我正在使用laravel-4 auth组件。我想创建一个将更改用户密码的功能。我的观点如下:
密码 - 文字框; new_password - 文本框; confirm_new_password - 文本框
我也检查了密码重置手册,但在该文档(http://laravel.com/docs/security#password-reminders-and-reset)中,他们正在发送密码重置邮件。 观点如下:
@extends('layouts.main')
@section('title') Change Password
@stop
@section('content')
{{ Form::open(array('url'=>'users/user-password-change', 'class'=>'block small center login')) }}
<h3 class="">Change Password</h3>
<h6>Please change your password below.</h6>
<ul>
@foreach($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
{{ Form::password('password', array('class'=>'input-block-level', 'placeholder'=>'Old Password')) }}
{{ Form::password('new_password', array('class'=>'input-block-level', 'placeholder'=>'New Password')) }}
{{ Form::password('confirm_new_password', array('class'=>'input-block-level', 'placeholder'=>'Confirm New Password')) }}
{{ Form::submit('Register', array('class'=>'k-button'))}}
{{ Form::close() }}
@stop
控制器代码如下:
public function postUserPasswordChange(){
$validator = Validator::make(Input::all(), User::$change_password_rules);
if($validator->passes()){
$user=new UserEventbot;
$user->password=Hash::make(Input::get('new_password'));
$user->save();
return Redirect::to('users/change-password');
}else {
return Redirect::to('users/change-password')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
}
}
请帮助我,如何首先将此密码与数据库表用户匹配,然后整个过程。 谢谢。
答案 0 :(得分:9)
要将当前用户密码与数据库中的密码相匹配,您可以执行以下操作
// retrieve the authenticated user
$user = Auth::user();
检索表单内用户指定的当前密码
$current_password = Input::get('current_password');
我们可以查看是否指定了当前密码,并按照以下方式检查哈希密码,
if (strlen($current_password) > 0 && !Hash::check($current_password, $user->password)) {
return Redirect::to('/user/edit-profile')->withErrors('Please specify the good current password');
}
这里需要注意的重点是功能
哈希::检查(CURRENT_PASSWORD_ENTERED_IN_FORM,HASHED_VERSION_OF_PASSWORD_STORED_IN_AUTH_USER)
最后,如果一切顺利,您可以按如下方式更新Auth和数据库中的当前用户密码,
// authenticated user
$user = Auth::user();
$user->password = Hash::make($new_password);
// finally we save the authenticated user
$user->save();
答案 1 :(得分:5)
请尝试以下操作:
public function postUserPasswordChange(){
$validator = Validator::make(Input::all(), User::$change_password_rules);
if($validator->passes()){
$user = UserEventbot::findOrFail(Auth::user()->id);
$user->password = Hash::make(Input::get('new_password'));
$user->save();
return Redirect::to('users/change-password');
}else {
return Redirect::to('users/change-password')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
}
}
答案 2 :(得分:4)
这是我自己的解决方案,我有3个输入= old_password,密码,password_confirmation,表单有action = post。 验证器检查要求,如果旧密码匹配则进行哈希检查
public function changePassword()
{
$user = Auth::user();
$rules = array(
'old_password' => 'required|alphaNum|between:6,16',
'password' => 'required|alphaNum|between:6,16|confirmed'
);
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails())
{
return Redirect::action('UserController@show',$user->id)->withErrors($validator);
}
else
{
if (!Hash::check(Input::get('old_password'), $user->password))
{
return Redirect::action('UserController@show',$user->id)->withErrors('Your old password does not match');
}
else
{
$user->password = Hash::make(Input::get('password'));
$user->save();
return Redirect::action('UserController@show',$user->id)->withMessage("Password have been changed");
}
}
}
答案 3 :(得分:0)
请尝试以下更改
public function postUserPasswordChange(){
$validator = Validator::make(Input::all(), User::$change_password_rules);
if($validator->passes()){
$user = UserEventbot::findOrFail(Auth::user()->id);
if(Hash::check(Input::get('password'), $user->getAuthPassword())) {
$user->password = Hash::make(Input::get('new_password'));
$user->save();
return Redirect::to('users/change-password')->with('message','Your password has been changed');
}
}
return Redirect::to('users/change-password')->with('message', 'The following errors occurred')->withErrors($validator);
}
你应该在密码方面排除withInput()。希望这个帮助