I am writing a test that ensures that the password reset functionality of my application works. The password reset system was created using the <code>php artisan make:auth</code> command. In order to make the test pass I need to automate a GET request to <code>/password/reset/{$token}</code> where <code>$token</code> is the value stored in the <code>password_resets</code> table. Laravel stores the token like this: <code>$2y$10$9grKb3c6.Toiv0kjUWbCUeT8Q8D.Fg2gZ/xDLGQUAkmdyHigmRkNW</code> but when Laravel sends the password reset email to the user, the reset token looks like this in the email: <code>382aa64567ecd05a774c2e4ebb199d3340a1424300707053354c749c10487594</code>. My GET request to <code>/password/reset/$2y$10$9grKb3c6.Toiv0kjUWbCUeT8Q8D.Fg2gZ/xDLGQUAkmdyHigmRkNW</code> fails due to the forward slash in the reset token. (Right after the 'g2gZ') I tried using the helper function <code>decrypt()</code> but had no luck. How can I convert the password reset token I pull from the <code>password_resets</code> table to match what Laravel sends to the user? Not sure if this is relevant but I did upgrade my application from 5.3 to 5.4.

You can get token from closure used for additional checks passed to Notification's assertSentTo method because <code>$token</code> is a public property of standard <code>ResetPassword</code> notification. In your test: <pre class="prettyprint"><code>Notification::fake(); $this->postJson('api/user/reset', ['email' => $user->email]) ->assertStatus(200); $token = ''; Notification::assertSentTo( $this->user, \Illuminate\Auth\Notifications\ResetPassword::class, function ($notification, $channels) use (&$token) { $token = $notification->token; return true; }); $this->postJson('api/user/resetting', [ 'email' => $user->email, 'token' => $token, 'password' => '87538753', 'password_confirmation' => '87538753' ]) ->assertStatus(200); </code></pre>

The token stored in the <code>password_resets</code> table is hashed just like a normal password, so you can't reverse it to get the original token. I suggest that you use the <code>log</code> mail driver when running tests. Then the password reset email will be printed in plain text in the laravel log and you can grab the token from that.

Decrypt Laravel Password Reset Token

Tags:

php

unit-testing

laravel

laravel-5.4

laravel-5.3

I am writing a test that ensures that the password reset functionality of my application works. The password reset system was created using the php artisan make:auth command. In order to make the test pass I need to automate a GET request to /password/reset/{$token} where $token is the value stored in the password_resets table. Laravel stores the token like this:

$2y$10$9grKb3c6.Toiv0kjUWbCUeT8Q8D.Fg2gZ/xDLGQUAkmdyHigmRkNW

but when Laravel sends the password reset email to the user, the reset token looks like this in the email:

382aa64567ecd05a774c2e4ebb199d3340a1424300707053354c749c10487594.

My GET request to /password/reset/$2y$10$9grKb3c6.Toiv0kjUWbCUeT8Q8D.Fg2gZ/xDLGQUAkmdyHigmRkNW fails due to the forward slash in the reset token. (Right after the 'g2gZ')

I tried using the helper function decrypt() but had no luck.

How can I convert the password reset token I pull from the password_resets table to match what Laravel sends to the user?

Not sure if this is relevant but I did upgrade my application from 5.3 to 5.4.

237

asked Jan 25 '17 21:01

Denis Priebe

2 Answers

You can get token from closure used for additional checks passed to Notification's assertSentTo method because $token is a public property of standard ResetPassword notification.

In your test:

Notification::fake();

$this->postJson('api/user/reset', ['email' => $user->email])
    ->assertStatus(200);

$token = '';

Notification::assertSentTo(
    $this->user,
    \Illuminate\Auth\Notifications\ResetPassword::class,
    function ($notification, $channels) use (&$token) {
        $token = $notification->token;

        return true;
    });

$this->postJson('api/user/resetting', [
    'email' => $user->email,
    'token' => $token,
    'password' => '87538753',
    'password_confirmation' => '87538753'
])
    ->assertStatus(200);

answered Sep 30 '22 19:09

pinguinjkeke

The token stored in the password_resets table is hashed just like a normal password, so you can't reverse it to get the original token.

I suggest that you use the log mail driver when running tests. Then the password reset email will be printed in plain text in the laravel log and you can grab the token from that.

answered Sep 30 '22 20:09

BrokenBinary

Related questions
                            
                                Laravel Eloquent HasOne::$id Undefined Property
                            
                                How to send multiple attachment in single mail in php
                            
                                How to replace MySQL functions with PDO?
                            
                                Retry a try/catch when it fails
                            
                                cURL Download Zip File - " argument is not a valid File-Handle resource"
                            
                                In a Laravel 5 Collection how do you return an array of objects instead of an array of arrays?
                            
                                Send a JSON Object from Android to PHP server with POST method and HttpURLConnection
                            
                                Split string at change of character
                            
                                How do I install PDO drivers for PHP on Windows?
                            
                                mysql server has gone away error during installing migration (laravel)
                            
                                Cakephp with PHP7
                            
                                Laravel custom command not working
                            
                                Laravel Eloquent ORM - Nested with statements
                            
                                composer create-project not installing Laravel 5.3
                            
                                Laravel - Eloquent - Dynamically defined relationship
                            
                                Flatten Array Result of Symfony Doctrine Array Result
                            
                                PHP - Check if more than one condition is true in a given number of conditions
                            
                                Notice: Only variables should be passed by reference [duplicate]
                            
                                How to return array with true/false values comparing 2 arrays?
                            
                                How to replace last comma in string with "and" using php?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With