@kwcham first, the token you see in the DB will never be the same because it's encrypted.
You could bcrypt('5a266d95acd1184bc0d=9cb74bb3cce1ae28a619037214a41bf4af3ee64843337') it using tinker and see if it matches the one in the DB.
I got this "This password reset token is invalid." error when creating the password reset feature using Laravel 8. The problem is the token sent by email is not matched with the token stored in database table. I used below code to check the equality of these two values and it give "not the same" result.
$pass = DB::table('password_resets')->where('email', '[email protected]')->value('token');
if(Hash::check($request['token'], $pass))
{
dd('same');
} else {
dd('not same');
}
I hope anyone can pinpoint on what i did wrongly or anything that i missed.
My web.php:
Route::get('/forgot_password', 'ResetPasswordController@request')->name(ResetPasswordConstant::RESET_PASSWORD_ROUTE_REQUEST);
Route::post('/forgot_password', 'ResetPasswordController@email')->name(ResetPasswordConstant::RESET_PASSWORD_ROUTE_EMAIL);
Route::get('/reset_password/{token}', 'ResetPasswordController@reset')->name(ResetPasswordConstant::RESET_PASSWORD_ROUTE_RESET);
Route::post('/reset_password', 'ResetPasswordController@update')->name(ResetPasswordConstant::RESET_PASSWORD_ROUTE_UPDATE);
My controller:
public function email(Request $request)
{
$request->validate(['email' => 'required|email']);
$status = Password::sendResetLink($request->only('email'));
return $status === Password::RESET_LINK_SENT ? back()->with(['status' => __($status)]) : back()->withErrors(['email' => __($status)]);
}
public function update(Request $request)
{
$request->validate([
'token' => 'required',
'email' => 'required|email',
'password' => 'required|min:8|confirmed',
]);
$status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'),
function ($user, $password) use ($request) {
$user->forceFill([
'password' => Hash::make($password)
])->setRememberToken(Str::random(60));
$user->save();
event(new PasswordReset($user));
}
);
return $status == Password::PASSWORD_RESET ? redirect()->route('login')->with('status', __($status)) : back()->withErrors(['email' => [__($status)]]);
}
password_resets db table:
# email, token, created_at
'[email protected]', 'yLwuR6YvjMvqGykxOycMX.dqu/vF1PIxd05mx2FQIS1YacY6aVhmG', '2021-04-16 14:00:06'
email link sent:
http://localhost:8001/reset_password/5a266d95acd1184bc0d=
9cb74bb3cce1ae28a619037214a41bf4af3ee64843337
Please or to participate in this conversation.