Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
To change the reset password custom messages I add to the ResetPasswordController 2 methods (rules() and validationErrorMessages()). However, the custom messages don't show, the messages that appear are the default messages: "The email field is required." and "The email must be a valid email address.".
LoginController:
protected function rules()
{
return [
'token' => 'required',
'email' => 'required|email',
'password' => 'required|confirmed|min:6',
];
}
protected function validationErrorMessages()
{
return [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
];
}
Try it like this:
protected function messages()
{
return [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
];
}
Unsure if the method needs to be a protected method or if it needs to be public btw.
Thanks, but it shows the default messages both with protected and public. It´s not necessary to change also the methods in the ResetsPasswords trait? "
Did you use the ResetsPasswords trait? The following code should work:
// FILE: Http\Controllers\Auth\ResetPasswordController.php
class ResetPasswordController extends Controller
{
use ResetsPasswords;
/**
* Get the password reset validation error messages.
*
* @return array
*/
protected function validationErrorMessages()
{
return [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
];
}
// ...
}
Yes, the complete ResetPasswordController:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
class ResetPasswordController extends Controller
{
use ResetsPasswords;
protected $redirectTo = '/';
public function __construct()
{
$this->middleware('guest');
}
public function rules()
{
return [
'token' => 'required',
'email' => 'required|email',
'password' => 'required|confirmed|min:6',
];
}
public function validationErrorMessages()
{
return [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
];
}
}
copy/pasting your controller works fine, though... maybe it's your routes/web.php-file?
I have the default "Auth::routes();" in web.php.
The reset password form is in the resources/views/auth/passwords/email.php not in resources/views/auth/passwords/reset.php I don't know if it can be the issue.
Actually it should be Route::auth().
what does php artisan routes:list show? Is there the following line?
| | POST | password/reset | | App\Http\Controllers\Auth\ResetPasswordController@reset | web,guest |
As long as your form POSTs to ResetPasswordController@reset, it should work
Yes, for the reset password there are this routes
| | POST | password/email | password.email | App\Http\Controllers\Auth\ForgotPasswordController@sendResetLinkEmail | web,guest |
| | GET|HEAD | password/reset | password.request | App\Http\Controllers\Auth\ForgotPasswordController@showLinkRequestForm | web,guest |
| | POST | password/reset | | App\Http\Controllers\Auth\ResetPasswordController@reset | web,guest |
| | GET|HEAD | password/reset/{token} | password.reset | App\Http\Controllers\Auth\ResetPasswordController@showResetForm
The route in the form is
<form class="clearfix" method="POST" action="{{ route('password.email') }}">
. So instead of pasword.email should be password.reset?
Make sure to post to the ResetPasswordController@reset-controller method via <form method="POST" action="/password/reset" accept-charset="UTF-8">
There are both routes:
POST /password/email: Here the user enters their email address and the email will be send to themPOST /password/reset: Here the user updates their passwordI changed the form to:
<form class="clearfix" method="POST" action="/password/reset">
{{ csrf_field() }}
And like that show the custom messages. But it appears always "The token field is required.".
token is not the csrf_token ;) It's the token from the url:
public function showResetForm(Request $request, $token = null)
{
return view('auth.passwords.reset')->with(
['token' => $token, 'email' => $request->email]
);
}
Just include a hidden input with this value and you're done:
<input type="hidden" name="token" value="{{ $token }}">
PS: You need both: The crsf_field AND the token
This issue is in the page that has a form for the user enter the email so he receives an email to reset the password. So maybe the custom messages configuration needs to be in the ForgotPasswordController since this is the Controller that handles post to /password/email.
But adding the validateEmail() to the ForgotPasswordController also shows the default messages:
protected function validateEmail(Request $request)
{
$this->validate($request, ['email' => 'required|email'],[
$request.'.required' => 'The email field is mandatory.',
$request.'.email' => 'Please insert a valid email.',
]);
}
Also shows the default messages with:
class ForgotPasswordController extends Controller
{
use SendsPasswordResetEmails;
public function __construct()
{
$this->middleware('guest');
}
public function rules()
{
return [
'email' => 'required.email'
];
}
protected function validationErrorMessages()
{
return [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
];
}
}
If you take a look at the SendsPasswordResetEmails-trait, you'll see, that a method called validateEmail() is responsible for validating request data. Therefore you need to overwrite this method in you controller like this:
// FILE: App\Http\Controllers\Auth\ForgotPasswordController.php
// ...
class ForgotPasswordController extends Controller
{
use SendsPasswordResetEmails;
protected function validateEmail(Request $request)
{
$this->validate($request, ['email' => 'required|email'], [
'email.required' => 'The email field is mandatory.',
'email.email' => 'Please insert a valid email.',
]);
}
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
}
Please or to participate in this conversation.