How to implement password reset function in laravel

In modern web applications, user password reset is an essential function. A well-designed password reset process can not only ensure the security of the user's account, but also improve the user experience. Laravel is a popular PHP web development framework that also integrates a convenient password reset system. This article will introduce how to use Laravel to implement the password reset function.

Environment preparation

Before you begin, make sure you have completed the following installation:

• PHP 7.2 and above
• Composer 2 and above
• Laravel 5.5 and above

If you have not installed Laravel, you can install it in the terminal through the following command:

composer create-project --prefer-dist laravel/laravel project-name

Reset Password Process

Laravel’s password reset process is based on email notification. The steps are as follows:

1. The user submits the email address and link to the application where the password needs to be reset. Program;
2. The application sends an email with a reset link to the user's mailbox;
3. The user accesses the email link;
4. The application determines whether the link has expired and is legal;
5. If the link is legal, a form for entering the password will appear on the page;
6. The user fills in the new password;
7. The user submits the form;
8. The application resets the user password.

Therefore, we need to implement each step of this process.

Email configuration

First, we need to configure the email in Laravel. Open the .env file and add the following configuration in it:

MAIL_DRIVER=smtp
MAIL_HOST=smtp.mxhichina.com
MAIL_PORT=25
MAIL_USERNAME=youremail@example.com
MAIL_PASSWORD=yourpassword
MAIL_FROM_ADDRESS=youremail@example.com
MAIL_ENCRYPTION=

The configuration here needs to be modified according to your actual situation. MAIL_DRIVER specifies the mail service provider used Provider, such as smtp, mailgun or sendmail, etc. Here we use Alibaba Cloud email service provider smtp.mxhichina.com, And you need to fill in your email username and password. MAIL_FROM_ADDRESS Used to specify the sending address for sending emails.

Next, we need to configure the email sending options in the config/mail.php file, such as setting the sender name and address:

'from' => [
    'address' => env('MAIL_FROM_ADDRESS', 'youremail@example.com'),
    'name' => env('MAIL_FROM_NAME', 'Your Name'),
],

routing Configuration

Now we need to configure the routing to handle the password reset operation. In Laravel, we can use the built-in Password controller to handle the logic of resetting passwords. Open the routes/web.php file and add the following routes:

// Password Reset Routes
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');

Here we use two controllers in Auth, namely ForgotPasswordController and ResetPasswordController handle the password reset email sending and password reset operations respectively.

View configuration

Next, we need to add a view to display the form for users to fill in their email and password. We can use Blade template code similar to the following code snippet to achieve:

<form method="POST" action="{{ route(&#39;password.email&#39;) }}">
    @csrf
    <div>
        <input type="email" name="email" value="{{ old(&#39;email&#39;) }}" required autofocus placeholder="请输入您的邮箱地址">
    </div>
    <div>
        <button type="submit">发送重置密码链接</button>
    </div>
</form>

In this page, we use a form to accept the email address filled in by the user, and add a send button. Clicking this button will Send a password reset link to this email address.

We also need to add another view to allow the user to enter a new password. A code snippet similar to the following can be used to implement such a form:

<form method="POST" action="{{ route(&#39;password.update&#39;) }}" >
    @csrf
    <input type="hidden" name="token" value="{{ $token }}">
    <div>
        <label for="email-input">邮箱</label>
        <input type="email" name="email" value="{{ $email ?? old(&#39;email&#39;) }}" required autofocus>
    </div>
    <div>
        <label for="password-input">新密码</label>
        <input type="password" name="password" required>
    </div>
    <div>
        <label for="password-confirm-input">确认新密码</label>
        <input type="password" name="password_confirmation" required>
    </div>
    <div>
        <button type="submit">重置密码</button>
    </div>
</form>

This form requires the user to fill in a new password and confirm the password, and requires $token and $email Parameters to verify whether the reset link is legal. These parameters can be obtained in ResetPasswordController@showResetForm.

Controller logic

We use two controllers in routing to handle password reset operations, namely ForgotPasswordController and ResetPasswordController.

ForgotPasswordController Provides a showLinkRequestForm() method to display a form for users to fill in their email addresses. Another method sendResetLinkEmail() will send an email containing a password reset link to the email address provided by the user. The Password::sendResetLink() method is used to handle the reset link. generation and sending. The

showResetForm()

method in ResetPasswordController will display the form for the user to enter a new password. If the reset link is illegal, it will return to the email link expiration prompt page. . The reset() method handles the logic of the user filling in the password reset form and submitting it. The Password::reset() method is used to update the user's password to the database.

use Illuminate\Support\Facades\Password;

class ForgotPasswordController extends Controller
{
    use SendsPasswordResetEmails;
}

class ResetPasswordController extends Controller
{
    use ResetsPasswords;

    protected $redirectTo = '/home';

    public function showResetForm(Request $request, $token = null)
    {
        return view('auth.passwords.reset')->with(
            ['token' => $token, 'email' => $request->email]
        );
    }
}

Using the password reset function

Now that we have completed the implementation of the password reset function in Laravel, let’s try to use the implemented function to reset the password Reset:

1. Open the login page of the application and click Forgot password;
2. Enter your registered email address and click the Send reset password link button;
3. Open your email, find and click the password reset link;
4. Enter your new password and confirm the new password;
5. Click the submit button.

If everything goes well, your password has been reset successfully!

Summarize

In this article, we introduce how to use Laravel to implement a basic password reset function. In modern web applications, password reset is a necessary function. Only a well-designed and implemented password reset process can ensure the security of user accounts and user experience. I believe that after you learn the techniques described in this article and implement the complete password reset function, the user's password security and user experience will be improved.

The above is the detailed content of How to implement password reset function in laravel. For more information, please follow other related articles on the PHP Chinese website!