Answer the question
In order to leave comments, you need to log in
O
O
OlegSedoy2020-12-09 10:54:23
OlegSedoy, 2020-12-09 10:54:23
How to update user password?
Everything works, the password changes, but I can not log in with a new password. I can't figure out what the problem is, I just can't see it.
Route
Route::get('/changePassword','[email protected]')->name('dashboard.password.show');
Route::put('/changePassword','[email protected]')->name('dashboard.password.change');Sample
@extends('dashboard.base')
@section('content')
@if(Session::has('status'))
<div class="alert alert-success text-dark">
{{ Session::get('status') }}
</div>
@endif
<div class="d-flex flex-row justify-content-between align-items-center mb-5">
<h1>Раздел: Сменить пароль</h1>
</div>
<form action="{{ route('dashboard.password.change') }}" method="POST">
@csrf
@method('PUT')
<div class="form-group">
<label for="current-password">Текущий пароль</label>
<input class="form-control @error('current-password') is-invalid @enderror" type="password"
name="current-password">
@error('current-password')
<p class="text-danger">{{ $message }}</p>
@enderror
</div>
<div class="form-group">
<label for="new-password">Новый пароль</label>
<input class="form-control @error('new-password') is-invalid @enderror" type="password" name="new-password">
@error('new-password')
<p class="text-danger">{{ $message }}</p>
@enderror
</div>
<div class="form-group">
<label for="new-password_confirmation">Подтверждение</label>
<input class="form-control @error('new-password_confirmation') is-invalid @enderror" type="password" name="new-password_confirmation">
@error('new-password_confirmation')
<p class="text-danger">{{ $message }}</p>
@enderror
</div>
<button type="submit" class="btn btn-primary mt-3">Обновить пароль</button>
</form>
@endsectionController
<?php
namespace App\Http\Controllers\Dashboard;
use App\Http\Controllers\Controller;
use App\Http\Requests\ChangePasswordRequest;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class PasswordController extends Controller
{
protected $user;
public function __construct()
{
$this->middleware(function ($request, $next){
$this->user = Auth::user();
return $next($request);
});
}
public function show()
{
return view('dashboard.password.index');
}
public function change(ChangePasswordRequest $request)
{
if (!(Hash::check($request->input('current-password'), $this->user->password))) {
return back()->withStatus('Неверный пароль');
}
if(strcmp($request->input('current-password'), $request->input('new-password')) == 0){
return back()->withStatus('Текущий пароль совпадает с новым. Придумайте новый пароль');
}
$this->user->update([
'password' => Hash::make($request->input('new-password'))
]);
Auth::logout();
return redirect()->route('about')->withComplete('Пароль успешно изменен');
}
}Request
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class ChangePasswordRequest extends FormRequest
{
public function authorize()
{
return true;
}
public function rules()
{
return [
'current-password' => 'required',
'new-password' => 'required|min:6|confirmed',
];
}
public function messages()
{
return [
'current-password.required' => 'Поле :attribute обязательно для заполнения',
'new-password.required' => 'Поле :attribute обязательно для заполнения',
'new-password.min' => 'Для поля :attribute минимум 6 символов',
'new-password.confirmed' => 'Подтвердите новый пароль',
];
}
public function attributes()
{
return [
'current-password' => 'Текущий пароль',
'new-password' => 'Новый пароль',
];
}
} 3 answer(s)
@jazzus
on the
and remove the incomprehensible middleware from the constructor, which does nothing, remove the user from the controller properties, replace the checks from the controller with the password, required_with and different validation rules. In general, such "incomprehensible" problems because tests are not written. Tests will quickly show what and where + it is convenient to debug the process, and not poke forms and climb databases. I recommend writing before development.
@SkazochNick
@Sqweez
J
jazzus, 2020-12-09 @jazzus
Try to replace it
$this->user->update([
'password' => Hash::make($request->input('new-password'))
]);on the
$user = Auth::user();
$user->password = Hash::make($request->input('new-password'));
$user->save();and remove the incomprehensible middleware from the constructor, which does nothing, remove the user from the controller properties, replace the checks from the controller with the password, required_with and different validation rules. In general, such "incomprehensible" problems because tests are not written. Tests will quickly show what and where + it is convenient to debug the process, and not poke forms and climb databases. I recommend writing before development.
V
Vladimir Kokhan, 2020-12-09 @SkazochNick
And what do you get into the database when you update? Are you encrypting the password?
A
Alexander Sqweez, 2020-12-11 @Sqweez
Try changing the HTTP request method to PATCH instead of PUT.
PUT is used to update the entire resource, PATCH for partial.
Similar questions
K
I
J
E
G
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question