当更改新密码时,Laravel检查旧密码

时间:2018-04-28 09:08:27

标签: php laravel

我想检查用户是否传入输入new_password传递当前密码,我想要重定向消息:Your current password can't be with new password。我怎么检查这个?我想做系统更改密码用户,但我希望拒绝旧密码通过。我该怎么做?

    if (!(Hash::check($request->old_password, Auth::user()->password))) {
        return response()->json(['errors' => ['Your current password can't be with new password']], 400);
    }

我的代码无效。 我需要将旧密码写入数据库吗?

5 个答案:

答案 0 :(得分:3)

        use Illuminate\Support\Facades\Hash;
        $user = User::findOrFail($id);

        /*
        * Validate all input fields
        */
        $this->validate($request, [
            'password' => Auth::user()->password,
            'new_password' => 'confirmed|max:8|different:password',
        ]);

        if (Hash::check($request->password, $user->password)) { 
           $user->fill([
            'password' => Hash::make($request->newPassword)
            ])->save();

           $request->session()->flash('success', 'Password changed');
            return redirect()->route('your.route');

        } else {
            $request->session()->flash('error', 'Password does not match');
            return redirect()->route('your.route');
        }

答案 1 :(得分:3)

  • accepted answer很好。但是最好将Hash::check作为附加的验证规则,所以我们将Jonson的答案所建议的所有错误消息都存储在一起。
  • 但是,由于我们的自定义验证是rules数组的一部分,因此我们不需要使用Validator::make

这是基于两个答案的解决方案:

$user = auth()->user();
        
$validated = $request->validate([
    'current_password' => [
        'required',
        
        function ($attribute, $value, $fail) use ($user) {
            if (!Hash::check($value, $user->password)) {
                $fail('Your password was not updated, since the provided current password does not match.');
            }
        }
    ],
    'new_password' => [
        'required', 'min:6', 'confirmed', 'different:current_password'
    ]
]);

$user->fill([
    'password' => Hash::make($validated['new_password'])
])->save();

$request->session()->flash('notification', 'Your password has been updated successfully.');

return back();

答案 2 :(得分:2)

$validator = Validator::make($request->all(), [
    'old_password' => [
        'required', function ($attribute, $value, $fail) {
            if (!Hash::check($value, Auth::user()->password)) {
                $fail('Old Password didn\'t match');
            }
        },
    ],
]);

if($validator->fails()) {
    return redirect()->back()->withInput()->withErrors($validator);
}
  

您可能需要在控制器中包括以下库。 

use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Hash;

答案 3 :(得分:0)

你可以这样做

if ( Hash::make($request->new_password) == Auth::user()->password) {
        return response()->json(['errors' => ['Your current password can't be with new password']], 400);
    }

答案 4 :(得分:0)

对照会话密码检查您的旧密码字段,并返回错误和所需的验证。

if (!Hash::check($request['old_password'], Auth::user()->password)) {
      return response()->json(['error' => ['The old password does not match our records.'] ]);
 }

您还需要在控制器中包括以下库。

use Auth;
use Illuminate\Support\Facades\Hash;
相关问题
最新问题