Home > OS >  Once the password has been reset, I cannot log into my application
Once the password has been reset, I cannot log into my application

Time:08-05

I'm following the documentation on this link about resetting the password:

Reset Password

So first I create the view containing a form just to request the email and once the email has been received I click on the button to reset the password.

So far everything ok! Once I reset the password I try to log into my app with the new password but I cannot log in with this new password.

Can anyone kindly tell me where the problem lies? Thank you all

Route:

Route::get('/forgot-password', [Controller::class,'passwordRequest'])->middleware('guest')->name('password.request');
Route::post('/forgot-password', [Controller::class,'passwordEmail'])->middleware('guest')->name('password.email');
Route::get('/reset-password/{token}', [Controller::class,'passwordReset'])->middleware('guest')->name('password.reset');
Route::post('/reset-password', [Controller::class,'passwordUpdate'])->middleware('guest')->name('password.update');

Controller:

public function passwordRequest() {
        return view('auth.forgot-password');
    }

    public function passwordEmail(Request $request) {
        $request->validate(['email' => 'required|email']);
     
        $status = Password::sendResetLink(
            $request->only('email')
        );
     
        return $status === Password::RESET_LINK_SENT
                    ? back()->with(['status' => __($status)])
                    : back()->withErrors(['email' => __($status)]);
    }

    public function passwordReset($token) {
        return view('auth.reset-password', ['token' => $token]);
    }

    public function passwordUpdate(Request $request) {
        $request->validate([
            'token' => 'required',
            'email' => 'required|email',
            'password' => 'required|min:8|confirmed',
        ]);
     
        $status = Password::reset(
            $request->only('email', 'password', 'password_confirmation', 'token'),
            function ($user, $password) {
                $user->forceFill([
                    'password' => Hash::make($password)
                ])->setRememberToken(Str::random(60));
     
                $user->save();
     
                event(new PasswordReset($user));
            }
        );
     
        return $status === Password::PASSWORD_RESET
                    ? redirect()->route('login')->with('status', __($status))
                    : back()->withErrors(['email' => [__($status)]]);
    }

View:

ForgotPassword

<div >
    <div >
        <form action="{{route('password.email')}}" method="post">
            @csrf
            <div >
            <label for="email" >Email</label>
                <input type="email"  name="email">
            </div>
            <button type="submit" >Invia</button>
        </form>
    </div>
</div>

ResetPassword

<div >
    <div >
        <form action="{{route('password.email')}}" method="post">
            @csrf
            <div >
            <label for="email" >Email</label>
                <input type="email"  name="email">
            </div>
            <div >
            <label for="password" >Password</label>
                <input type="password"  name="password">
            </div>
            <div >
            <label for="password_confirmation" >Conferma password</label>
                <input type="password"  name="password_confirmation">
            </div>
            <div >
                <input type="hidden"  name="token" value="{{$token}}" >
            </div>
            <button type="submit" >Invia</button>
        </form>
    </div>
</div>

CodePudding user response:

You're almost done! In your auth.reset-password view, you must send the request to the password.update route, not the password.email route.

The password.update route will run the passwordUpdate method to update the User's password.

https://laravel.com/docs/9.x/passwords#password-reset-handling-the-form-submission

<div >
    <div >
        <form action="{{ route('password.update') }}" method="post">
            @csrf
            <div >
            <label for="email" >Email</label>
                <input type="email"  name="email">
            </div>
            <div >
            <label for="password" >Password</label>
                <input type="password"  name="password">
            </div>
            <div >
            <label for="password_confirmation" >Conferma password</label>
                <input type="password"  name="password_confirmation">
            </div>
            <div >
                <input type="hidden"  name="token" value="{{$token}}" >
            </div>
            <button type="submit" >Invia</button>
        </form>
    </div>
</div>
  • Related