I am having some troubles with the forgot password functionality.
Every time that I request for a new password a new record is inserted into the password_resets table for this email and a hashed token is inserted. Also, I receive the email correctly with a link to http://localhost:8000/password/reset?ec3f6561901d26f8f42d9b61b0b8a32538edecf51a7ed7459ed74d399ddcc8ba => notice that this token is not hashed in comparison to the one in the db
And this is my reset():
public function reset(Request $request)
{
$credentials = $this->credentials($request);
$credentials['token'] = $credentials['_token'];
unset($credentials['_token']);
$response = $this->broker()->reset(
$credentials, function ($user, $password) {
$user->password = Hash::make($password);
$user->token = null;
$user->save();
}
);
}
Ideally I'd like to remove the $this->broker()->reset() bit and just use something like: $token = \DB::table('password_resets')->where('token', $request->get('token'))->first();
Thing is that when I dd($response) I see that it succeeds that the password hash in the users table remains the same as before.
Any ideas of what could be going wrong ?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire