laravel 5,更新用户密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30708916/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
laravel 5,update User password
提问by Salar
I'm using laravel 5 to develop an app that allow every user to update his profile.
in order to update password, the user needs to first enter his old password and if the old password matched then his newly entered password will be hashed and stored in DB.
how can I validate this, using laravel form request validation?
我正在使用 laravel 5 开发一个允许每个用户更新他的个人资料的应用程序。
为了更新密码,用户需要首先输入他的旧密码,如果旧密码匹配,那么他新输入的密码将被散列并存储在数据库中。我如何使用Laravel 表单请求验证来验证这一点?
采纳答案by Salar
I created a custom validator and added it to AppServiceProvider like this:
我创建了一个自定义验证器并将其添加到 AppServiceProvider 中,如下所示:
<?php
namespace App\Providers;
use Validator;
use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Hash ;
class AppServiceProvider extends ServiceProvider
{
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Validator::extend('password_hash_check', function($attribute, $value, $parameters, $validator) {
return Hash::check($value , $parameters[0]) ;
});
}
then I used it in my form request validator like this:
然后我在我的表单请求验证器中使用它,如下所示:
<?php
namespace App\Http\Requests;
use App\Http\Requests\Request;
class UpdateUserProfileRequest extends Request
{
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
$hashed_password = $this->user()->password ;
return [
'oldPassword'=> "password_hash_check:$hashed_password|string|min:6",
'newPassword' => 'required_with:oldPassword|confirmed|min:6',
];
}
回答by Rajesh kumawat
When you want to check a Hashed value generated by
当您想检查由生成的哈希值时
Hash::make()
you need to use
你需要使用
Hash::check('unhashed', $hashed)
Every time you run Hash::make('string'), a different hash is made and will not match the previous one. For example:
每次运行时Hash::make('string'),都会生成一个不同的哈希值,并且不会与之前的哈希值匹配。例如:
// Generate a hash
$password = Hash::make('password');
// $password == y$T9r9qUxrr6ejs9Ne.nLzMet8l0A8BM5QvLjhaaJasgsbMBdX4JjRu
// Generate a new hash
$new_password = Hash::make('password');
// $new_password == yKBlYKIMpIvk.TWwim9oPuwGA.Pzv1iF7BsDyYkz7kQlhkA/ueULe
// Compare hashes the WRONG way
$password === $new_password; // false
// Compare hash the RIGHT way
Hash::check('password', $password); // true
Hash::check('password', $new_password); // true
So Use Hash::make() method of Hash class.
所以使用Hash类的Hash::make()方法。
回答by Anatoliy Arkhipov
I'm not sure but I think that there is no native way to do this in Laravel. If so, you can implement a custom "hash" validator:
我不确定,但我认为在 Laravel 中没有本地方法可以做到这一点。如果是这样,您可以实现自定义“哈希”验证器:
class CustomValidator extends \Illuminate\Validation\Validator {
public function validateHash($attribute, $value, $parameters)
{
$expected = $parameters[0];
return Hash::check($value, $expected);
}
}
Register it in a provider:
在提供程序中注册它:
class AppServiceProvider extends ServiceProvider {
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
require_once __DIR__ . '/../Http/helpers.php';
Validator::resolver(function($translator, $data, $rules, $messages)
{
return new CustomValidator($translator, $data, $rules, $messages);
});
}
// ...
}
And use it in a form request:
并在表单请求中使用它:
class MyFormRequest extends FormRequest {
public function rules()
{
$password = Auth::user()->password;
return [
'old_password' => "required|hash:" . $password
]
}
// ...
}
Link to documentation: http://laravel.com/docs/5.0/validation#custom-validation-rules
文档链接:http: //laravel.com/docs/5.0/validation#custom-validation-rules
