我是Laravel 4的新手。
以管理员身份登录时,想知道我是否可以重置用户密码。在这种情况下,我不需要令牌来允许更改密码,就像用户收到更改密码的电子邮件一样。我在ReminderController类postReset方法中鼓舞自己:
/**
* Handle a POST request to reset a user's password.
*
* @return Response
*/
public function postReset()
{
$credentials = Input::only(
'email', 'password', 'password_confirmation', 'token'
);
$response = Password::reset($credentials, function ($user, $password) {
$user->password = Hash::make($password);
$user->save();
Auth::login($user);
});
switch ($response) {
case Password::INVALID_TOKEN:
return Redirect::to('/login')->with('error', Lang::get($response));
case Password::INVALID_PASSWORD:
case Password::INVALID_USER:
return Redirect::back()->with('error', Lang::get($response));
case Password::PASSWORD_RESET:
return Redirect::to('/')->with('message', Lang::get($response));
}
}
但是这个方法在调用token string
时处理$credetials
变量中的Password::reset
。 Bellow是更新用户数据的方法。
public function update($colaborador)
{
$credentials = Input::only(
'nome_completo', 'email', 'password', 'password_confirmation', 'token'
);
$emailGestor = Input::get('email-gestor');
$enviarEmail = Input::get('enviar-email');
$user = $colaborador->user;
if (User::where('email', $email)->where('id', '!=', $user->id)->count() > 0) {
$mensagem = 'O endereço de e-mail ' . $email . ' já está sendo utilizado.';
} else {
$response = Password::reset($credentials, function ($credentials, $user, $password, $enviarEmail) {
$user->nome_completo = $credentials['nome_completo'];
$user->email = $credentials['email'];
$user->password = Hash::make($password);
$user->save();
$mensagem = 'Colaborador alterado.';
if ($enviarEmail == 1) {
PrimeiroAcesso::remind(['email' => $email], function ($msg) {
$msg->subject('Assessment – Mapeamento de Competências Funcionais Natura');
});
$mensagem .= ' E-mail de primeiro acesso enviado.';
}
});
switch ($response) {
case Password::INVALID_TOKEN:
$mensagem = 'Token inválido.'; break;
case Password::INVALID_PASSWORD:
$mensagem = 'Senha inválida.'; break;
case Password::INVALID_USER:
$mensagem = 'Nome de usuário inválido'; break;
default: break;
}
}
if ($emailGestor == '' && $colaborador->gestor) {
$colaborador->gestor()->dissociate();
$colaborador->save();
$mensagem .= ' Gestor removido.';
} else {
$gestor = User::with('colaborador')->where('email', $emailGestor)->first();
if ($gestor) {
$colaborador->gestor()->associate($gestor->colaborador);
$colaborador->save();
$mensagem .= ' Gestor alterado para ' . $emailGestor . '.';
}
}
return Redirect::route('admin.colaborador.index')->with('flash_message', $mensagem);
}
在
$credentials = Input::only(
'nome_completo', 'email', 'password', 'password_confirmation', 'token'
);
我从视图中的表单中获取token
。
答案 0 :(得分:3)
reset
中的Illuminate\Auth\Reminders\PasswordBroker
方法需要额外的token
参数作为凭证数组的一部分,因为它需要从{{1}中删除相应的条目}表如果重置成功。因此,如果该表中没有匹配的password_reminders
条目,您将无法使用该方法,因为您正在获得token
响应。
话虽如此,这里有两个选择:
INVALID_TOKEN
我个人只是使用第二个,因为它更容易,它跳过了将令牌保存到数据库的额外步骤,只是在重置密码后删除它,所有这些都在同一个请求中。
这应该做的事情很简单(当然你可以扩展它以满足你的个人需求):
Password::reset