使用临时密码或密码登录以登录L5

时间:2015-12-09 06:12:12

标签: authentication laravel-5.1

我正在使用Laravel 5.1来构建具有RESTFUl资源的后端系统,这些资源将被某些移动应用程序使用。

忘记密码故事

如果有人忘记了密码,那么服务器必须向他注册的电子邮件发送带有临时密码的电子邮件。从下一次开始,服务器必须使用临时密码或使用密码

对用户进行身份验证

有人可以指导我如何做到这一点

1 个答案:

答案 0 :(得分:2)

您可以修改PasswordController

中的app\http\controllers\auth 
<?php

namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;

use App\Models\User; //yours is probably App\User;
use Mail, Hash;

class PasswordController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Password Reset Controller
    |--------------------------------------------------------------------------
    |
    | This controller is responsible for handling password reset requests
    | and uses a simple trait to include this behavior. You're free to
    | explore this trait and override any methods you wish to tweak.
    |
    */
    use ResetsPasswords;
    /**
     * Create a new password controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest');
    }


    public function postEmail(Request $request)
    {
        $this->validate($request, ['email' => 'required|email']);

        $email = $request->get('email');

        if(!$user = User::where('email', $email)->first()) return redirect()->back()->with('error', 'Email does not exists');

        //create temporal password
        $temp_password = str_random(8); //generates random 8 characters long string

        //hash password and save in database
        //I assume you have `temp_password` in your users column
        $user->temp_password = Hash::make($temp_password);
        $user->save();

        //data to be used in mail
        $data['subject']            = 'Password Reminder'; //$this->getEmailSubject();
        $data['email']              = $email;
        $data['temp_password']      = $temp_password;

        //send mail to user
        Mail::send('emails.password_reminder', $data, function($message) use ($data)
        {
            $message->from('no-reply@site.com', $data['subject']);
            $message->subject($data['subject']);
            $message->to($data['email']);
        });

    }
}

然后在resource/views/emails创建password_reminder.blade.php 

Your temporal password is {{$temp_password}}
NB:Someone requested a password reminder, if you are not the one kindly ignore

用于用户身份验证

尝试 - (未经测试)

$email = \Request::get('email'); 
$password = \Request::get('password'); 

if (Auth::attempt(['email' =>$email, 'password' => $password])){ 
    return true; 
}elseif(Auth::attempt(['email' =>$email, 'temp_password' => $password])){ 
    return true; 
}else{ 
   return false; 
}

或试试这个

$email = \Request::get('email'); 
$password = \Request::get('password'); 
$user = User::where('email',$email)->first(); 

if(!$user) return false;

if (Auth::attempt(['email' =>$email, 'password' => $password])){ 
    return true; 
}elseif(\Hash::check($password, $user->temp_password)){ 
    Auth::loginUsingId($user->id); return true; 
}else{ 
    return false; 
}
相关问题
最新问题