Geek Answers Handbook

Verifying / authorizing the current password in Laravel 5.1

I am trying to add a password change function for my registered / authorized users. This is your simple ole generic setup:

Current Password New Password Confirm New Password

Obviously, I can just use confirmation for the new password and password confirmation, but how can I allow the current password provided against their current current password?

The password property is hidden in the user model, so I cannot just map them.

I tried looking through Illiminate\Auth and Guard , but I did not see anything. Maybe I missed it, or maybe I'm wrong?

+5
source share
2 answers

Here's the answer in case someone else is looking for:

 $validator = $this->validator($request->all()); $validator->after(function($validator) use ($request) { $check = auth()->validate([ 'email' => $this->user->email, 'password' => $request->current_password ]); if (!$check): $validator->errors()->add('current_password', 'Your current password is incorrect, please try again.'); endif; }); if ($validator->fails()): return redirect('account/password') ->withErrors($validator) ->withInput(); endif; $this->user->password = bcrypt($request->password); $this->user->save();
+10
source

Get the current password and compare it with the new password.

 //use Auth, Hash, Input; if (Hash::check(Input::get('new_password'), Auth::user()->password)) echo "Matched"; else echo "Not matched";

Have you used laravel built into the authentication package? If so, a check has been made for you. Check the application /Http/Controller/Auth/AuthController.php, you can see this check function. You can add more if you want:

 protected function validator(array $data) { return Validator::make($data, [ 'first_name' => 'required|max:255', 'last_name' => 'required|max:255', 'email' => 'required|email|max:255|unique:users', 'password' => 'required|confirmed|min:6', ]); }

If any error occurred during the above check, it will be sent to the $ errors variable, where your blade can catch them. So, in your reset password view (view / auth / reset.blade.php), you can catch validation errors like this:

 @if (count($errors) > 0) <div class="alert alert-danger"> <strong>Whoops!</strong> There were some problems with your input.<br><br> <ul> @foreach ($errors->all() as $error) <li>{{ $error }}</li> @endforeach </ul> </div> @endif
+1
source

More articles:


All Articles