Laravel Sanctum API user password update error

Please what is wrong with this api code to update user password

public function updateCurrentPassword(Request $request){
        $validator = Validator::make($request->all(),[
            'current_pwd' => 'required|min:8',
            'new_pwd' => 'required|min:8',
            'confirm_pwd' => 'required|min:8',
        ]);
        if($validator->fails()){
            return response()->json(['validation_errors'=>$validator->messages()],422);
        }else{
            $userCount = User::where('id',$request->id)->count();
            
            if($userCount > 0){
                $user = User::where('id',$request->id)->first();
                if(Hash::check($request->current_pwd,Auth::user()->password)){
                    //Check if new or confirm password is matching
                    if($request->new_pwd == $request->confirm_pwd){
                        User::where('id',Auth::user()->id)->update(['password'=>bcrypt($request->new_pwd)]);
                    }else{
                        return response()->json([
                            "status"=>false,
                            "message"=>"New Password does not match confirm password!"
                        ],401);
                    }
                }else{
                    return response()->json([
                        "status"=>false,
                        "message"=>"Current password entered is incorrect!"
                    ],401);
                }
                return response()->json([
                    "status"=>true,
                    "message"=>"Password updated successfully!"
                ],201);
            }else{
                return response()->json([
                    "status"=>false,
                    "message"=>"User with this ID not found!"
                ],401);
            }
        }
    }```
The error in my thunder client app is coming like ```ErrorException: Attempt to read property &quot;password&quot; on null in file D:\xampp\htdocs\jaano\jaanobackend\app\Http\Controllers\API\ApiV1UserController.php on line 149```
	which is this line in my code ```if(Hash::check($request->current_pwd,Auth::user()->password)){```
Any help?

tykus

2 years ago

Level 104

ErrorException: Attempt to read property "password" on null

You don't have an authenticated user; easiest to add the auth:sanctum middleware to the Route definition to enforce authentication for that endpoint.

Aside, there is a lot of branching code which is complicating a relatively simple concept, consider a refactor!

Alewa

2 years ago

Level 2

Thanks @tykus , I did not add the bearer token after logging in at my update-user-password in thunder client, so I added the bearer token and it worked

tykus

2 years ago

Level 104

@Alewa notwithstanding, you have made it into the Controller action without being authenticated. Just protect the Route using the auth:sanctum middleware.

Otherwise if you're all set, mark the thread closed

Please or to participate in this conversation.