public function register(Request $request) { $rules = $this->userRepository->getModel()->getRules(); $rules['password'] .= '|confirmed'; $validator = Validator::make($request->all(), $rules); if ($validator->fails()) { return redirect(route('auth.registerForm'))->withErrors($validator)->withInput(); } $inputs = $request->all(); $user = new \App\User(); $user->username = $inputs['username']; $user->password = \Hash::make($inputs['password']); $user->email = $inputs['email']; $user = $this->userRepository->create($user, false); $this->dispatch(new AccountCreated($user)); $request->session()->flash('success', 'auth.account_created'); return redirect(route('auth.login', ['username' => $user->username])); }
/** * @param Request $request * * @return $this|\Illuminate\Http\RedirectResponse|\Laravel\Lumen\Http\Redirector */ public function changeLostPassword(Request $request) { $validator = Validator::make($request->all(), ['user_id' => 'required', 'token' => 'required', 'password' => $this->userRepository->getModel()->getRules()['password'] . '|confirmed']); if ($validator->fails()) { return redirect(route('auth.lostPasswordForm'))->withErrors($validator)->withInput(); } $token = Input::get('token', false); try { $decryptToken = Crypt::decrypt($token); // try to find the user with the user id and the decrypt token, this will check the token existence $users = $this->userRepository->where(['id' => Input::get('user_id', false), 'lost_password_token' => $decryptToken]); if ($users->count() !== 1) { $request->session()->flash('error', 'auth.user_not_found'); return redirect(route('auth.lostPasswordForm', ['error' => true])); } $user = $users->first(); // use a constant for the time validity of the token if (Carbon::now()->diffInHours($user->lost_password_token_created_at) > 2) { $request->session()->flash('error', 'auth.token_expired'); return redirect(route('auth.lostPasswordForm')); } // remove token $user->lost_password_token = null; $user->lost_password_token_created_at = null; // hash new password $user->password = \Hash::make(Input::get('password')); $this->userRepository->update($user); } catch (ValidationException $e) { $request->session()->flash('error', 'auth.user_error_update'); return redirect(route('auth.changeLostPasswordForm')); } catch (DecryptException $e) { $request->session()->flash('error', 'auth.token_not_valid'); return redirect(route('auth.lostPasswordForm')); } $request->session()->flash('success', 'auth.password_changed'); return redirect(route('auth.login')); }