/** * Validate a password reset for the given credentials. * * @param array $credentials * @return \Illuminate\Contracts\Auth\CanResetPassword */ protected function validateReset(array $credentials) { if (is_null($user = $this->getUser($credentials))) { return PasswordBrokerContract::INVALID_USER; } if (!$this->validateNewPassword($credentials)) { return PasswordBrokerContract::INVALID_PASSWORD; } if (!$this->tokens->exists($user, $credentials['token'])) { return PasswordBrokerContract::INVALID_TOKEN; } return $user; }
public function renew($email, $token, ResetPasswordRequest $resetPasswordRequest, UserRepositoryInterface $userRepository, TokenRepositoryInterface $tokenRepository) { $input = $resetPasswordRequest->all(); $user = $userRepository->findByEmail($email); if (!$user) { return $this->sendUnauthorized('Email not found.'); } if (!$tokenRepository->exists($user, $token)) { return $this->sendUnauthorized('Invalid token.'); } $user = $userRepository->changePassword($user, $input['password']); $tokenRepository->delete($token); return $this->sendSuccess([], 'Successfully reset your password. Now try logging in.'); }
/** * Validate the given password reset token. * * @param CanResetPasswordContract $user * @param string $token * @return bool */ public function tokenExists(CanResetPasswordContract $user, $token) { return $this->tokens->exists($user, $token); }