Issues in ResetPasswordController.php - All Issues - Inspection of "wip - api" - devpri/tinre-core - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 72576e...ceb7cb )

by Paul

created 2020-09-04 13:50 UTC

Http/Controllers/Auth/ResetPasswordController.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

namespace Devpri\Tinre\Http\Controllers\Auth;

use Devpri\Tinre\Events\PasswordReset;
use Devpri\Tinre\Http\Controllers\Controller;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;

class ResetPasswordController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Password Reset Controller
    |--------------------------------------------------------------------------
    |
    | This controller is responsible for handling password reset requests.
    |
    */

    /**
     * Display the password reset view for the given token.
     *
     * If no token is present, display the link request form.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  string|null  $token
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
     */
    public function showResetForm(Request $request, $token = null)
    {
        return view('tinre::auth.passwords.reset')->with(
            ['token' => $token, 'email' => $request->email]
        );
    }

    /**
     * Reset the given user's password.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
     */
    public function reset(Request $request)
    {
        $request->validate($this->rules(), $this->validationErrorMessages());

        // Here we will attempt to reset the user's password. If it is successful we
        // will update the password on an actual user model and persist it to the
        // database. Otherwise we will parse the error and return the response.
        $response = $this->broker()->reset(
            $this->credentials($request),
            function ($user, $password) {
                $this->resetPassword($user, $password);
            }
        );

        // If the password was successfully reset, we will redirect the user back to
        // the application's home authenticated view. If there is an error we can
        // redirect them back to where they came from with their error message.
        return $response == Password::PASSWORD_RESET
            ? $this->sendResetResponse($request, $response)
            : $this->sendResetFailedResponse($request, $response);
    }

    /**
     * Get the password reset validation rules.
     *
     * @return array
     */
    protected function rules()
    {
        return [
            'token' => 'required',
            'email' => 'required|email',
            'password' => 'required|confirmed|min:8',
        ];
    }

    /**
     * Get the password reset validation error messages.
     *
     * @return array
     */
    protected function validationErrorMessages()
    {
        return [];
    }

    /**
     * Get the password reset credentials from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return array
     */
    protected function credentials(Request $request)
    {
        return $request->only(
            'email',
            'password',
            'password_confirmation',
            'token'
        );
    }

    /**
     * Reset the given user's password.
     *
     * @param  \Illuminate\Contracts\Auth\CanResetPassword  $user
     * @param  string  $password
     * @return void
     */
    protected function resetPassword($user, $password)
    {
        $this->setUserPassword($user, $password);

        $user->setRememberToken(Str::random(60));

        $user->save();

        event(new PasswordReset($user));

        $this->guard()->login($user);
    }

    /**
     * Set the user's password.
     *
     * @param  \Illuminate\Contracts\Auth\CanResetPassword  $user
     * @param  string  $password
     * @return void
     */
    protected function setUserPassword($user, $password)
    {
        $user->password = Hash::make($password);

    }

    /**
     * Get the response for a successful password reset.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  string  $response
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
     */
    protected function sendResetResponse(Request $request, $response)
    {
        if ($request->wantsJson()) {
            return new JsonResponse(['message' => trans($response)], 200);
        }

        return redirect(route('login'))
            ->with('status', trans($response));
    }

    /**
     * Get the response for a failed password reset.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  string  $response
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
     */
    protected function sendResetFailedResponse(Request $request, $response)
    {
        if ($request->wantsJson()) {
            throw ValidationException::withMessages([
                'email' => [trans($response)],
            ]);
        }

        return redirect()->back()
            ->withInput($request->only('email'))
            ->withErrors(['email' => trans($response)]);
    }

    /**
     * Get the broker to be used during password reset.
     *
     * @return \Illuminate\Contracts\Auth\PasswordBroker
     */
    public function broker()
    {
        return Password::broker();
    }

    /**
     * Get the guard to be used during password reset.
     *
     * @return \Illuminate\Contracts\Auth\StatefulGuard
     */
    protected function guard()
    {
        return Auth::guard();
    }
}


