How can I match user with token using a password broker facade in Laravel 5.5?
I am sending a mail to user by generating a token:
app('auth.password.broker')->createToken($this->user)
This automatically fills the password_resets
table in DB with user email and with token value which looks like it is hashed.
The callback URL for user is password-reset/{token}
and now I want to check whether token is valid by checking if it exists in the DB and if user connected to it even triggered a password reset.
$tokenValid = DB::table('password_resets')->where('token', $input['token'])->first();
This however does not work as the token from the input is not hashed in any way. I tried this also
$tokenValid = DB::table('password_resets')->where('token', bcrypt($input['token']))->first();
But the hashed value comes out incorrectly.
Does someone know how to match it with DB value?
I found the answer. Two hashes, even though different, may match. Doing a bcrypt()
function twice on the same string will not produce the same hash, so there is a helper method to check if the hashes match:
Hash::check($input['token'], $token->token)
you can insert the unhashed token into (password_resets) database table like this:-
public function forgotpassword_post(){
$admin=Admin::where('email',request('email'))->first();
if(!empty($admin)){
$token=app('auth.password.broker')->createToken($admin);
Mail::to($admin->email)->send(new AdminResetPassword(['data'=>$admin,'token'=>$token]));
DB::table('password_resets')->insert([
'email'=>$admin->email,
'token'=>$token,
'created_at'=>Carbon::now()
]);
Session::flash('success','sent');
return back();
}
return back();
}
you can check for token validation like this :-
public function reset_password($token){
$check_token= DB::table('password_resets')->where('token',$token)->where('created_at','>',Carbon::now()->subHours(2))->first();
if(!empty($check_token)){
return view('admin.reset_password',['data'=>$check_token]);
}else{
return redirect('/admin/forgorpassword');
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.