Last active
July 25, 2020 04:46
-
-
Save othyn/7626114e3e29f51a0391c70656a01d21 to your computer and use it in GitHub Desktop.
Laravel 6.x change password (Routes, Controller, Request & View)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- resources/views/layouts/app.blade.php --> | |
<!-- Add this to the nav, so that the user can navigate to the change password screen from a contextual location --> | |
... | |
<div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdown"> | |
<!-- Add from this bit ... --> | |
<a class="dropdown-item" href="{{ route('password.edit') }}"> | |
{{ __('Change Password') }} | |
</a> | |
<!-- ... to here. --> | |
<a class="dropdown-item" href="{{ route('logout') }}" | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- resources/views/auth/passwords/change.blade.php --> | |
<!-- This view is in the same format and style as the login.blade.php and other Laravel views of the same nature --> | |
@extends('layouts.app') | |
@section('content') | |
<div class="container"> | |
<div class="row justify-content-center"> | |
<div class="col-md-8"> | |
<div class="card shadow-sm"> | |
<div class="card-header">{{ __('Change Password') }}</div> | |
<div class="card-body"> | |
<form method="POST" action="{{ route('password.update') }}"> | |
@csrf | |
<div class="form-group row"> | |
<label for="current_password" class="col-md-4 col-form-label text-md-right">{{ __('Current Password') }}</label> | |
<div class="col-md-6"> | |
<input id="current_password" type="password" class="form-control @error('current_password') is-invalid @enderror" name="current_password" required autocomplete="current-password"> | |
@error('current_password') | |
<span class="invalid-feedback" role="alert"> | |
<strong>{{ $message }}</strong> | |
</span> | |
@enderror | |
</div> | |
</div> | |
<div class="form-group row"> | |
<label for="new_password" class="col-md-4 col-form-label text-md-right">{{ __('New Password') }}</label> | |
<div class="col-md-6"> | |
<input id="new_password" type="password" class="form-control @error('new_password') is-invalid @enderror" name="new_password" required autocomplete="new-password"> | |
@error('new_password') | |
<span class="invalid-feedback" role="alert"> | |
<strong>{{ $message }}</strong> | |
</span> | |
@enderror | |
</div> | |
</div> | |
<div class="form-group row"> | |
<label for="new_password_confirmation" class="col-md-4 col-form-label text-md-right">{{ __('Confirm New Password') }}</label> | |
<div class="col-md-6"> | |
<input id="new_password_confirmation" type="password" class="form-control" name="new_password_confirmation" required autocomplete="new-password"> | |
</div> | |
</div> | |
<div class="form-group row mb-0"> | |
<div class="col-md-6 offset-md-4"> | |
<button type="submit" class="btn btn-primary"> | |
{{ __('Change Password') }} | |
</button> | |
</div> | |
</div> | |
</form> | |
</div> | |
</div> | |
</div> | |
</div> | |
</div> | |
@endsection |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* app/Http/Controllers/Auth/ChangePasswordController.php | |
* | |
* Made via the command: | |
* $ php artisan make:controller Auth/ChangePasswordController -r | |
* | |
* This is the custom controller that will do all the heavy lifting for | |
* changing the users password. | |
*/ | |
namespace App\Http\Controllers\Auth; | |
use App\Http\Controllers\Controller; | |
use App\Http\Requests\ChangePasswordRequest; | |
use App\Providers\RouteServiceProvider; | |
use Illuminate\Contracts\Support\Renderable; | |
use Illuminate\Http\RedirectResponse; | |
use Illuminate\Support\Facades\Hash; | |
class ChangePasswordController extends Controller | |
{ | |
/** | |
* Show the form for editing the specified resource. | |
* | |
* @return \Illuminate\Contracts\Support\Renderable | |
*/ | |
public function edit(): Renderable | |
{ | |
return view('auth.passwords.change'); | |
} | |
/** | |
* Update the specified resource in storage. | |
* | |
* @param \App\Http\Requests\ChangePasswordRequest $request | |
* | |
* @return \Illuminate\Routing\Redirector|\Illuminate\Http\RedirectResponse | |
*/ | |
public function update(ChangePasswordRequest $request): RedirectResponse | |
{ | |
$user = request()->user(); | |
// The hash function must be the same as in RegisterController::create() | |
$user->password = Hash::make($request->new_password); | |
$user->save(); | |
// Update the same session variable that the Laravel Auth scaffold uses | |
$request->session()->put('status', 'Your password has been updated successfully.'); | |
// Redirect in the same manner the Laravel Auth scaffold does | |
return redirect(RouteServiceProvider::HOME); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* app/Http/Requests/ChangePasswordRequest.php | |
* | |
* Made via the command: | |
* $ php artisan make:request ChangePasswordRequest | |
* | |
* This is a custom request object for handling the password change request. | |
* It keeps the validation and authorisation nice and tidy. | |
*/ | |
namespace App\Http\Requests; | |
use Illuminate\Foundation\Http\FormRequest; | |
class ChangePasswordRequest extends FormRequest | |
{ | |
/** | |
* Determine if the user is authorized to make this request. | |
* | |
* @return bool | |
*/ | |
public function authorize(): bool | |
{ | |
return null != request()->user(); | |
} | |
/** | |
* Get the validation rules that apply to the request. | |
* | |
* @return array | |
*/ | |
public function rules(): array | |
{ | |
// The validation rules must be the same as in RegisterController::validator() | |
return [ | |
'current_password' => [ | |
'required', | |
'string', | |
'min:8', | |
'password:web', | |
], | |
'new_password' => [ | |
'required', | |
'string', | |
'min:8', | |
'confirmed', | |
'different:current_password', | |
], | |
// new_password_confirmation is validated by confirmed on new_password | |
]; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* routes/web.php | |
* | |
* These routes register the password change endpoints. | |
* Make sure they go in your web routes, not your api routes. | |
* These routes adhere to the resource naming convention. | |
*/ | |
Route::group([ | |
'prefix' => 'user', | |
'middleware' => [ | |
'web', | |
'auth', | |
], | |
], function () { | |
// Password Change - View | |
// Resolves to: GET /user/password | |
Route::get('password', 'Auth\ChangePasswordController@edit') | |
->name('password.edit'); | |
// Password Change - Submit | |
// Resolves to: POST /user/password | |
Route::post('password', 'Auth\ChangePasswordController@update') | |
->name('password.update'); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
... or submit this as a PR against laravel/ui