使用Auth passport重置密码不会自动撤销访问令牌Laravel

时间:2018-05-19 05:53:27

标签: laravel access-token laravel-passport

我有一个LARAVEL的应用程序,我使用默认的auth系统实现了护照(密码授权类型)。当用户请求重置密码我将密码令牌发送给用户的电子邮件和密码重置过程正常。

但是我的问题是在成功重置用户密码之后,应该自动撤销或删除与该用户关联的所有访问令牌!我以为这个过程是自动的,或者我错过了什么...... 

$response = $this->broker()->reset(
    $this->credentials($request), function ($user, $password) {
        $this->resetPassword($user, $password);
    }
);
if ($request->wantsJson()) {
    if ($response == Password::PASSWORD_RESET) {
        return $this->respond(["status"=>"success","success"=>1 , 'message' => trans('passwords.reset')]);
    } else {
        return response()->json([ 'status' => "fail", 'success' => 0,'error' => 202, 'message' => trans($response) ], 202);
    }
}

或者我应该像这样手动完成这个过程吗?

$response = $this->broker()->reset(
    $this->credentials($request), function ($user, $password) {
        $this->resetPassword($user, $password);
    }
);
if ($request->wantsJson()) {
    if ($response == Password::PASSWORD_RESET) {
    /* The following code is added */
        $userTokens = User::whereEmail($data['email'])->first()->tokens;
            foreach($userTokens as $token) {
                $token->delete();   
            }
        return $this->respond(["status"=>"success","success"=>1 , 'message' => trans('passwords.reset')]);
    } else {
        return response()->json([ 'status' => "fail", 'success' => 0,'error' => 202, 'message' => trans($response) ], 202);
    }
}

0 个答案:

没有答案
相关问题
最新问题