I noticed that some developers modify PasswordController.php so that the method resetPassword($user, $password) does not bcrypt password. Instead, the password is bcrypted in model User.php.
Here is an example of that: *app/Http/Controllers/Auth/*PasswordController.php:
<?php
namespace SundaySlim\Http\Controllers\Auth;
use SundaySlim\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
class PasswordController extends Controller
{
use ResetsPasswords;
public function __construct()
{
$this->redirectTo = route('backend.dashboard');
$this->middleware('guest');
}
protected function resetPassword($user, $password)
{
$user->password = $password;
$user->save();
auth()->login($user);
}
}
As you can see, there is resetPassword($user, $password) method copied from vendor/laravel/framework/src/Illuminate/Foundation/Auth/ ResetPasswords.php. It is modified so that there is no bcrypting password.
Here's how this method originally looked like:
protected function resetPassword($user, $password)
{
$user->password = bcrypt($password);
$user->save();
Auth::guard($this->getGuard())->login($user);
}
(also, as you can see - Auth::guard($this->getGuard())->login($user); is changed to auth()->login($user);)
The idea is to create a mutator in model Users.php in which password will be bcrypted.
So, here is the model User.php with that mutator:
<?php
namespace SundaySlim;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
protected $fillable = [
'name', 'email', 'password',
];
protected $hidden = [
'password', 'remember_token',
];
public function setPasswordAttribute($value)
{
$this->attributes['password'] = bcrypt($value);
}
}
Questions:
1. What would be the reason to do something like that (to create a mutator in Users.php to bcrypt password AND NOT in resetPassword($user, $password) as it is by default)?
2. What is the difference between: auth()->login($user); and Auth::guard($this->getGuard())->login($user); ?
By the way, here is the routes.php:
Route::group(['middleware' => ['web']], function () {
Route::get('backend/dashboard', [
'uses'=>'Backend\DashboardController@index',
'as'=>'backend.dashboard'
]);
Route::controller('auth', 'Auth\AuthController', [
'getLogin' => 'auth.login',
'getLogout' => 'auth.logout'
]);
Route::controller('auth/password', 'Auth\PasswordController', [
'getEmail' => 'auth.password.email',
'getReset' => 'auth.password.reset'
]);
});
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire