douweng5420 2018-05-17 12:26
浏览 64
已采纳

使用Laravel Auth和加密用户表发送重置链接

I have a laravel 5.4 installation and I always used the default Laravel Authentication guard to handle user authentication and, mainly, the password restore process.

Now I had to encrypt the email in the users table using the Elocryptfive library, so I also added email_hash field where the hash of the mail is stored in the db in order to easily retrieve users by their email.

I can easily authenticate users using the hash:

Auth::attempt([
    'email_hash' => hash('sha256', $request->get('email')), 
    'password' => $request->get('password')]
, $remember);

What I can't get working is the password reset process. Is there a class to override in order to retrieve users by email_hash, then access the decrypted email and send the mail, without rewriting the whole password forgotten process?

  • 写回答

1条回答 默认 最新

  • doushi7314 2018-05-17 13:39
    关注

    I found a way to achieve this. I will answer my own question to provide a useful solution if someone else needs some help on the topic:

    In your ForgotPasswordController.php, override the sendResetLinkEmail function:

    /**
 * Send a reset link to the given user.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\RedirectResponse
 */
public function sendResetLinkEmail(Request $request)
{
    $this->validateEmail($request);

    $hashed = hash('sha256', $request->get('email'));
    $user = User::where('email_hash', $hashed)->first();

    if (!is_null($user)) {
        $response = Password::sendResetLink(
            ['email_hash' => $hashed]
        );
    } else {
        $response = Password::INVALID_USER;
    }

    return $response == Password::RESET_LINK_SENT
        ? $this->sendResetLinkResponse($response)
        : $this->sendResetLinkFailedResponse($request, $response);
}

    In your ResetPasswordController.php, override the credentials function:

    /**
 * Get the password reset credentials from the request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return array
 */
protected function credentials(Request $request)
{
    return [
        'email_hash' => hash('sha256', $request->get('email')),
        'password' => $request->get('password'),
        'password_confirmation' => $request->get('password_confirmation'),
        'token' => $request->get('token')
    ];
}

    Thanks to Mike Rodham for pointing out the right direction, I hope it helps someone.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效
  • ¥15 悬赏!微信开发者工具报错,求帮改