ResetPasswordController 如何使用 password_reset 表 Laravel

Question

The built-in controller for resetting the password Auth \\ Reset Password Controller has the reset function

public function reset(Request $request)
{
$request->validate($this->rules(), $this->validationErrorMessages());

// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
    $this->credentials($request), function ($user, $password) {
        $this->resetPassword($user, $password);
    }
);

// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
            ? $this->sendResetResponse($request, $response)
            : $this->sendResetFailedResponse($request, $response);
}

Well, here we are working with the user and their incoming data. However, I can't understand where the work with the password_resets table (built-in) is going? After all, after password recovery, entries are added/deleted there. I think (maybe incorrectly) that this is implemented in the broker () method, but I can't find it in the hierarchy of traits, interfaces, and other classes.

Answer 1

Checkout /vendor/laravel/framework/src/Illuminate/Auth/Passwords/DatabaseTokenRepository.php

This is the default class that implements the TokenRepositoryInterface and is used by the /vendor/laravel/framework/src/Illuminate/Auth/Passwords/PasswordBroker.php .

Inside this class you can find all the actual functionality that handles the password resets including the table operations you mention. For example, one method you'll find is:

/**
 * Create a new token record.
 *
 * @param  \Illuminate\Contracts\Auth\CanResetPassword  $user
 * @return string
 */
public function create(CanResetPasswordContract $user)
{
    $email = $user->getEmailForPasswordReset();

    $this->deleteExisting($user);

    // We will create a new, random token for the user so that we can e-mail them
    // a safe link to the password reset form. Then we will insert a record in
    // the database so that we can verify the token within the actual reset.
    $token = $this->createNewToken();

    $this->getTable()->insert($this->getPayload($email, $token));

    return $token;
}