Skip to content

Commit

Permalink
feature: Password reset api
Browse files Browse the repository at this point in the history
  • Loading branch information
@dogukanoksuz
dogukanoksuz committed Oct 23, 2023
1 parent c00f3de commit cab40d8
Show file tree
Hide file tree
Showing 7 changed files with 93 additions and 5 deletions.
6 changes: 6 additions & 0 deletions app/Console/Kernel.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,12 @@ protected function schedule(Schedule $schedule)
})
->daily()
->name('Clean Log Tables');

// Clear expired password reset tokens every 60 minutes
$schedule
->command('auth:clear-resets')
->hourly()
->name('Clear Expired Password Reset Tokens');
}

/**
Expand Down
46 changes: 46 additions & 0 deletions app/Http/Controllers/API/AuthController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@
use App\User;
use Carbon\Carbon;
use GuzzleHttp\Client;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Str;
use mervick\aesEverywhere\AES256;
Expand Down Expand Up @@ -236,6 +238,50 @@ public function forceChangePassword(Request $request)
return response()->json(['message' => 'Şifreniz başarıyla değiştirildi.']);
}

/**
* Send password reset link
*/
public function sendPasswordResetLink(Request $request)
{
// Check email exists on database laravel validator
validate([
'email' => 'required|email|exists:users,email',
]);

Password::sendResetLink($request->only('email'));

return response()->json(['message' => 'Şifre sıfırlama bağlantısı e-posta adresinize gönderildi.']);
}

/**
* Reset password with token
*/
public function resetPassword(Request $request)
{
$request->validate([
'token' => 'required',
'email' => 'required|email',
'password' => 'required|min:8|confirmed',
]);

$status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'),
function (User $user, string $password) {
$user->forceFill([
'password' => Hash::make($password)
])->setRememberToken(Str::random(60));

$user->save();

event(new PasswordReset($user));
}
);

return $status === Password::PASSWORD_RESET
? response()->json(['message' => 'Şifreniz başarıyla değiştirildi.'])
: response()->json(['message' => 'Şifre sıfırlama bağlantısı geçersiz.'], 401);
}

/**
* Authenticate using Keycloak
*/
Expand Down
7 changes: 5 additions & 2 deletions app/Providers/AppServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,15 @@
namespace App\Providers;

use App\Models\Notification;
use App\Models\Permission;
use App\Observers\NotificationObserver;
use App\Observers\UserObserver;
use App\User;
use Carbon\Carbon;
use Illuminate\Auth\Notifications\ResetPassword;
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Database\Eloquent\Relations\Relation;
use Illuminate\Pagination\Paginator;
use Illuminate\Routing\Router;
use Illuminate\Support\Facades\View;
use Illuminate\Support\ServiceProvider;

/**
Expand Down Expand Up @@ -48,6 +47,10 @@ public function boot(
\App\Http\Middleware\VerifyCsrfToken::class
);
}

ResetPassword::createUrlUsing(function ($user, string $token) {
return request()->getSchemeAndHttpHost() . '/auth/reset_password?token=' . $token . '&email=' . $user->getEmailForPasswordReset();
});
}

/**
Expand Down
1 change: 0 additions & 1 deletion app/Providers/AuthServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
namespace App\Providers;

use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;

/**
* Auth Service Provider
Expand Down
4 changes: 2 additions & 2 deletions config/mail.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,8 @@
*/

'from' => [
'address' => env('MAIL_FROM_ADDRESS', '[email protected]'),
'name' => env('MAIL_FROM_NAME', 'Example'),
'address' => env('MAIL_USERNAME') ?: '[email protected]',
'name' => env('MAIL_FROM_NAME', 'Liman'),
],

/*
Expand Down
32 changes: 32 additions & 0 deletions database/migrations/2023_10_23_180645_create_password_resets_table.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
<?php

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('password_resets', function (Blueprint $table) {
$table->string('email')->index();
$table->string('token')->index();
$table->timestamp('created_at');
});
}

/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('password_resets');
}
};
2 changes: 2 additions & 0 deletions routes/api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@
Route::post('/refresh', [AuthController::class, 'refresh']);
Route::get('/user', [AuthController::class, 'userProfile']);
Route::post('/change_password', [AuthController::class, 'forceChangePassword']);
Route::post('/forgot_password', [AuthController::class, 'sendPasswordResetLink']);
Route::post('/reset_password', [AuthController::class, 'resetPassword']);
});

Route::post('/notifications/send', [ExternalNotificationController::class, 'accept']);
Expand Down

0 comments on commit cab40d8

Please sign in to comment.