在提交更改密码表格后我收到了未经授权的页面,并在laravel 5中调用了注销功能

时间:2015-07-06 07:47:24

标签: laravel laravel-4 laravel-5

我在PassowrdController中重写了postReset方法:

public function postReset(Request $request)
{         
   $data = Input::all();

    $rules = array(
        'token' => 'required',
        'current_password' => 'required|currentpasscheck',
        'password' => 'required|confirmed',
    );

    $messages = array(
        'currentpasscheck' => 'Your old password was incorrect',
    );

    Validator::extend('currentpasscheck', function ($attribute, $value, $parameters) 
    {
        return Hash::check($value, Auth::user()->getAuthPassword());
    });

    $validation = Validator::make($data, $rules, $messages);

    if ($validation->fails())
    {
        // Validation has failed.
        return Redirect::to('password-reset')
                        ->withErrors($validation)
                        ->withInput();
    }

    $user = Auth::user();
    $user->password = bcrypt($data['password']);
    $user->save();

    $this->auth->logout();   

    return Redirect::to('/');   
}        

路线:

Route::post('/password/reset', 'Auth\PasswordController@postReset');//this can be accessed by auth user

reset.blade.php

@extends('app')

@section('content')
 <div class="container-fluid">
  <div class="row">
    <div class="col-md-8 col-md-offset-2">
        <div class="panel panel-default">
            <div class="panel-heading">Reset Password</div>
            <div class="panel-body">
                @if (count($errors) > 0)
                    <div class="alert alert-danger">
                        <strong>Whoops!</strong> There were some problems with your input.<br><br>
                        <ul>
                            @foreach ($errors->all() as $error)
                                <li>{{ $error }}</li>
                            @endforeach
                        </ul>
                    </div>
                @endif

                <form class="form-horizontal" role="form" method="POST"      action="{{ url('/password/reset') }}">
                    <input type="hidden" name="_token" value="{{ csrf_token() }}">
                    <input type="hidden" name="token" value="{{ $token }}">

                    <div class="form-group">
  <!--                            <label class="col-md-4 control-label">E-Mail Address</label>-->
                        <label class="col-md-4 control-label">Current Password</label>
                        <div class="col-md-6">
                            <input type="password" class="form-control" name="current_password" value="{{ old('current_password') }}">
                        </div>
                    </div>

                    <div class="form-group">
                        <label class="col-md-4 control-label">Password</label>
                        <div class="col-md-6">
                            <input type="password" class="form-control" name="password">
                        </div>
                    </div>

                    <div class="form-group">
                        <label class="col-md-4 control-label">Confirm Password</label>
                        <div class="col-md-6">
                            <input type="password" class="form-control" name="password_confirmation">
                        </div>
                    </div>

                    <div class="form-group">
                        <div class="col-md-6 col-md-offset-4">
                            <button type="submit" class="btn btn-primary">
                                Reset Password
                            </button>
                        </div>
                    </div>
                </form>
            </div>
        </div>
    </div>
</div>
   </div>
        @endsection

但在提交更改密码表单后,我收到了未经授权的页面。

0 个答案:

没有答案