1		<?php
2
3		namespace Devpri\Tinre\Http\Controllers\Auth;
4
5		use Devpri\Tinre\Events\PasswordReset;
6		use Devpri\Tinre\Http\Controllers\Controller;
7		use Illuminate\Http\JsonResponse;
8		use Illuminate\Http\Request;
9		use Illuminate\Support\Facades\Auth;
10		use Illuminate\Support\Facades\Hash;
11		use Illuminate\Support\Facades\Password;
12		use Illuminate\Support\Str;
13		use Illuminate\Validation\ValidationException;
14
15		class ResetPasswordController extends Controller
16		{
17		/*
18		\|--------------------------------------------------------------------------
19		\| Password Reset Controller
20		\|--------------------------------------------------------------------------
21		\|
22		\| This controller is responsible for handling password reset requests.
23		\|
24		*/
25
26		/**
27		* Display the password reset view for the given token.
28		*
29		* If no token is present, display the link request form.
30		*
31		* @param \Illuminate\Http\Request $request
32		* @param string\|null $token
33		* @return \Illuminate\Contracts\View\Factory\|\Illuminate\View\View
34		*/
35		public function showResetForm(Request $request, $token = null)
36		{
37		return view('tinre::auth.passwords.reset')->with(
38		['token' => $token, 'email' => $request->email]
39		);
40		}
41
42		/**
43		* Reset the given user's password.
44		*
45		* @param \Illuminate\Http\Request $request
46		* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Http\JsonResponse
47		*/
48	1	public function reset(Request $request)
49		{
50	1	$request->validate($this->rules(), $this->validationErrorMessages());
51
52		// Here we will attempt to reset the user's password. If it is successful we
53		// will update the password on an actual user model and persist it to the
54		// database. Otherwise we will parse the error and return the response.
55	1	$response = $this->broker()->reset(
56	1	$this->credentials($request),
57		function ($user, $password) {
58	1	$this->resetPassword($user, $password);
59	1	}
60		);
61
62		// If the password was successfully reset, we will redirect the user back to
63		// the application's home authenticated view. If there is an error we can
64		// redirect them back to where they came from with their error message.
65	1	return $response == Password::PASSWORD_RESET
66	1	? $this->sendResetResponse($request, $response)
67	1	: $this->sendResetFailedResponse($request, $response);
68		}
69
70		/**
71		* Get the password reset validation rules.
72		*
73		* @return array
74		*/
75	1	protected function rules()
76		{
77		return [
78	1	'token' => 'required',
79		'email' => 'required\|email',
80		'password' => 'required\|confirmed\|min:8',
81		];
82		}
83
84		/**
85		* Get the password reset validation error messages.
86		*
87		* @return array
88		*/
89	1	protected function validationErrorMessages()
90		{
91	1	return [];
92		}
93
94		/**
95		* Get the password reset credentials from the request.
96		*
97		* @param \Illuminate\Http\Request $request
98		* @return array
99		*/
100	1	protected function credentials(Request $request)
101		{
102	1	return $request->only(
103	1	'email',
104	1	'password',
105	1	'password_confirmation',
106	1	'token'
107		);
108		}
109
110		/**
111		* Reset the given user's password.
112		*
113		* @param \Illuminate\Contracts\Auth\CanResetPassword $user
114		* @param string $password
115		* @return void
116		*/
117	1	protected function resetPassword($user, $password)
118		{
119	1	$this->setUserPassword($user, $password);
120
121	1	$user->setRememberToken(Str::random(60));
122
123	1	$user->save();
124
125	1	event(new PasswordReset($user));
126
127	1	$this->guard()->login($user);
128	1	}
129
130		/**
131		* Set the user's password.
132		*
133		* @param \Illuminate\Contracts\Auth\CanResetPassword $user
134		* @param string $password
135		* @return void
136		*/
137	1	protected function setUserPassword($user, $password)
138		{
139	1	$user->password = Hash::make($password);
		0 ignored issues – show Bug introduced 2020-08-09 07:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this Accessing `password` on the interface `Illuminate\Contracts\Auth\CanResetPassword` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
140	1	}
141
142		/**
143		* Get the response for a successful password reset.
144		*
145		* @param \Illuminate\Http\Request $request
146		* @param string $response
147		* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Http\JsonResponse
148		*/
149	1	protected function sendResetResponse(Request $request, $response)
150		{
151	1	if ($request->wantsJson()) {
152		return new JsonResponse(['message' => trans($response)], 200);
153		}
154
155	1	return redirect(route('login'))
156	1	->with('status', trans($response));
157		}
158
159		/**
160		* Get the response for a failed password reset.
161		*
162		* @param \Illuminate\Http\Request $request
163		* @param string $response
164		* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Http\JsonResponse
165		*/
166		protected function sendResetFailedResponse(Request $request, $response)
167		{
168		if ($request->wantsJson()) {
169		throw ValidationException::withMessages([
170		'email' => [trans($response)],
171		]);
172		}
173
174		return redirect()->back()
175		->withInput($request->only('email'))
176		->withErrors(['email' => trans($response)]);
177		}
178
179		/**
180		* Get the broker to be used during password reset.
181		*
182		* @return \Illuminate\Contracts\Auth\PasswordBroker
183		*/
184	1	public function broker()
185		{
186	1	return Password::broker();
187		}
188
189		/**
190		* Get the guard to be used during password reset.
191		*
192		* @return \Illuminate\Contracts\Auth\StatefulGuard
193		*/
194	1	protected function guard()
195		{
196	1	return Auth::guard();
197		}
198		}
199

devpri / tinre-core

Push — master ( 72576e...ceb7cb )

Http/Controllers/Auth/ResetPasswordController.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like