Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

laravel 5,update User password

Tags:

validation

php

laravel

laravel-5

I'm using laravel 5 to develop an app that allow every user to update his profile.
in order to update password, the user needs to first enter his old password and if the old password matched then his newly entered password will be hashed and stored in DB. how can I validate this, using laravel form request validation?

like image 838
Salar Avatar asked Jun 08 '15 12:06

Salar

People also ask

How does laravel validate current password?

There's a Hash::check() function which allows you to check whether the old password entered by user is correct or not. Another good trick to use in the confirmation field: the confirmed validation rule <link>. Your actual rule would be just one line, like this: 'new_password' => 'required|confirmed' .

2 Answers

I created a custom validator and added it to AppServiceProvider like this:

<?php

namespace App\Providers;

use Validator;
use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Hash ;
class AppServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        Validator::extend('password_hash_check', function($attribute, $value, $parameters, $validator) {
            return Hash::check($value , $parameters[0]) ;
        });
    }

then I used it in my form request validator like this:

<?php
namespace App\Http\Requests;
use App\Http\Requests\Request;
class UpdateUserProfileRequest extends Request
{
    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        $hashed_password = $this->user()->password ;
        return [
            'oldPassword'=> "password_hash_check:$hashed_password|string|min:6",
            'newPassword' => 'required_with:oldPassword|confirmed|min:6',
        ];
    }
like image 50
Salar Avatar answered Oct 13 '22 00:10

Salar

When you want to check a Hashed value generated by 

Hash::make()

you need to use 

Hash::check('unhashed', $hashed)

Every time you run Hash::make('string'), a different hash is made and will not match the previous one. For example:

// Generate a hash
$password = Hash::make('password');

// $password == $2y$08$T9r9qUxrr6ejs9Ne.nLzMet8l0A8BM5QvLjhaaJasgsbMBdX4JjRu

// Generate a new hash
$new_password = Hash::make('password');

// $new_password ==  $2y$08$3KBlYKIMpIvk.TWwim9oPuwGA.Pzv1iF7BsDyYkz7kQlhkA/ueULe

// Compare hashes the WRONG way
$password === $new_password; // false

// Compare hash the RIGHT way
Hash::check('password', $password); // true
Hash::check('password', $new_password); // true

So Use Hash::make() method of Hash class.

like image 34
Rajesh kumawat Avatar answered Oct 13 '22 00:10

Rajesh kumawat
Sign in to Comment

Related questions

Server-side video conversion and compression
Laravel Migration: auto increment key when it is not primary
Httpful post form data
using touch() to update timestamp of custom timestamp field in laravel
Doctrine - [Semantical Error] - Error: Class has no field or association
Change '0777' string to 0777 octal LITERALLY
Run Gulp tasks during composer install
PHP download and extract zip file
WhereIn and relationships
How to authenticate with Sentinel by username?
How to encode/decode url in codeigniter
PHP too slow, can anyone see a way to make it faster?
Laravel 5 Routing Object Not Found
Dynamically set background image
PHP Position of Last Digit in a String
Regex \R doesn't work inside character class
Laravel 5 get command response
Using memcache inside Google Compute Engine with PHP
How to use the down() method in CodeIgniter's migration?
is it possible to import and export excel file with size 70MB using PHPExcel library?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!