Laravel 5.3 has great authentication right out of the box. It has login, register, reset and forgot password all set up however there is no change password page which is pretty important for many applications. So, I created one and thought it might be useful to someone else so here it is.
Set up the authentication as per the documentation at Authentication.
Create a new controller in the Auth folder or anywhere else you would like to keep it.
Auth\UpdatePasswordController.php
namespace App\Http\Controllers\Auth;
use App\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class UpdatePasswordController extends Controller
{
/*
* Ensure the user is signed in to access this page
*/
public function __construct() {
$this->middleware('auth');
}
/**
* Show the form to change the user password.
*/
public function index(){
return view('user.change-password');
}
/**
* Update the password for the user.
*
* @param Request $request
* @return Response
*/
public function update(Request $request)
{
$this->validate($request, [
'old' => 'required',
'password' => 'required|min:6|confirmed',
]);
$user = User::find(Auth::id());
$hashedPassword = $user->password;
if (Hash::check($request->old, $hashedPassword)) {
//Change the password
$user->fill([
'password' => Hash::make($request->password)
])->save();
$request->session()->flash('success', 'Your password has been changed.');
return back();
}
$request->session()->flash('failure', 'Your password has not been changed.');
return back();
}
}
Create a new view file. I put mine in a ‘User’ folder at resources\views\users\change-password.blade.php
change-password.blade.php
@extends('layouts.app')
@section ('css')
@endsection
@section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Change Password</div>
<div class="panel-body">
@if (Session::has('success'))
<div class="alert alert-success">{!! Session::get('success') !!}</div>
@endif
@if (Session::has('failure'))
<div class="alert alert-danger">{!! Session::get('failure') !!}</div>
@endif
<form action="{{ route('password.update') }}" method="post" role="form" class="form-horizontal">
{{csrf_field()}}
<div class="form-group{{ $errors->has('old') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Old Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="old">
@if ($errors->has('old'))
<span class="help-block">
<strong>{{ $errors->first('old') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password">
@if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password_confirmation') ? ' has-error' : '' }}">
<label for="password-confirm" class="col-md-4 control-label">Confirm Password</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation">
@if ($errors->has('password_confirmation'))
<span class="help-block">
<strong>{{ $errors->first('password_confirmation') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary form-control">Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
@section('scripts')
@endsection
Make a couple of new routes in ‘web.php’.
Route::get('change-password', 'Auth\UpdatePasswordController@index')->name('password.form');
Route::post('change-password', 'Auth\UpdatePasswordController@update')->name('password.update');
Thanks Paul – this is straightforward and it worked like a charm!
Glad it helped someone. 8)
This is exactly what I was looking for! Worked perfectly 🙂
Great!
Godlike! 🙂 Thanks Paul 🙂
Thanks, it works great!
I’m glad it helped.
Thanks a lot! Work perfectly, although there is some error caused by mine.
Keep posting awesome tutorial like this 😀
Outstanding. Clean example. This is how this sort of thing needs to be demonstrated. Well-done!
Thanks
Wow!!!!!!!Like a magic it worked..
Agree with other commenters here… very good and thanks a lot!
Thank you 🙂
Perfect! The easiest code I had implemented so far in Laravel. Hats off!
This is just what i needed …thanks a million
Superb answer , Very simple explanation . Laravel is amazing
very nice
Excellent example, thanks!
Might want to move Route::get(‘change-password’) to the controller as well? This way the change password page can be controlled to show only after login.
Glad you like it Ron. Yes we could add the change password to the controller. In fact I have updated the article to reflect that.
works great ! thanks 🙂