douweng5420 2018-05-17 12:26
浏览 64
已采纳

使用Laravel Auth和加密用户表发送重置链接

I have a laravel 5.4 installation and I always used the default Laravel Authentication guard to handle user authentication and, mainly, the password restore process.

Now I had to encrypt the email in the users table using the Elocryptfive library, so I also added email_hash field where the hash of the mail is stored in the db in order to easily retrieve users by their email.

I can easily authenticate users using the hash:

Auth::attempt([
    'email_hash' => hash('sha256', $request->get('email')), 
    'password' => $request->get('password')]
, $remember);

What I can't get working is the password reset process. Is there a class to override in order to retrieve users by email_hash, then access the decrypted email and send the mail, without rewriting the whole password forgotten process?

  • 写回答

1条回答 默认 最新

  • doushi7314 2018-05-17 13:39
    关注

    I found a way to achieve this. I will answer my own question to provide a useful solution if someone else needs some help on the topic:

    In your ForgotPasswordController.php, override the sendResetLinkEmail function:

    /**
 * Send a reset link to the given user.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\RedirectResponse
 */
public function sendResetLinkEmail(Request $request)
{
    $this->validateEmail($request);

    $hashed = hash('sha256', $request->get('email'));
    $user = User::where('email_hash', $hashed)->first();

    if (!is_null($user)) {
        $response = Password::sendResetLink(
            ['email_hash' => $hashed]
        );
    } else {
        $response = Password::INVALID_USER;
    }

    return $response == Password::RESET_LINK_SENT
        ? $this->sendResetLinkResponse($response)
        : $this->sendResetLinkFailedResponse($request, $response);
}

    In your ResetPasswordController.php, override the credentials function:

    /**
 * Get the password reset credentials from the request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return array
 */
protected function credentials(Request $request)
{
    return [
        'email_hash' => hash('sha256', $request->get('email')),
        'password' => $request->get('password'),
        'password_confirmation' => $request->get('password_confirmation'),
        'token' => $request->get('token')
    ];
}

    Thanks to Mike Rodham for pointing out the right direction, I hope it helps someone.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何让企业微信机器人实现消息汇总整合
  • ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题
  • ¥15 如何用Python爬取各高校教师公开的教育和工作经历
  • ¥15 TLE9879QXA40 电机驱动
  • ¥20 对于工程问题的非线性数学模型进行线性化
  • ¥15 Mirare PLUS 进行密钥认证?(详解)
  • ¥15 物体双站RCS和其组成阵列后的双站RCS关系验证
  • ¥20 想用ollama做一个自己的AI数据库
  • ¥15 关于qualoth编辑及缝合服装领子的问题解决方案探寻
  • ¥15 请问怎么才能复现这样的图呀