Laravel 5.3 - How to change a logged-in user’s password?

Question

Laravel 5.3 - How to change a logged-in user’s password?

Asked 8 years ago

Viewed 2,002 times

1

I’m having difficulty creating a method that allows me to make a password change form available to logged in users. I would like to use the class methods: App Http Controllers Auth Resetpasswordcontroller.

Currently I have a view with 3 fields, being them:

current password
new_password
nova_senha_confirmation

In the controller I have a method with the code to validate the received data and keep it in the database:

    $this->validate($request, [
                                'senha_atual' => 'required|min:8',
                                'nova_senha' => 'required|min:8|confirmed']);

    if (!Hash::check($request->senha_atual, Auth::user()->password))
    {
        return redirect('/painel/alterarSenha')->withErrors(['senha_atual' => 'Senha incorreta'])->withInput();;
    }

    $resultado = $request->user()->fill([
        'password' => Hash::make($request->input('nova_senha'))
    ])->save();

    if($resultado)
    {
        return redirect('/painel')->with(['success' => 'Senha alterada com sucesso!']);
    }

But as I mentioned before, I would like to use the methods of controlling Resetpasswordcontroller that extends from Illuminate Foundation Auth Resetspasswords, even to follow a solid, code-free approach.

2 answers

Browser other questions tagged php laravel

You are not signed in. Login or sign up in order to post.

by Hsf_Scientist • 11 points · Answer 1 · 2017-04-04T23:18:26+00:00

Using Hash::check as you used, it served me.

 public function updateOwn(Request $request, $id)
    {

        $input = $request->all();

        if (! Hash::check($input['password_old'],Auth::user()->password)){
            return redirect('users/edit_own')->withErrors(['password' => 'Senha atual está incorreta'])->withInput();
        }

        $validator = Validator::make($request->all(), [
            'email'      => 'required|email|unique:users,email,' . $input['id'],
            'password'   => ["required"],
            'password_confirmation' => 'required|same:password'
        ]);

        if ($validator->fails()) {
            return redirect('users/edit_own')
                ->withErrors($validator)
                ->withInput();
        }
        $user = $this->users->find($id);

        $input['password'] = bcrypt($input['password']);//criptografa password

        $user->update($input);
        flash()->success('Usuário atualizado com sucesso. - '.$user->name);//flash message teste
        return redirect()->route('/home');
    }

The user can only change his data if he confirms the previous password.

by eduardo costa • 99 points · Answer 2 · 2016-11-02T18:16:34+00:00

But have you tried that method? Normally I do exactly the way you did above and only use the Resetpassword method for users who have lost password.

I think the way you want to use it won’t work because the Resetpassword method has a middleware('guest') that will cause the user to be redirected if logged in.

By the way, if you found a better way to do it say, because I’m new in the area and I wanted to know other methods.

I hope it was helpful, hug.