在使用“忘记密码"发送“密码重置"电子邮件之前，检查用户是否已激活 [英] Checking if User is activated before sending Password Reset email using Forgot Password

问题描述

我正在使用Laravel 5.3创建一个小型应用程序.我已经在Laravel的默认Auth上应用了用户激活(通过电子邮件确认).但是，如果未通过验证电子邮件地址激活帐户/用户，我找不到停止发送密码重置链接的方法.目前，如果用户创建了一个帐户并且未验证电子邮件地址，则可以使用密码重置"链接登录.

I'm creating a small app using Laravel 5.3. I've applied user activation (via email confirmation) on Laravel's default Auth. But i couldn't find a way to stop sending password reset link if account/user not activated by verifying email address. Currently if a user creates an account and doesn't verify the email address he/she can login using Password Reset link.

这是我在用户表中拥有的

this what i've in user table

public function up()
{
    Schema::create('users', function (Blueprint $table) {
        $table->increments('id');
        $table->string('name')->nullable();;
        $table->string('username')->unique();
        $table->string('email')->unique();
        $table->string('company')->nullable();;
        $table->string('password');
        $table->boolean('activated')->default(false);
        $table->rememberToken();
        $table->timestamps();
    });

    Schema::create('user_activations', function (Blueprint $table) {
        $table->integer('user_id')->unsigned();
        $table->string('token')->index();
        $table->timestamp('created_at');
    });
}

更新 我试图通过更新以下功能来做到这一点.但这不起作用

UPDATE I tried to do it by updating the below function. but it's not working

public function reset(Request $request)
{
    if (!$request->activated) {
        return redirect('/');
    } else {
        $this->validate($request, $this->rules(), $this->validationErrorMessages());

        $response = $this->broker()->reset(
            $this->credentials($request), function ($user, $password) {
                $this->resetPassword($user, $password);
            }
        );

        return $response == Password::PASSWORD_RESET
                    ? $this->sendResetResponse($response)
                    : $this->sendResetFailedResponse($request, $response);
    }
}

推荐答案

我找到了解决方案.万一有人寻找相同的解决方案，以防万一.这是我重写的功能

I found the solution. Just in case if someone looking for the same solution. Here is the function i overridden

public function sendResetLinkEmail(Request $request)
{
    $this->validate($request, ['email' => 'required|email']);
    $user_check = User::where('email', $request->email)->first();

    if (!$user_check->activated) {
        return back()->with('status', 'Your account is not activated. Please activate it first.');
    } else {
        $response = $this->broker()->sendResetLink(
            $request->only('email')
        );

        if ($response === Password::RESET_LINK_SENT) {
            return back()->with('status', trans($response));
        }

        return back()->withErrors(
            ['email' => trans($response)]
        );
    }
} 

这篇关于在使用“忘记密码"发送“密码重置"电子邮件之前，检查用户是否已激活的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！