File: /var/www/ipsremont-demo/app/Http/Controllers/Auth/ForgotPasswordController.php
<?php
namespace App\Http\Controllers\Auth;
use App\Jobs\SendMail;
use App\Mail\BaseMail;
use App\Models\PasswordReset;
use App\Services\Email\EmailTemplatesService;
use App\Services\PlaceholderService;
use App\Traits\UserTrait;
use App\User;
use Carbon\Carbon;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
use Illuminate\Http\Request;
use Illuminate\Routing\Controller as BaseController;
class ForgotPasswordController extends BaseController
{
/*
|--------------------------------------------------------------------------
| Password Reset Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password reset email and
| includes a trait which assists in sending these notifications from
| your application to your users. Feel free to explore this trait.
|
*/
use SendsPasswordResetEmails, UserTrait;
public function sendToken(Request $request)
{
$email = $request->email;
$user = User::query()->where('email', $email)->first();
if (empty($user)) {
return redirect()->back()->with('messageError', __('auth.emailNotFound'));
}
$user = User::query()->canLogin()->where('email', $email)->first();
if (empty($user)) {
return redirect()->back()->with('messageError', __('users.accessDenied'));
}
PasswordReset::query()->where('email', $email)->delete();
$token = base64_encode($email . time());
$model = new PasswordReset();
$model->email = $email;
$model->token = $token;
$model->save();
/** Email Sending **/
$body = EmailTemplatesService::getTplForLetter('password-recovery', $user->lang, $user->roles()->get()->pluck('type')->first());
if (!(isset($body) && $body->active)) {
return redirect()->back()->with('messageError', __('users.letterOff'));
}
$placeholders = new PlaceholderService();
$placeholders->initRecipientPlaceholder($user);
$variables = [
'user' => $user,
'event' => 'password-recovery',
'placeholders' => $placeholders->getRecipientPlaceholders(),
];
SendMail::dispatch(new BaseMail($variables), $email);
return redirect()->back()->with('messageSuccess', __('auth.emailSent'));
}
public function checkToken(Request $request)
{
$tokenData = PasswordReset::where('token', $request->token)->first();
if (!empty($tokenData)) {
if ($tokenData->created_at->diffInHours(Carbon::now()) > 24) {
PasswordReset::where('token', $request->token)->delete();
return redirect()->back()->with('messageError', __('users.timeToken'));
} else {
if ($request->password == $request->password_confirmation) {
if ($tokenData->email <> $request->email) {
return redirect()->back()->with('messageError', __('users.linkIsInvalid'));
}
$user = User::canLogin()->where('email', $tokenData->email)->first();
if (!$user) {
return redirect()->back()->with('messageError', __('users.accessDenied'));
}
$user->update(['password' => bcrypt($request->password)]);
PasswordReset::where('token', $request->token)->delete();
return redirect('/login')->with('messageSuccess', __('users.successRecoveryPassword'));
} else {
return redirect()->back()->with('messageError', __('users.PasswordsMatch'));
}
}
} else {
return redirect()->back()->with('messageError', __('users.linkIsInvalid'));
}
}
}