1
|
|
|
<?php namespace App\Http\Controllers\Auth; |
2
|
|
|
|
3
|
|
|
use App\Events\Users\RequestedResetPasswordLink; |
4
|
|
|
use App\Events\Users\ResetPassword; |
5
|
|
|
use App\Exceptions\Common\ValidationException; |
6
|
|
|
use App\Exceptions\Users\TokenNotValidException; |
7
|
|
|
use App\Http\Controllers\Controller; |
8
|
|
|
use App\Models\User; |
9
|
|
|
use App\Notifications\ResetPasswordNotification; |
10
|
|
|
use Illuminate\Contracts\Auth\PasswordBroker; |
11
|
|
|
use Illuminate\Database\Eloquent\ModelNotFoundException; |
12
|
|
|
use Illuminate\Foundation\Auth\RedirectsUsers; |
13
|
|
|
use Illuminate\Http\Request; |
14
|
|
|
|
15
|
|
|
class PasswordController extends Controller |
16
|
|
|
{ |
17
|
|
|
use RedirectsUsers; |
18
|
|
|
|
19
|
|
|
/** |
20
|
|
|
* Create a new password controller instance. |
21
|
|
|
*/ |
22
|
4 |
|
public function __construct() |
23
|
|
|
{ |
24
|
4 |
|
$this->middleware('guest'); |
25
|
4 |
|
} |
26
|
|
|
|
27
|
|
|
/** |
28
|
|
|
* Display the form to request a password reset link. |
29
|
|
|
* |
30
|
|
|
* @return \Illuminate\View\View|\Illuminate\Contracts\View\Factory |
31
|
|
|
*/ |
32
|
|
|
public function requestPasswordResetLink() |
33
|
|
|
{ |
34
|
|
|
return view('password/email'); |
35
|
|
|
} |
36
|
|
|
|
37
|
|
|
/** |
38
|
|
|
* Send a password reset link to the given email's owner, via email. |
39
|
|
|
* |
40
|
|
|
* @param \Illuminate\Http\Request $request |
41
|
|
|
* |
42
|
|
|
* @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse |
43
|
|
|
* @throws \App\Exceptions\Common\ValidationException |
44
|
|
|
*/ |
45
|
2 |
|
public function sendPasswordResetLink(Request $request) |
46
|
|
|
{ |
47
|
2 |
|
$validator = app('validator')->make($request->all(), [ |
48
|
2 |
|
'email' => 'required|email|max:255' |
49
|
|
|
]); |
50
|
2 |
|
if ($validator->fails()) { |
51
|
1 |
|
throw new ValidationException($validator); |
52
|
|
|
} |
53
|
|
|
|
54
|
2 |
|
$user = User::whereEmail($request->only('email'))->first(); |
55
|
2 |
|
if (is_null($user)) { |
56
|
1 |
|
throw new ModelNotFoundException(trans('passwords.user')); |
57
|
|
|
} |
58
|
|
|
|
59
|
1 |
|
$user->notify(new ResetPasswordNotification($token = app('auth.password.broker')->createToken($user))); |
60
|
|
|
|
61
|
1 |
|
event(new RequestedResetPasswordLink($user)); |
62
|
|
|
|
63
|
1 |
|
if ($request->expectsJson()) { |
64
|
1 |
|
$response = ['message' => trans('passwords.sent')]; |
65
|
1 |
|
if (env('APP_ENV') == 'testing') { |
66
|
1 |
|
$response['token'] = $token; |
67
|
|
|
} |
68
|
|
|
|
69
|
1 |
|
return response()->json($response); |
70
|
|
|
} |
71
|
|
|
|
72
|
|
|
return redirect()->back()->with('message', trans('passwords.sent')); |
73
|
|
|
} |
74
|
|
|
|
75
|
|
|
/** |
76
|
|
|
* Display the password reset view for the given token. |
77
|
|
|
* |
78
|
|
|
* @param \Illuminate\Http\Request $request |
79
|
|
|
* @param string $token |
80
|
|
|
* |
81
|
|
|
