I followed @bashy on this post: https://laracasts.com/discuss/channels/laravel/reset-password-manually-without-email
I am generating a token like this:
$reset_token = hash_hmac('sha256', Str::random(40), $user);
I am inserting a record in the password_resets table like this:
DB::table('password_resets')->insert([ 'email' => $request->email, 'token' => $reset_token, 'created_at' => Carbon::now(), ]);
The user gets an e-mail sent through a custom notification with the correct token (it matches on the link and in the hidden input field on the view).
I keep getting this after following the link, filling in the form, and clicking on reset password:
This password reset token is invalid.
I have also tried this to generate the token (same error):
$reset_token = strtolower(str_random(64));