Reset a password with the username not the email

Are you using Auth?

Yes. I'm using Laravel's defualt login configuration.

change 'email to 'username' in your `auth.passwords.email' view

in you ForgotPasswordController

public function sendResetLinkEmail(Request $request)
{
        $this->validate($request, ['username' => 'required'], ['username.required' => 'Please enter your username.']);

         $response = $this->broker()->sendResetLink(
            $request->only('username')
        );

        if ($response === Password::RESET_LINK_SENT) {
            return back()->with('status', trans($response));
        }

        return back()->withErrors(
            ['email' => trans($response)]
        );
}

This was a good start for me, but I had a need to allow the user to enter the username to RESET the password as well, instead of the email address (my usernames are unique but their e-mail addresses are not).

The two alterations explained by @habeebnet allow a username to be entered to reset a password, which will send the usual message to the user's e-mail address.

NOTE: These suggestions are for 5.3.

Then I changed reset.blade.php to accept the username instead of the email address.

In the ResetsPasswords.php file I had to alter some functions to substitute username for email address.

public function showResetForm(Request $request, $token = null)
{
    return view('auth.passwords.reset')->with(
        ['token' => $token, 'username' => $request->username]
    );
}

and

protected function rules()
{
    return [
        'token' => 'required', 
        'username' => 'required',
        'password' => 'required|confirmed|min:6',
    ];
}

and

protected function credentials(Request $request)
{
    return $request->only(
        'username', 'password', 'password_confirmation', 'token'
    );
}

and

protected function sendResetFailedResponse(Request $request, $response)
{
    return redirect()->back()
                ->withInput($request->only('username'))
                ->withErrors(['username' => trans($response)]);
}

Now my users can reset their password by entering their username. The token message is still sent only to the email address for the user, but then from that link they enter their username and new password into the reset form to reset their password.

It occurs to me that these modified functions might be better placed elsewhere than in the trait (like maybe the ResetPasswordController in app\Http\Controllers\Auth) which I'll test next.

UPDATED - Yes, the place to put the functions is in the ResetPasswordController and leave the original trait ResetPasswords alone. Works fine.

Hello people, Using the former actions I managed to change what the user is being asked for the password reset but when the users enter their username, they get an error saying

SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'email' cannot be null

which I find logical as the password_resets table uses only emails and I did not tell laravel where to find the email for the username given.

Can anyone point me to where I should read in order to make laravel resolve the email of the username given and store that into the password_resets table?

Thank you