $status === Password::PASSWORD_RESET
? redirect()->route('login')->with('status', __($status))
: back()->withErrors(['email' => [__($status)]]);
}
View:
ForgotPassword
<div >
<div >
<form action="{{route('password.email')}}" method="post">
@csrf
<div >
<label for="email" >Email</label>
<input type="email" name="email">
</div>
<button type="submit" >Invia</button>
</form>
</div>
</div>
ResetPassword
<div >
<div >
<form action="{{route('password.email')}}" method="post">
@csrf
<div >
<label for="email" >Email</label>
<input type="email" name="email">
</div>
<div >
<label for="password" >Password</label>
<input type="password" name="password">
</div>
<div >
<label for="password_confirmation" >Conferma password</label>
<input type="password" name="password_confirmation">
</div>
<div >
<input type="hidden" name="token" value="{{$token}}" >
</div>
<button type="submit" >Invia</button>
</form>
</div>
</div>
CodePudding user response:
You're almost done! In your auth.reset-password view, you must send the request to the password.update route, not the password.email route.
The password.update route will run the passwordUpdate method to update the User's password.
https://laravel.com/docs/9.x/passwords#password-reset-handling-the-form-submission
<div >
<div >
<form action="{{ route('password.update') }}" method="post">
@csrf
<div >
<label for="email" >Email</label>
<input type="email" name="email">
</div>
<div >
<label for="password" >Password</label>
<input type="password" name="password">
</div>
<div >
<label for="password_confirmation" >Conferma password</label>
<input type="password" name="password_confirmation">
</div>
<div >
<input type="hidden" name="token" value="{{$token}}" >
</div>
<button type="submit" >Invia</button>
</form>
</div>
</div>