/** * Additional validation rules to ensure user is authorized to edit this resource. * * @param Request $request Current router request. * * @return void */ protected function beforeEdit(Request $request) { parent::beforeEdit($request); if ($request->is('post')) { if (!Crypt::hashCompare($this->user->password, $request->post('current_password'))) { $this->resource->setError('current_password', 'mismatch'); } if ($request->post('password') !== $request->post('password_confirm')) { $this->resource->setError('password_confirm', 'mismatch'); } } }