Laravel 5.3 has great authentication right out of the box. It has login, register, reset and forgot password all set up however there is no change password page which is pretty important for many applications. So, I created one and thought it might be useful to someone else so here it is.
Set up the authentication as per the documentation at Authentication.
Create a new controller in the Auth folder or anywhere else you would like to keep it.
Auth\UpdatePasswordController.php
namespace App\Http\Controllers\Auth;
use App\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class UpdatePasswordController extends Controller
{
/*
* Ensure the user is signed in to access this page
*/
public function __construct() {
$this->middleware('auth');
}
/**
* Show the form to change the user password.
*/
public function index(){
return view('user.change-password');
}
/**
* Update the password for the user.
*
* @param Request $request
* @return Response
*/
public function update(Request $request)
{
$this->validate($request, [
'old' => 'required',
'password' => 'required|min:6|confirmed',
]);
$user = User::find(Auth::id());
$hashedPassword = $user->password;
if (Hash::check($request->old, $hashedPassword)) {
//Change the password
$user->fill([
'password' => Hash::make($request->password)
])->save();
$request->session()->flash('success', 'Your password has been changed.');
return back();
}
$request->session()->flash('failure', 'Your password has not been changed.');
return back();
}
}
Create a new view file. I put mine in a ‘User’ folder at resources\views\users\change-password.blade.php
change-password.blade.php
@extends('layouts.app')
@section ('css')
@endsection
@section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Change Password</div>
<div class="panel-body">
@if (Session::has('success'))
<div class="alert alert-success">{!! Session::get('success') !!}</div>
@endif
@if (Session::has('failure'))
<div class="alert alert-danger">{!! Session::get('failure') !!}</div>
@endif
<form action="{{ route('password.update') }}" method="post" role="form" class="form-horizontal">
{{csrf_field()}}
<div class="form-group{{ $errors->has('old') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Old Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="old">
@if ($errors->has('old'))
<span class="help-block">
<strong>{{ $errors->first('old') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password">
@if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password_confirmation') ? ' has-error' : '' }}">
<label for="password-confirm" class="col-md-4 control-label">Confirm Password</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation">
@if ($errors->has('password_confirmation'))
<span class="help-block">
<strong>{{ $errors->first('password_confirmation') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary form-control">Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
@section('scripts')
@endsection
Make a couple of new routes in ‘web.php’.
Route::get('change-password', 'Auth\UpdatePasswordController@index')->name('password.form');
Route::post('change-password', 'Auth\UpdatePasswordController@update')->name('password.update');