stackoom
  简体   繁体   中英

Laravel password broker facade

 原文  2018-01-16 13:35:33       php/ laravel/ passwords

Question

How can I match user with token using a password broker facade in Laravel 5.5?

I am sending a mail to user by generating a token: 

app('auth.password.broker')->createToken($this->user)

This automatically fills the password_resets table in DB with user email and with token value which looks like it is hashed.

The callback URL for user is password-reset/{token} and now I want to check whether token is valid by checking if it exists in the DB and if user connected to it even triggered a password reset. 

$tokenValid = DB::table('password_resets')->where('token', $input['token'])->first();

This however does not work as the token from the input is not hashed in any way. I tried this also 

$tokenValid = DB::table('password_resets')->where('token', bcrypt($input['token']))->first();

But the hashed value comes out incorrectly.

Does someone know how to match it with DB value?

2 answers

solution1
 2 ACCPTED  2018-01-17 08:58:36

I found the answer. Two hashes, even though different, may match. Doing a bcrypt() function twice on the same string will not produce the same hash, so there is a helper method to check if the hashes match: 

Hash::check($input['token'], $token->token)

solution2
 0  2018-09-05 20:30:13

you can insert the unhashed token into (password_resets) database table like this:- 

public function forgotpassword_post(){
    $admin=Admin::where('email',request('email'))->first();
    if(!empty($admin)){
        $token=app('auth.password.broker')->createToken($admin);
        Mail::to($admin->email)->send(new AdminResetPassword(['data'=>$admin,'token'=>$token]));
        DB::table('password_resets')->insert([
            'email'=>$admin->email,
            'token'=>$token,
            'created_at'=>Carbon::now()
        ]);
        Session::flash('success','sent');
        return back();
    }
 return back();

}

you can check for token validation like this :- 

public function reset_password($token){

 $check_token= DB::table('password_resets')->where('token',$token)->where('created_at','>',Carbon::now()->subHours(2))->first();
 if(!empty($check_token)){
  return view('admin.reset_password',['data'=>$check_token]);
 }else{
     return redirect('/admin/forgorpassword');
 }

}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Mocking Password facade in Laravel 4 Laravel 5.3 Password Broker Customization Where is Laravel Password::broker() and what does it do? Custom Reset Password with broker() ignored in Laravel How do I override / add to the Password Broker in Laravel? Facade error in laravel 5.2 Laravel facade __constructor() usage Mocking Input Facade in Laravel 4 Cache facade not working in Laravel 5 How to extends a facade in laravel?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM