我是Laravel 4的新手。
想知道当我以管理员身份登录时,是否可以重置用户的密码。在这种情况下,我不需要令牌来允许更改密码,就像用户收到更改密码的电子邮件一样。我在ReminderController类postReset方法中启发自己:
/**
* Handle a POST request to reset a user's password.
*
* @return Response
*/
public function postReset()
{
$credentials = Input::only(
'email', 'password', 'password_confirmation', 'token'
);
$response = Password::reset($credentials, function ($user, $password) {
$user->password = Hash::make($password);
$user->save();
Auth::login($user);
});
switch ($response) {
case Password::INVALID_TOKEN:
return Redirect::to('/login')->with('error', Lang::get($response));
case Password::INVALID_PASSWORD:
case Password::INVALID_USER:
return Redirect::back()->with('error', Lang::get($response));
case Password::PASSWORD_RESET:
return Redirect::to('/')->with('message', Lang::get($response));
}
}
但该方法在调用Password::reset
时处理$credetials
变量中的token string
。Bellow是更新用户数据的方法。
public function update($colaborador)
{
$credentials = Input::only(
'nome_completo', 'email', 'password', 'password_confirmation', 'token'
);
$emailGestor = Input::get('email-gestor');
$enviarEmail = Input::get('enviar-email');
$user = $colaborador->user;
if (User::where('email', $email)->where('id', '!=', $user->id)->count() > 0) {
$mensagem = 'O endereço de e-mail ' . $email . ' já está sendo utilizado.';
} else {
$response = Password::reset($credentials, function ($credentials, $user, $password, $enviarEmail) {
$user->nome_completo = $credentials['nome_completo'];
$user->email = $credentials['email'];
$user->password = Hash::make($password);
$user->save();
$mensagem = 'Colaborador alterado.';
if ($enviarEmail == 1) {
PrimeiroAcesso::remind(['email' => $email], function ($msg) {
$msg->subject('Assessment – Mapeamento de Competências Funcionais Natura');
});
$mensagem .= ' E-mail de primeiro acesso enviado.';
}
});
switch ($response) {
case Password::INVALID_TOKEN:
$mensagem = 'Token inválido.'; break;
case Password::INVALID_PASSWORD:
$mensagem = 'Senha inválida.'; break;
case Password::INVALID_USER:
$mensagem = 'Nome de usuário inválido'; break;
default: break;
}
}
if ($emailGestor == '' && $colaborador->gestor) {
$colaborador->gestor()->dissociate();
$colaborador->save();
$mensagem .= ' Gestor removido.';
} else {
$gestor = User::with('colaborador')->where('email', $emailGestor)->first();
if ($gestor) {
$colaborador->gestor()->associate($gestor->colaborador);
$colaborador->save();
$mensagem .= ' Gestor alterado para ' . $emailGestor . '.';
}
}
return Redirect::route('admin.colaborador.index')->with('flash_message', $mensagem);
}
在中
$credentials = Input::only(
'nome_completo', 'email', 'password', 'password_confirmation', 'token'
);
我从视图中的表单中得到token
。
Illuminate'Auth'Reminders'PasswordBroker
中的reset
方法需要额外的token
参数作为凭据数组的一部分,因为如果重置成功,它需要从password_reminders
表中删除相应的条目。因此,如果该表中没有匹配的token
条目,您将无法使用该方法,因为您将得到INVALID_TOKEN
响应。
话虽如此,这里有两种选择:
- 在使用
Password::reset
之前创建一个新令牌 - 手动更新给定用户的密码
我个人只会使用第二个,因为它更容易,而且它跳过了将令牌保存到数据库的额外步骤,只是在重置密码后删除它,所有这些都在同一个请求中。
像这样简单的事情应该做(当然你可以扩展它来满足你的个人需求):
// Get the request parameters
list($name, $email, $password, $passwordConfirmation) = Input::only('nome_completo', 'email', 'password', 'password_confirmation');
// Search for a user matching the email address
$user = User::where('email', $email)->first();
// Go ahead if a user matching that email was found
if ( ! is_null($user))
{
// Check if the password and password confirmation match
// NOTE: you can do additional validations here if needed
if ($password == $passwordConfirmation)
{
$user->nome_completo = $name;
$user->password = Hash::make($password);
$user->save();
}
}