Laravel 4.2 中没有令牌重置密码

Reset password without token in Laravel 4.2

我是 Laravel 4 的新手。

想知道以管理员身份登录时是否可以重置用户密码。在那种情况下,我不需要令牌来允许更改密码,因为当用户收到一封电子邮件以更改她的密码时。我在 ReminderController class postReset 方法中激励自己:

/**
 * Handle a POST request to reset a user's password.
 *
 * @return Response
 */
public function postReset()
{
    $credentials = Input::only(
        'email', 'password', 'password_confirmation', 'token'
    );

    $response = Password::reset($credentials, function ($user, $password) {
        $user->password = Hash::make($password);

        $user->save();

        Auth::login($user);
    });

    switch ($response) {
        case Password::INVALID_TOKEN:
            return Redirect::to('/login')->with('error', Lang::get($response));
        case Password::INVALID_PASSWORD:
        case Password::INVALID_USER:
            return Redirect::back()->with('error', Lang::get($response));

        case Password::PASSWORD_RESET:
            return Redirect::to('/')->with('message', Lang::get($response));
    }
}

但此方法在调用Password::reset时处理$credetials变量中的token string。下面是更新用户数据的方法。

public function update($colaborador)
{
      $credentials = Input::only(
        'nome_completo', 'email', 'password', 'password_confirmation', 'token'
    );
    $emailGestor = Input::get('email-gestor');
    $enviarEmail = Input::get('enviar-email');
    $user        = $colaborador->user;

    if (User::where('email', $email)->where('id', '!=', $user->id)->count() > 0) {
        $mensagem = 'O endereço de e-mail ' . $email . ' já está sendo utilizado.';
    } else  {
        $response = Password::reset($credentials, function ($credentials, $user, $password, $enviarEmail) {
            $user->nome_completo = $credentials['nome_completo'];
            $user->email = $credentials['email'];
            $user->password = Hash::make($password);

            $user->save();
            $mensagem = 'Colaborador alterado.';

            if ($enviarEmail == 1) {
                PrimeiroAcesso::remind(['email' => $email], function ($msg) {
                    $msg->subject('Assessment – Mapeamento de Competências Funcionais Natura');
                });
                $mensagem .= ' E-mail de primeiro acesso enviado.';
            }
        });

        switch ($response) {
            case Password::INVALID_TOKEN:
                $mensagem = 'Token inválido.'; break;
            case Password::INVALID_PASSWORD:
                $mensagem = 'Senha inválida.'; break;
            case Password::INVALID_USER:
                $mensagem = 'Nome de usuário inválido'; break;
            default: break;
        }
    }

    if ($emailGestor == '' && $colaborador->gestor) {
        $colaborador->gestor()->dissociate();
        $colaborador->save();
        $mensagem .= ' Gestor removido.';
    } else {
        $gestor = User::with('colaborador')->where('email', $emailGestor)->first();

        if ($gestor) {
            $colaborador->gestor()->associate($gestor->colaborador);
            $colaborador->save();
            $mensagem .= ' Gestor alterado para ' . $emailGestor . '.';
        }
    }

    return Redirect::route('admin.colaborador.index')->with('flash_message', $mensagem);
}


$credentials = Input::only(
            'nome_completo', 'email', 'password', 'password_confirmation', 'token'
        );

我从视图中的表单中得到 token

Illuminate\Auth\Reminders\PasswordBroker中找到的reset方法需要额外的token参数作为credentials数组的一部分,因为它需要从[=中删除相应的条目14=] table 如果重置成功。因此,如果 table 中没有匹配的 token 条目,您将无法使用该方法,因为您会收到 INVALID_TOKEN 响应。

也就是说,这里有 2 个选项:

  1. 您在使用前创建了一个新令牌Password::reset
  2. 手动更新给定用户的密码

我个人只使用第二个,因为它更容易,并且它跳过了将令牌保存到数据库的额外步骤,只是在重置密码后将其删除,所有这些都在同一个请求中。

像这样简单的事情应该做的(当然你可以扩展它以满足你的个人需求):

// Get the request parameters
list($name, $email, $password, $passwordConfirmation) = Input::only('nome_completo', 'email', 'password', 'password_confirmation');

// Search for a user matching the email address
$user = User::where('email', $email)->first();

// Go ahead if a user matching that email was found
if ( ! is_null($user))
{
    // Check if the password and password confirmation match
    // NOTE: you can do additional validations here if needed
    if ($password == $passwordConfirmation)
    {
        $user->nome_completo = $name;
        $user->password = Hash::make($password);
        $user->save();
    }
}