1

I'm developing an e-commerce application and it is using laravel's authentication. It gives me all the login/register/resetpassword logic and views. Login and register is working fine but the reset view is throwing me some errors. Reset view:

@extends('layouts.app')

@section('content')
<div class="container">
    <div class="row">
        <div class="col-md-8 col-md-offset-2">
            <div class="panel panel-default">
                <div class="panel-heading">Reset password</div>

                <div class="panel-body">
                    @if (session('status'))
                        <div class="alert alert-success">
                            {{ session('status') }}
                        </div>
                    @endif

                    <form class="form-horizontal" role="form" method="POST" action="{{ route('password.request') }}">
                        {{ csrf_field() }}

                        <input type="hidden" name="token" value="{{ $token }}">

                        <div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
                            <label for="email" class="col-md-4 control-label">E-mail</label>

                            <div class="col-md-6">
                                <input id="email" type="email" class="form-control" name="email" value="{{ $email or old('email') }}" required autofocus>

                                @if ($errors->has('email'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('email') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
                            <label for="password" class="col-md-4 control-label">Password</label>

                            <div class="col-md-6">
                                <input id="password" type="password" class="form-control" name="password" required>

                                @if ($errors->has('password'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('password') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group{{ $errors->has('password_confirmation') ? ' has-error' : '' }}">
                            <label for="password-confirm" class="col-md-4 control-label">Confirm password</label>
                            <div class="col-md-6">
                                <input id="password-confirm" type="password" class="form-control" name="password_confirmation" required>

                                @if ($errors->has('password_confirmation'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('password_confirmation') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-6 col-md-offset-4">
                                <button type="submit" class="btn btn-primary">
                                    Reset password
                                </button>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>
@endsection

When i'm not logged in, i get: Undefined variable: token in the following piece of code:

  <input type="hidden" name="token" value="{{ $token }}">

But when i'm logged in I do not get any error but it simply redirects me to the home page. I know it must be because of the middleware but it makes no sense that a logged user can't have access to the "password reset" view. Any ideias?

TL;DR

Auth route (password reset):

Route::group(['namespace' => 'Auth'], function () {
  Route::get('/reset', 'ResetPasswordController@getPasswordResetView');
});

Password reset controller:

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;

class ResetPasswordController extends Controller
{

    use ResetsPasswords;


    protected $redirectTo = '/home';


    public function __construct()
    {
        $this->middleware('guest');
    }

    public function getPasswordResetView()
    {
      return view("auth/passwords/reset");
    }
}
Improve this question
3
  • You should add the code for the controller and router if you want a decent answer Commented Jun 1, 2017 at 2:47
  • did you try print $token in password reset? Commented Jun 1, 2017 at 2:52
  • I will add more details to the question Commented Jun 1, 2017 at 2:53

2 Answers 2

Reset to default
5

You're using the wrong view. The view reset.blade.php is used to display the password reset page when a user clicks on the reset link in the email. What you're looking for is email.blade.php view which shows the password reset form where a user can enter their email to reset the password.

These are the built in auth routes

$this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
$this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');

The password reset request route uses showLinkRequestForm method on ForgotPasswordController.

public function showLinkRequestForm()
{
    return view('auth.passwords.email');
}

The email password reset route uses showResetForm method on ResetPasswordController.

public function showResetForm(Request $request, $token = null)
{
    return view('auth.passwords.reset')->with(
        ['token' => $token, 'email' => $request->email]
    );
}

As you can see the $token gets set by the controller based on the value received from the reset link.

Also these two routes use guest middleware. Which means you can view them only when you're not logged in. Trying to access them when you're already logged in would redirect you to the route set in the RedirectIfAuthenticated middleware which is nothing but the guest middleware.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Now I see. I was trying to make a change password link for a logged user that uses laravel's email/password reset views. But if it redirects to home page when user is logged in, do I need to implement a new middleware to this functionality? Then it would allow a logged user to change his password by submiting his e-mail and then generate the email with the password reset.
The reset page is completely different, the only thing you have there that you can reuse is the form. You're better of creating another view for password change option for users.
1

The password reset view you're thinking of is a forgotten password reset, so that's why it redirects home when you're already logged in.

The token error you're getting is probably because you're not following the token link Laravel generates in the password reset email.

Improve this answer

1 Comment

Oh know I see it should be using "email" view and not "reset" view right? But I just tried to use the "reset" view while logged in and still redirects to home page

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.