From 674ac5a8db2f620888413b8905e3f1229911bd25 Mon Sep 17 00:00:00 2001 From: Gabriel Almeida Date: Sun, 8 Mar 2015 05:14:24 +0000 Subject: [PATCH] Solves password reset issue One cannot set new password because Confide expects all mandatory form fields from an update to be sent, as a password change this only sends password and password_confirmation. --- src/Confide/ConfideUser.php | 20 ++++++++++++++++++++ src/Confide/ConfideUserInterface.php | 7 +++++++ src/Confide/UserValidator.php | 8 ++++++-- src/views/generators/controller.blade.php | 6 ++++-- src/views/generators/repository.blade.php | 9 ++++++--- 5 files changed, 43 insertions(+), 7 deletions(-) diff --git a/src/Confide/ConfideUser.php b/src/Confide/ConfideUser.php index 19edc05..bc591d1 100644 --- a/src/Confide/ConfideUser.php +++ b/src/Confide/ConfideUser.php @@ -20,6 +20,13 @@ trait ConfideUser */ public $errors; + /** + * A boolean that store if a validation ocurring is for password resetting + * only + * @var bool + */ + private $isResetOnly; + /** * Confirm the user (usually means that the user) * email is valid. Sets the confirmed attribute of @@ -46,6 +53,15 @@ public function forgotPassword() return ConfideFacade::forgotPassword($this->email); } + /** + * Set validation method to check only for fields related to password + * resetting + * @return void + */ + public function setResetOnly() { + $this->isResetOnly = true; + } + /** * Checks if the current user is valid using the ConfideUserValidator. * @@ -61,6 +77,10 @@ public function isValid() // If the model already exists in the database we call validate with // the update ruleset if ($this->exists) { + if ($this->isResetOnly) { + return $validator->validate($this, 'password_reset'); + } + return $validator->validate($this, 'update'); } diff --git a/src/Confide/ConfideUserInterface.php b/src/Confide/ConfideUserInterface.php index 01da19e..f342e11 100644 --- a/src/Confide/ConfideUserInterface.php +++ b/src/Confide/ConfideUserInterface.php @@ -23,6 +23,13 @@ interface ConfideUserInterface extends UserInterface, RemindableInterface */ public function confirm(); + /** + * Set validation method to check only for fields related to password + * resetting + * @return void + */ + public function setResetOnly(); + /** * Send email with information about password reset. * diff --git a/src/Confide/UserValidator.php b/src/Confide/UserValidator.php index 57fa293..43e5dfd 100644 --- a/src/Confide/UserValidator.php +++ b/src/Confide/UserValidator.php @@ -51,6 +51,9 @@ class UserValidator implements UserValidatorInterface 'username' => 'alpha_dash', 'email' => 'required|email', 'password' => 'required|min:4', + ], + 'password_reset' => [ + 'password' => 'required|min:4', ] ]; @@ -90,6 +93,9 @@ public function validatePassword(ConfideUserInterface $user) // Hashes password and unset password_confirmation field $user->password = $hash->make($user->password); + unset($user->password_confirmation); + + return true; } else { $this->attachErrorMsg( $user, @@ -100,8 +106,6 @@ public function validatePassword(ConfideUserInterface $user) } } - unset($user->password_confirmation); - return true; } diff --git a/src/views/generators/controller.blade.php b/src/views/generators/controller.blade.php index af438d0..8a9830e 100644 --- a/src/views/generators/controller.blade.php +++ b/src/views/generators/controller.blade.php @@ -185,7 +185,8 @@ public function {{ (! $restful) ? 'doResetPassword' : 'postReset' }}() ); // By passing an array with the token, password and confirmation - if ($repo->resetPassword($input)) { + $result = $repo->resetPassword( $input ); + if ( $result['status'] ) { $notice_msg = Lang::get('confide::confide.alerts.password_reset'); return Redirect::action('{{ $namespace ? $namespace.'\\' : '' }}{{ $class }}{{ (! $restful) ? '@login' : '@getLogin' }}') ->with('notice', $notice_msg); @@ -193,7 +194,8 @@ public function {{ (! $restful) ? 'doResetPassword' : 'postReset' }}() $error_msg = Lang::get('confide::confide.alerts.wrong_password_reset'); return Redirect::action('{{ $namespace ? $namespace.'\\' : '' }}{{ $class }}{{ (! $restful) ? '@resetPassword' : '@getReset' }}', array('token'=>$input['token'])) ->withInput() - ->with('error', $error_msg); + ->with('error', $error_msg) + ->withErrors($result['errors']); } } diff --git a/src/views/generators/repository.blade.php b/src/views/generators/repository.blade.php index a759704..0165620 100644 --- a/src/views/generators/repository.blade.php +++ b/src/views/generators/repository.blade.php @@ -109,16 +109,19 @@ public function resetPassword($input) { $result = false; $user = Confide::userByResetPasswordToken($input['token']); + $user->setResetOnly(); if ($user) { $user->password = $input['password']; $user->password_confirmation = $input['password_confirmation']; - $result = $this->save($user); + $result['status'] = $this->save($user); } - // If result is positive, destroy token - if ($result) { + // If result status is positive, destroy token + if ($result['status']) { Confide::destroyForgotPasswordToken($input['token']); + } else { + $result['errors'] = $user->errors; } return $result;