/** * Process a password reset form submission * @param Request $request * @param string $code * @return Response|Redirect */ public function postReset(Request $request, $code) { // Validate the form data $result = $this->validate($request, ['password' => 'required|confirmed|min:6']); // Attempt the password reset $result = $this->authManager->resetPassword($code, $request->get('password')); if ($result->isFailure()) { return $result->dispatch(); } // Return the appropriate response return $result->dispatch(route('auth.login.form')); }
/** @test */ public function it_does_not_resets_passwords_with_an_invalid_reset_code() { // Given $credentials = ['email' => '*****@*****.**', 'password' => 'password']; $result = $this->authManager->register($credentials); $reminder = $this->app['sentinel.reminders']->create($result->user); $newPassword = '******'; // Attempt the Reset $result = $this->authManager->resetPassword('incorrect_reset_code', $newPassword); // Verify $this->assertInstanceOf(ExceptionReply::class, $result); $this->assertEquals("Invalid or expired password reset code; please request a new link.", $result->message); }