SECURE LOGIN SYSTEM – PHP(LARAVEL) – 4

[norebro_social_networks icon_layout=”boxed”]

So we are back now. As promised in Secure Login System – PHP(Laravel) -3 we will start with forgot password. Before we start make sure your mail settings are correct, go to app/config/mail.php and change following fields if not yet changed.

'host'=> 'your host here',
'username'=> 'username/email',
'password'=> 'password',

Do you remember we are done with forgotpassword view and routes so now we will start with storeForgotpassword() method. Our storeForgotPassword() is below

public function storeForgotpassword() {
        if (Input::has('email')) {
  
            $email = Input::get('email');
  
            try {
                // Find the user using the user email address
                $user = Sentry::findUserByLogin($email);
  
                // Get the password reset code
                $resetCode = $user -> getResetPasswordCode();
  
                Mail::send("emails.resetpassword", array("email" => $email, "resetCode" => $resetCode), function($message) use ($email, $resetCode) {
                    $message -> to($email) -> subject('Follow the link to reset your password');
                });
  
                Session::flash('success_msg', 'We have sent a link to your email account please follow that to reset your password');
                return Redirect::to('/forgotpassword');
  
                // Now you can send this code to your user via email for example.
            } catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
                Session::flash('error_msg', 'User not found');
                return Redirect::to('/forgotpassword');
            }
        } else {
            Session::flash('error_msg', 'User not found');
            return Redirect::to('/forgotpassword');
        }
  
    }

That was an easy job but we forgot to write our email template for forgotpassword our email template is below

/views/emails/resetpassword.blade.php

<!DOCTYPE html>
<html lang="en-US">
    <head>
        <meta charset="utf-8">
    </head>
    <body>
        <h2>Password reset</h2>
  
        <div>
            You have requested to reset your password . Follow the link below to change your password
            <br/>
            <a href="{{ URL::to('newpassword') }}?email={{$email}}&resetcode={{$resetCode}}">
                {{ URL::to('newpassword') }}?email={{$email}}&resetcode={{$resetCode}}
            </a>
        </div>
    </body>
</html>

In the above code, we are created a URL to route newpassword with email and reset code. Now when the user clicks on this URL we have to take him to newpassword view but before showing newpassword view validate the reset code and check if email and reset code is present or not. our showNewPassword() method is below

public function showNewPassword() {
        if (Input::has('email') && Input::has('resetcode')) {
  
            try {
                // Find the user using the user id
                $user = Sentry::findUserByLogin(Input::get('email'));
  
                // Check if the reset password code is valid
                if ($user -> checkResetPasswordCode(Input::get('resetcode'))) {
                    return View::make('newpassword');
  
                } else {
                    Session::flash('error_msg', 'Invalid request . Please enter email to reset your password');
                    return Redirect::to('/forgotpassword');
                }
            } catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
                Session::flash('error_msg', 'User not found');
                return Redirect::to('/forgotpassword');
            }
        } else {
            Session::flash('error_msg', 'Invalid request . Please enter email to reset your password');
            return Redirect::to('/forgotpassword');
        }
    }

When the user submits a new password and confirms the password, validate them and change user’s password. We will implement this in storeNewPassword().

public function storeNewPassword() {
        //Validator to check password ,password confirmation
        $input = array('password' => Input::get('password'), 'password_confirmation' => Input::get('password_confirmation'));
  
        $rules = array('password' => 'required|min:4|max:32|confirmed', 'password_confirmation' => 'required|min:4|max:32');
  
        $v = Validator::make($input, $rules);
  
        if ($v -> passes()) {
            if (Input::has('email') && Input::has('resetcode')) {
  
                try {
                    // Find the user using the user id
                    $user = Sentry::findUserByLogin(Input::get('email'));
  
                    // Check if the reset password code is valid
                    if ($user -> checkResetPasswordCode(Input::get('resetcode'))) {
                        // Attempt to reset the user password
                        if ($user -> attemptResetPassword(Input::get('resetcode'), Input::get('password'))) {
                            Session::flash('success_msg', 'Password changed successfully . Please login below');
                            return Redirect::to('/login');
                        } else {
                            Session::flash('error_msg', 'Unable to reset password . Please try again');
                            return Redirect::to('/forgotpassword');
                        }
                    } else {
                        Session::flash('error_msg', 'Unable to reset password . Please try again');
                        return Redirect::to('/forgotpassword');
                    }
                } catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
                    Session::flash('error_msg', 'User not found');
                    return Redirect::to('/forgotpassword');
                }
            } else {
                Session::flash('error_msg', 'Invalid request . Please enter email to reset your password');
                return Redirect::to('/forgotpassword');
            }
        } else {
            return Redirect::to('/newpassword?email=' . Input::get('email') . '&resetcode=' . Input::get('resetcode')) -> withErrors($v) -> withInput();
        }
    }

We are done with forgotpassword and newpassword . In this series, we have developed a secure authentication system for our user’s providing them Login Module, Registration, Reset Password through email, New Password.

Thanks
KodeInfo

https://www.kodeinfo.com
Comments to: SECURE LOGIN SYSTEM – PHP(LARAVEL) – 4

    Your email address will not be published. Required fields are marked *

    Attach images - Only PNG, JPG, JPEG and GIF are supported.

    Stay connected

    Categories

    Newsletter

    Tags

    Recent Comments

      Recent Posts

      Recent Comments

        Archives

        Categories

        Meta