Level 5
@friedrich Then don't use this rule. Just compare user's password with plain password directly :
if (Hash::check('plain-password', $hashedPasswordFromDB)) {
// The passwords matches
}
1 like
Oct 24, 2022
13
Level 1
How to update password of users in LARAVEL
Hi Guys, I want to know how can I edit the password of every user using matching a old password to confirm the validation thanks in advance i have rule that checks the old password of the user but only the current signed in system
<?php
namespace App\Rules;
use Illuminate\Contracts\Validation\Rule;
use Illuminate\Support\Facades\Hash;
class MatchOldPassword implements Rule
{
/**
* Determine if the validation rule passes.
*
* @param string $attribute
* @param mixed $value
* @return bool
*/
public function passes($attribute, $value)
{
return Hash::check($value, auth()->user()->password);
}
/**
* Get the validation error message.
*
* @return string
*/
public function message()
{
return 'The attribute is match with old password.';
}
}
I want to change the auth()->user() into $request->id->password for example please help me
Level 1
@saedyousef how i use the $hashedPasswordFromDB
Level 29
@Friedrich Show the request inputs?
I assume you have the selected user's id passed to the request.
Example:
$selectedUser = User::find(request()->selectedUserid);
return Hash::check($value,$selectecUser->password );
Level 6
form Store like this web.php
Route::get('change-password', [FrontController::class, 'index'])->name('change-password');
Route::post('change-password', [FrontController::class, 'store'])->name('change.password');
form Send
<form method="POST" action="{{ route('change.password') }}">
@csrf
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">Old Pass</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="current_password" autocomplete="current-password">
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">New Pass</label>
<div class="col-md-6">
<input id="new_password" type="password" class="form-control" name="new_password" autocomplete="current-password">
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">Confirm</label>
<div class="col-md-6">
<input id="new_confirm_password" type="password" class="form-control" name="new_confirm_password" autocomplete="current-password">
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn1 btn-primary">
Send
</button>
</div>
</div>
</form>
Controller
public function store(Request $request)
{
$request->validate([
'current_password' => ['required', new MatchOldPassword],
'new_password' => ['required'],
'new_confirm_password' => ['same:new_password'],
]);
User::find(auth()->user()->id)->update(['password'=> Hash::make($request->new_password)]);
return redirect('change-password')->with('success',"OK");
}
Level 1
@LoverCode this code update only who user is signed in what i want is to update the password of the users
Level 12
@Friedrich Then just change
User::find(auth()->user()->id)->.....
with
User::find($userId)->......
$userId is the id of the user that you want to update
Level 1
@Laralex yes exactly
Level 122
this seems a bit smelly to me. Why should anyone other than the user know the existing password?
There is already a validation rule to check existing password
Level 6
@Snapey User::find(auth()->user()->id not ok?
this mean . find user is login now .
Level 122
@LoverCode auth()->user() already gives you the logged in user so your suggested code is completely redundant
Level 6
@Snapey i use this code in panel . if user is out of panel and want change password it is very amazing
Level 122
@LoverCode sorry but translation is causing some issues
1 like
Level 75
I agree something seems off here.
Please or to participate in this conversation.