密码重置未在验证时返回错误消息
重置密码后,用户会收到带有密码重置链接和令牌的电子邮件。 通过打开此链接,将向用户显示“密码重置”表单(视图)。
直到这一点,一切都很好。.但是,每当我通过错误的电子邮件触发“ 电子邮件无效”错误警告时,它什么也没有。
检查C:\Users\richa\Projects\globeguru\cms\vendor\laravel\framework\src\Illuminate\Foundation\Auth\ResetsPasswords.php时,我在第3行遇到了Responsibe函数:
php
public function reset(Request $request)
{
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
此行:
$request->validate($this->rules(), $this->validationErrorMessages());
这带给我这个功能:
protected function validationErrorMessages()
{
return [];
}
我的问题是-如何触发错误消息并通过validationErrorMessages()函数将其返回?
[编辑] 根据要求,这是重置表单HTML
@section('reset-form')
<div class="alert-container" >
@if (session('status'))
<div class="alert alert-success alert-dismissible fade show" role="alert">
<p><strong>Success!</strong></p>
<p>{{ session('alert') }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@endif
@error('email')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password_confirmation')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
</div>
<div class="gg-login-wrap">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">{{ __('auth.reset_title') }}</h5>
</div>
<div class="modal-body">
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<div class="form-group edit-input-wrap">
<input id="email" type="email" class="form-control edit-input @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
<label for="email">{{ __('auth.email') }}</label>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password" type="password" class="form-control edit-input @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
<label for="password">{{ __('auth.password') }}</label>
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password_confirmation" type="password" class="form-control" name="password_confirmation" required autocomplete="password_confirmation">
<label for="password_confirmation">{{ __('auth.password_repeat') }}</label>
@error('password_confirmation')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<input type="submit" class="btn btn-primary" value="{{ __('auth.reset') }}">
</form>
</div>
</div>
</div>
</div>
@endsection
也倾倒$errors我得到以下回应:
{"token":["The token field is required."]}
提供了@csrf,所以我不知道还有什么原因。
更新#2
好的,所以我只是慌张地将dump放在reset函数中的每个步骤上,并且在进行验证之前将其放置在这里,如下所示:
public function reset(Request $request)
{
dump($request); // <-------------------------
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
它返回带有Request转储的页面,并显示以下消息:Redirecting to http://localhost:8000/password/reset/a98f717fd25f4c5b32e2ee81e1276058e294ea6536509d1a223d131bcc0dd12c.,该消息清楚地表明验证和重置之间存在重定向。
如果我此后转储,它什么也不会返回,因此它清楚地表明它在$request->validate($this->rules(), $this->validationErrorMessages());这一步骤中中断了。
这是《拉拉广播》的讨论链接:https://laracasts.com/discuss/channels/laravel/password-reset-not-returning-error-messages-on-validation?page=1#reply=510638
1 个答案:
答案 0 :(得分:0)
好的,我通过更改html来解决了这个问题:
const webpack = require('webpack');
const HtmlWebpackPlugin = require('html-webpack-plugin');
const MiniCssExtractPlugin = require('mini-css-extract-plugin');
const CleanWebpackPlugin = require('clean-webpack-plugin');
module.exports = (x, env) => {
return {
entry: './src/index.js',
module: {
rules: [
{
test: /\.(js|jsx)$/,
exclude: /node_modules/,
use: ['babel-loader']
},
{
test: /\.css$/,
use: [
{
loader: MiniCssExtractPlugin.loader,
options: {
publicPath: '../',
hmr: env.mode === 'development',
},
},
'css-loader',
]
},
{
test: /\.(png|woff|woff2|eot|ttf|svg)$/,
loader: 'url-loader'
}
]
},
resolve: {
extensions: ['*','.js', '.jsx', '.css']
},
plugins: [
new webpack.HotModuleReplacementPlugin(),
new HtmlWebpackPlugin({
//inject: "body",
template: 'src/index.ejs'
}),
new MiniCssExtractPlugin(),
new CleanWebpackPlugin()
],
devServer: {
contentBase: './dist',
hot: true,
port: 3000,
disableHostCheck: true,
historyApiFallback: true,
before(app) {
////////////////////////////////////////////////////////////////////////////////
var bodyParser = require('body-parser');
var io = require('socket.io')();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
io.on('connection', function(client){
client.on('message',function(){
client.emit('data', 'text');
});
});
});
app.post('/', function(req, res){
res.send('text');
});
io.listen(6789);
////////////////////////////////////////////////////////////////////////////////
},
}
}
};
对此:
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<input type="hidden" name="token" value="{{ $token }}">
返回:
dump($request->all())因此,这现在可行,尽管我了解array:5 [▼
"_token" => "RlwpqsSHcN42PaEWvIMHCYjjowAnox8ApTA9eeUV"
"token" => "2fb28348a08eac8386a2276be5a7ed5a2847adef39b4ed769157e2213bc208c9"
"email" => "admin@demo.com"
"password" => "password"
"password_confirmation" => "password"
]
Redirecting to http://localhost:8000/login.
和token有所不同,一个用于渗透,另一个用于密码重置,但我仍然不明白我的解决方案与原始{{ 1}},只有_token命令被调用,然后由Blade编译并返回所有必需的隐藏输入。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?