/home/kueuepay/public_html/app/Http/Controllers/User/Auth/ForgotPasswordController.php
<?php
namespace App\Http\Controllers\User\Auth;
use Exception;
use Carbon\Carbon;
use App\Models\User;
use Illuminate\Http\Request;
use App\Constants\GlobalConst;
use App\Models\UserPasswordReset;
use Illuminate\Support\Facades\DB;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;
use App\Providers\Admin\BasicSettingsProvider;
use Illuminate\Validation\ValidationException;
use App\Notifications\User\Auth\PasswordResetEmail;
class ForgotPasswordController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function showForgotForm()
{
$page_title = "Forgot Password";
return view('user.auth.forgot-password.forgot',compact('page_title'));
}
/**
* Send Verification code to user email/phone.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function sendCode(Request $request)
{
$request->validate([
'credentials' => "required|string|max:100",
]);
$column = "username";
if(check_email($request->credentials)) $column = "email";
$user = User::where($column,$request->credentials)->first();
if(!$user) {
throw ValidationException::withMessages([
'credentials' => "User doesn't exists.",
]);
}
$token = generate_unique_string("user_password_resets","token",80);
$code = generate_random_code();
try{
UserPasswordReset::where("user_id",$user->id)->delete();
$password_reset = UserPasswordReset::create([
'user_id' => $user->id,
'email' => $user->email,
'token' => $token,
'code' => $code,
]);
try{
$user->notify(new PasswordResetEmail($user,$password_reset));
}catch(Exception $e){}
}catch(Exception $e) {
return back()->with(['error' => ['Something went wrong! Please try again.']]);
}
return redirect()->route('user.password.forgot.code.verify.form',$token)->with(['success' => ['Verification code sended to your email address.']]);
}
public function showVerifyForm($token) {
$page_title = "Verify User";
$password_reset = UserPasswordReset::where("token",$token)->first();
if(!$password_reset) return redirect()->route('user.password.forgot')->with(['error' => ['Password Reset Token Expired']]);
$resend_time = 0;
if(Carbon::now() <= $password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)) {
$resend_time = Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE));
}
$user_email = $password_reset->user->email ?? "";
return view('user.auth.forgot-password.verify',compact('page_title','token','user_email','resend_time'));
}
/**
* OTP Verification.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function verifyCode(Request $request,$token)
{
$request->merge(['token' => $token]);
$validated = Validator::make($request->all(),[
'token' => "required|string|exists:user_password_resets,token",
'code.*' => "required|integer",
])->validate();
$validated['code'] = implode("",$request->code);
$basic_settings = BasicSettingsProvider::get();
$otp_exp_seconds = $basic_settings->otp_exp_seconds ?? 0;
$password_reset = UserPasswordReset::where("token",$token)->first();
if(Carbon::now() >= $password_reset->created_at->addSeconds($otp_exp_seconds)) {
foreach(UserPasswordReset::get() as $item) {
if(Carbon::now() >= $item->created_at->addSeconds($otp_exp_seconds)) {
$item->delete();
}
}
return redirect()->route('user.password.forgot')->with(['error' => ['Session expired. Please try again.']]);
}
if($password_reset->code != $validated['code']) {
throw ValidationException::withMessages([
'code' => "Verification Otp is Invalid",
]);
}
return redirect()->route('user.password.forgot.reset.form',$token);
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function resendCode($token)
{
$password_reset = UserPasswordReset::where('token',$token)->first();
if(!$password_reset) return back()->with(['error' => ['Request token is invalid']]);
if(Carbon::now() <= $password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)) {
throw ValidationException::withMessages([
'code' => 'You can resend verification code after '.Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)). ' seconds',
]);
}
DB::beginTransaction();
try{
$update_data = [
'code' => generate_random_code(),
'created_at' => now(),
'token' => $token,
];
DB::table('user_password_resets')->where('token',$token)->update($update_data);
try{
$password_reset->user->notify(new PasswordResetEmail($password_reset->user,(object) $update_data));
}catch(Exception $e){}
DB::commit();
}catch(Exception $e) {
DB::rollback();
return back()->with(['error' => ['Something went wrong. please try again']]);
}
return redirect()->route('user.password.forgot.code.verify.form',$token)->with(['success' => ['Verification code resend success!']]);
}
public function showResetForm($token) {
$page_title = "Reset Password";
return view('user.auth.forgot-password.reset',compact('page_title','token'));
}
public function resetPassword(Request $request,$token) {
$basic_settings = BasicSettingsProvider::get();
$password_rule = "required|string|min:6|confirmed";
if($basic_settings->secure_password) {
$password_rule = ["required",Password::min(8)->letters()->mixedCase()->numbers()->symbols()->uncompromised(),"confirmed"];
}
$request->merge(['token' => $token]);
$validated = Validator::make($request->all(),[
'token' => "required|string|exists:user_password_resets,token",
'password' => $password_rule,
])->validate();
$password_reset = UserPasswordReset::where("token",$token)->first();
if(!$password_reset) {
throw ValidationException::withMessages([
'password' => "Invalid Request. Please try again.",
]);
}
try{
$password_reset->user->update([
'password' => Hash::make($validated['password']),
]);
$password_reset->delete();
}catch(Exception $e) {
return back()->with(['error' => ['Something went wrong! Please try again.']]);
}
return redirect()->route('user.login')->with(['success' => ['Password reset success. Please login with new password.']]);
}
}
User Registration
top
In the digital age, privacy concerns have become increasingly paramount, prompting the European Union to enact the General Data Protection Regulation (GDPR) in 2018. Among its many provisions, GDPR sets strict guidelines for the collection and processing of personal data, including the use of cookies on websites. Privacy Policy
Allow
Decline
