You can check the user column that let you know if the user needs to reset the password, and redirect him to the reset-password view with a middleware. Something like this:
//middleware
class EnsurePasswordReset
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (auth()->user()->needsToResetPassword()) {
return redirect(route('auth.password'));
}
return $next($request);
}
}
Docs: https://laravel.com/docs/5.7/middleware#defining-middleware