public function handleToken($request, $response, $args) { $tokenStr = $args['token']; $password = $request->getParam('password'); // check token $token = PasswordReset::where('token', $tokenStr)->first(); if ($token == null || $token->expire_time < time()) { $rs['ret'] = 0; $rs['msg'] = '链接已经失效,请重新获取'; return $response->getBody()->write(json_encode($rs)); } $user = User::where('email', $token->email)->first(); if ($user == null) { $rs['ret'] = 0; $rs['msg'] = '链接已经失效,请重新获取'; return $response->getBody()->write(json_encode($rs)); } // reset password $hashPassword = Hash::passwordHash($password); $user->pass = $hashPassword; if (!$user->save()) { $rs['ret'] = 0; $rs['msg'] = '重置失败,请重试'; return $response->getBody()->write(json_encode($rs)); } $rs['ret'] = 1; $rs['msg'] = '重置成功'; return $response->getBody()->write(json_encode($rs)); }
/** * Display the password reset view for the given token. * * @param string $token * @return \Illuminate\Http\Response */ public function getReset($token = null) { if (is_null($token)) { throw new NotFoundHttpException(); } $reset_user = PasswordReset::where('token', $token)->first(); $email = $reset_user ? $reset_user->email : null; return view('manage.auth.reset')->with(['token' => $token, 'email' => $email]); }
/** * Handles forgotten password changing * * @param PasswordResetRequest $request * * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector */ public function putPasswordReset(PasswordResetRequest $request) { $check = PasswordReset::where(['email' => $request->input('email'), 'token' => $request->input('token')])->first(); if ($check) { User::changePassword($request); PasswordReset::where('email', $request->input('email'))->delete(); flash()->success(trans('users.password_changed')); return redirect('users/login'); } else { flash()->error(trans('users.no_such_user')); return redirect()->back(); } }
public function performPasswordReset(Request $request) { $token = $request->token; $password = $request->password; $reset = PasswordReset::where('token', $token)->first(); if (!$reset) { return 'oops'; } if (Carbon::parse($reset->created_at)->addHour(48)->lte(Carbon::now())) { return 'expired'; } if ($reset->is_used) { return 'already used'; } $user = User::find($reset->user_id); $user->password = bcrypt($password); $user->save(); $reset->is_used = true; $reset->save(); return 'ok'; }