douweng5420 2018-05-17 12:26
浏览 64
已采纳

使用Laravel Auth和加密用户表发送重置链接

I have a laravel 5.4 installation and I always used the default Laravel Authentication guard to handle user authentication and, mainly, the password restore process.

Now I had to encrypt the email in the users table using the Elocryptfive library, so I also added email_hash field where the hash of the mail is stored in the db in order to easily retrieve users by their email.

I can easily authenticate users using the hash:

Auth::attempt([
    'email_hash' => hash('sha256', $request->get('email')), 
    'password' => $request->get('password')]
, $remember);

What I can't get working is the password reset process. Is there a class to override in order to retrieve users by email_hash, then access the decrypted email and send the mail, without rewriting the whole password forgotten process?

  • 写回答

1条回答 默认 最新

  • doushi7314 2018-05-17 13:39
    关注

    I found a way to achieve this. I will answer my own question to provide a useful solution if someone else needs some help on the topic:

    In your ForgotPasswordController.php, override the sendResetLinkEmail function:

    /**
 * Send a reset link to the given user.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\RedirectResponse
 */
public function sendResetLinkEmail(Request $request)
{
    $this->validateEmail($request);

    $hashed = hash('sha256', $request->get('email'));
    $user = User::where('email_hash', $hashed)->first();

    if (!is_null($user)) {
        $response = Password::sendResetLink(
            ['email_hash' => $hashed]
        );
    } else {
        $response = Password::INVALID_USER;
    }

    return $response == Password::RESET_LINK_SENT
        ? $this->sendResetLinkResponse($response)
        : $this->sendResetLinkFailedResponse($request, $response);
}

    In your ResetPasswordController.php, override the credentials function:

    /**
 * Get the password reset credentials from the request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return array
 */
protected function credentials(Request $request)
{
    return [
        'email_hash' => hash('sha256', $request->get('email')),
        'password' => $request->get('password'),
        'password_confirmation' => $request->get('password_confirmation'),
        'token' => $request->get('token')
    ];
}

    Thanks to Mike Rodham for pointing out the right direction, I hope it helps someone.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 sub地址DHCP问题
  • ¥15 delta降尺度计算的一些细节,有偿
  • ¥15 Arduino红外遥控代码有问题
  • ¥15 数值计算离散正交多项式
  • ¥30 数值计算均差系数编程
  • ¥15 redis-full-check比较 两个集群的数据出错
  • ¥15 Matlab编程问题
  • ¥15 训练的多模态特征融合模型准确度很低怎么办
  • ¥15 kylin启动报错log4j类冲突
  • ¥15 超声波模块测距控制点灯,灯的闪烁很不稳定,经过调试发现测的距离偏大