Home>Article>Backend Development> Detailed explanation of Laravel password reset example
If you need to use laravel to build a back-end content management system, but laravel's default login registration cannot meet the current needs, reset the password because it is used in the back-end and does not need to send an email to reset, so the default reset is Passwords definitely won't work. Follow this article to see how to reset the password in Laravel.
1. First determine the route to reset the password
The reset password generated by default when we install laravel is Performed when the user is not logged in. Therefore, it is not feasible to use the original controller, and the original reset password does not need to check whether the original password is correct, but to directly change the password through email, so for the controller method, we also need to rewrite it . We usephp artisan make:controller UserControllerto create a controller class, and then create two routesRoute::get('reset', 'UserController@getReset')andRoute::post('reset', 'UserController@postReset').
The former is a get request to reset the password, followed by a post request to reset the password.
2. Display the password reset page
This uses thegetResetmethod , this method only needs to display a view, so there is no special logic
public function getReset() { return view('auth.reset'); }
3. Request to reset password
This uses thepostResetmethod. To receive data, we can use two methods to receive the passed data:One is to use the request method to receive data,The other is to use the Input::get method to obtain data. IfRequestyou need to introduce theuse Illuminate\Http\Requestclass, ifInputyou need to introduce theuse Inputclass, here we choose to userequestto receive.
4. Verification rules
For verification, laravel provides us with a set of verification rules, usevalidatorTheValidator::make()method is used to verify
$data = $request->all(); //接收所有的数据 $rules = [ 'oldpassword'=>'required|between:6,20', 'password'=>'required|between:6,20|confirmed', ]; $messages = [ 'required' => '密码不能为空', 'between' => '密码必须是6~20位之间', 'confirmed' => '新密码和确认密码不匹配' ]; $validator = Validator::make($data, $rules, $messages);
$dataReceive the data information passed from;
rulesJudge the received value, whereoldpasswordandpasswordin front of the array are the name field data of the original password and new password received from the front end for verification;
The verification rules are all in the verification chapter of the manual. It is worth noting that using confirmed is to make the same judgment on the new password and the confirmed password. The name value required for the confirmed password must be the new password. Add '_confirmation'after the name value. For example, if the name value of the new password isnewpassword, the name value of the confirmed password must benewpassword_confirmationbefore the judgment can be made.messagesWhat prompts are displayed for verified data requests.
After passing the above verification, there is another situation that is not verified, that is, whether the original password entered is the same as the original password in the database.
Here we can first check out the user's information from the database, and then compare it with the original password entered. Here we useAuth::user()to obtain user information. This method needs to introduce theuse Auth;class, and then passHash::check()to determine the password. After the judgment, there is still a question, that is, how to push the error message into the error message of the validator. Here laravel provides us with the after method:
$user = Auth::user(); $validator->after(function($validator) use ($oldpassword, $user) { if (!\Hash::check($oldpassword, $user->password)) { //原始密码和数据库里的密码进行比对 $validator->errors()->add('oldpassword', '原密码错误'); //错误的话显示原始密码错误 } }); if ($validator->fails()) { //判断是否有错误 return back()->withErrors($validator); //重定向页面,并把错误信息存入一次性session里 } $user->password = bcrypt($password); //使用bcrypt函数进行新密码加密 $user->save(); //成功后,保存新密码
Here becauseafterAn anonymous function of PHP is introduced, so we need to use theusekeyword to pass external data into the anonymous function (PS: PHP new features, closures and anonymous functions)
In the anonymous function, we introduced a global function, so we need to add \(PS:php new features, namespace chapter, global namespace) in front of the function
5. The front-end displays error information
If the front-end displays it, we use the$errorsvariable to display the error. According to the official documentation, the call is# If you are interested, you can take a look at the example of ##Illuminate\Support\MessageBag. We usecount($errors) > 0to determine whether there is an error, and use$errors->first()to display an error message:
@if(count($errors) > 0)Some people may ask, if my error is not displayed in a fixed place, but the error message is displayed behind each form, how should we judge and display it? The answer is to use@endif
$errors->has('oldpassword')to determine whether there is an error with this name. If there is, use$errors->first('oldpassword')Display this error:
@if( $errors->has('oldpassword') )
@endif
其中oldpassword是每个表单的里的name值,所以在使用after方法添加自定义错误的时候$validator->errors()->add('oldpassword', '原密码错误');中,oldpassword一定要写对是在哪个表单的错误,这样才能正确的显示。
6、完成后的示例
UserController
public function getReset() { return view('auth.reset'); } public function postReset(Request $request) { $oldpassword = $request->input('oldpassword'); $password = $request->input('password'); $data = $request->all(); $rules = [ 'oldpassword'=>'required|between:6,20', 'password'=>'required|between:6,20|confirmed', ]; $messages = [ 'required' => '密码不能为空', 'between' => '密码必须是6~20位之间', 'confirmed' => '新密码和确认密码不匹配' ]; $validator = Validator::make($data, $rules, $messages); $user = Auth::user(); $validator->after(function($validator) use ($oldpassword, $user) { if (!\Hash::check($oldpassword, $user->password)) { $validator->errors()->add('oldpassword', '原密码错误'); } }); if ($validator->fails()) { return back()->withErrors($validator); //返回一次性错误 } $user->password = bcrypt($password); $user->save(); Auth::logout(); //更改完这次密码后,退出这个用户 return redirect('/login'); }
reset.blade
相关推荐:
The above is the detailed content of Detailed explanation of Laravel password reset example. For more information, please follow other related articles on the PHP Chinese website!