* @return \Illuminate\Http\JsonResponse|\Illuminate\View\View|\Illuminate\Contracts\View\Factory |
82
|
|
|
*/ |
83
|
|
|
public function showPasswordResetForm(Request $request, $token = null) |
84
|
|
|
{ |
85
|
|
|
if (is_null($token)) { |
86
|
|
|
if ($request->expectsJson()) { |
87
|
|
|
throw new TokenNotValidException(); |
88
|
|
|
} |
89
|
|
|
|
90
|
|
|
return view('password/reset')->withErrors(['token' => trans(PasswordBroker::INVALID_TOKEN)]); |
91
|
|
|
} |
92
|
|
|
|
93
|
|
|
if ($request->expectsJson()) { |
94
|
|
|
return response()->json(['token' => $token]); |
95
|
|
|
} |
96
|
|
|
|
97
|
|
|
return view('password/reset')->with('token', $token); |
98
|
|
|
} |
99
|
|
|
|
100
|
|
|
/** |
101
|
|
|
* Reset the password through password-reset-token and email provided. |
102
|
|
|
* |
103
|
|
|
* @param \Illuminate\Http\Request $request |
104
|
|
|
* |
105
|
|
|
* @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse |
106
|
|
|
* @throws \App\Exceptions\Common\ValidationException |
107
|
|
|
*/ |
108
|
2 |
|
public function resetPassword(Request $request) |
109
|
|
|
{ |
110
|
2 |
|
$validator = app('validator')->make($request->all(), [ |
111
|
2 |
|
'token' => 'required|string', |
112
|
2 |
|
'email' => 'required|email|max:255', |
113
|
2 |
|
'password' => 'required|confirmed|min:' . app('config')->get('auth.passwords.users.min_length') |
114
|
|
|
]); |
115
|
2 |
|
if ($validator->fails()) { |
116
|
1 |
|
throw new ValidationException($validator); |
117
|
|
|
} |
118
|
|
|
|
119
|
2 |
|
$credentials = $request->only('email', 'password', 'password_confirmation', 'token'); |
120
|
|
|
|
121
|
2 |
|
$passwordBroker = app('auth.password.broker'); |
122
|
2 |
|
$response = $passwordBroker->reset( |
123
|
2 |
|
$credentials, function (User $user, $password) { |
124
|
1 |
|
$user->password = app('hash')->make($password); |
125
|
1 |
|
$user->save(); |
126
|
1 |
|
app('auth.driver')->login($user); |
127
|
2 |
|
}); |
128
|
|
|
|
129
|
|
|
switch ($response) { |
130
|
2 |
|
case $passwordBroker::INVALID_USER: |
131
|
1 |
|
throw new ModelNotFoundException(trans($response)); |
132
|
|
|
break; |
|
|
|
|
133
|
2 |
|
case $passwordBroker::INVALID_TOKEN: |
134
|
1 |
|
throw new TokenNotValidException(trans($response)); |
135
|
|
|
break; |
|
|
|
|
136
|
|
|
} |
137
|
|
|
|
138
|
1 |
|
event(new ResetPassword(app('auth.driver')->user())); |
139
|
|
|
|
140
|
1 |
|
if ($request->expectsJson()) { |
141
|
1 |
|
return response()->json(['message' => trans('passwords.reset')]); |
142
|
|
|
} |
143
|
|
|
|
144
|
|
|
return redirect($this->redirectPath())->with('message', trans('passwords.reset')); |
145
|
|
|
} |
146
|
|
|
} |
147
|
|
|
|
This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed.
Unreachable code is most often the result of
return
,die
orexit
statements that have been added for debug purposes.In the above example, the last
return false
will never be executed, because a return statement has already been met in every possible execution path.