密码重置在验证时不返回错误消息
Password reset not returning error messages on validation
重设密码后,用户会收到包含重设密码 link 和令牌的电子邮件。
打开此 link 用户会看到密码重置表单(视图)。
到此为止一切正常..但是每当我传递错误的电子邮件以触发“电子邮件无效”错误警告时,它什么也没给我。
检查 C:\Users\richa\Projects\globeguru\cms\vendor\laravel\framework\src\Illuminate\Foundation\Auth\ResetsPasswords.php 我在第 3 行遇到了响应函数:
php
public function reset(Request $request)
{
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
这一行:
$request->validate($this->rules(), $this->validationErrorMessages());
这让我想到了这个功能:
protected function validationErrorMessages()
{
return [];
}
我的问题是 - 如何通过 validationErrorMessages() 函数触发错误消息并 return 它?
[已编辑]
根据要求,这里是重置表格 HTML
@section('reset-form')
<div class="alert-container" >
@if (session('status'))
<div class="alert alert-success alert-dismissible fade show" role="alert">
<p><strong>Success!</strong></p>
<p>{{ session('alert') }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@endif
@error('email')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password_confirmation')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
</div>
<div class="gg-login-wrap">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">{{ __('auth.reset_title') }}</h5>
</div>
<div class="modal-body">
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<div class="form-group edit-input-wrap">
<input id="email" type="email" class="form-control edit-input @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
<label for="email">{{ __('auth.email') }}</label>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password" type="password" class="form-control edit-input @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
<label for="password">{{ __('auth.password') }}</label>
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password_confirmation" type="password" class="form-control" name="password_confirmation" required autocomplete="password_confirmation">
<label for="password_confirmation">{{ __('auth.password_repeat') }}</label>
@error('password_confirmation')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<input type="submit" class="btn btn-primary" value="{{ __('auth.reset') }}">
</form>
</div>
</div>
</div>
</div>
@endsection
也转储 $errors 我收到以下回复:
{"token":["The token field is required."]}
提供了@csrf,所以我不知道还有什么可能导致这个。
更新#2
好吧,所以我只是惊慌失措,在 reset 函数中的每个步骤上都放置了 dump,当我在验证之前放置它时,如下所示:
public function reset(Request $request)
{
dump($request); // <-------------------------
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
它 return 带有 Request 转储的页面和此消息:Redirecting to http://localhost:8000/password/reset/a98f717fd25f4c5b32e2ee81e1276058e294ea6536509d1a223d131bcc0dd12c. 这清楚地表明在验证和重置之间存在重定向。
如果我之后转储,它不会 return 任何东西,因此它清楚地表明它在 $request->validate($this->rules(), $this->validationErrorMessages()); 这一步中断了。
Here is Laracasts discussion link: https://laracasts.com/discuss/channels/laravel/password-reset-not-returning-error-messages-on-validation?page=1#reply=510638
好吧,我通过更改 html 来修复它:
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
对此:
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<input type="hidden" name="token" value="{{ $token }}">
dump($request->all()) returns:
array:5 [▼
"_token" => "RlwpqsSHcN42PaEWvIMHCYjjowAnox8ApTA9eeUV"
"token" => "2fb28348a08eac8386a2276be5a7ed5a2847adef39b4ed769157e2213bc208c9"
"email" => "admin@demo.com"
"password" => "password"
"password_confirmation" => "password"
]
Redirecting to http://localhost:8000/login.
所以现在这可行了,虽然我知道 token 和 _token 不同,一个用于查看,另一个用于密码重置,但我仍然不明白我的解决方案与原始解决方案有何不同Laravel Auth 其中只有 @csrf 命令被调用,然后由 Blade 编译返回所有必要的隐藏输入。
重设密码后,用户会收到包含重设密码 link 和令牌的电子邮件。 打开此 link 用户会看到密码重置表单(视图)。
到此为止一切正常..但是每当我传递错误的电子邮件以触发“电子邮件无效”错误警告时,它什么也没给我。
检查 C:\Users\richa\Projects\globeguru\cms\vendor\laravel\framework\src\Illuminate\Foundation\Auth\ResetsPasswords.php 我在第 3 行遇到了响应函数:
php
public function reset(Request $request)
{
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
这一行:
$request->validate($this->rules(), $this->validationErrorMessages());
这让我想到了这个功能:
protected function validationErrorMessages()
{
return [];
}
我的问题是 - 如何通过 validationErrorMessages() 函数触发错误消息并 return 它?
[已编辑] 根据要求,这里是重置表格 HTML
@section('reset-form')
<div class="alert-container" >
@if (session('status'))
<div class="alert alert-success alert-dismissible fade show" role="alert">
<p><strong>Success!</strong></p>
<p>{{ session('alert') }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@endif
@error('email')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
@error('password_confirmation')
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<p><strong>Error!</strong></p>
<p>{{ $message }}</p>
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
@enderror
</div>
<div class="gg-login-wrap">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">{{ __('auth.reset_title') }}</h5>
</div>
<div class="modal-body">
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<div class="form-group edit-input-wrap">
<input id="email" type="email" class="form-control edit-input @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
<label for="email">{{ __('auth.email') }}</label>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password" type="password" class="form-control edit-input @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
<label for="password">{{ __('auth.password') }}</label>
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="form-group edit-input-wrap">
<input id="password_confirmation" type="password" class="form-control" name="password_confirmation" required autocomplete="password_confirmation">
<label for="password_confirmation">{{ __('auth.password_repeat') }}</label>
@error('password_confirmation')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<input type="submit" class="btn btn-primary" value="{{ __('auth.reset') }}">
</form>
</div>
</div>
</div>
</div>
@endsection
也转储 $errors 我收到以下回复:
{"token":["The token field is required."]}
提供了@csrf,所以我不知道还有什么可能导致这个。
更新#2
好吧,所以我只是惊慌失措,在 reset 函数中的每个步骤上都放置了 dump,当我在验证之前放置它时,如下所示:
public function reset(Request $request)
{
dump($request); // <-------------------------
$request->validate($this->rules(), $this->validationErrorMessages());
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
它 return 带有 Request 转储的页面和此消息:Redirecting to http://localhost:8000/password/reset/a98f717fd25f4c5b32e2ee81e1276058e294ea6536509d1a223d131bcc0dd12c. 这清楚地表明在验证和重置之间存在重定向。
如果我之后转储,它不会 return 任何东西,因此它清楚地表明它在 $request->validate($this->rules(), $this->validationErrorMessages()); 这一步中断了。
Here is Laracasts discussion link: https://laracasts.com/discuss/channels/laravel/password-reset-not-returning-error-messages-on-validation?page=1#reply=510638
好吧,我通过更改 html 来修复它:
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
对此:
<form class="gg-login" method="POST" action="{{ route('password.update') }}">
@csrf
<input type="hidden" name="token" value="{{ $token }}">
dump($request->all()) returns:
array:5 [▼
"_token" => "RlwpqsSHcN42PaEWvIMHCYjjowAnox8ApTA9eeUV"
"token" => "2fb28348a08eac8386a2276be5a7ed5a2847adef39b4ed769157e2213bc208c9"
"email" => "admin@demo.com"
"password" => "password"
"password_confirmation" => "password"
]
Redirecting to http://localhost:8000/login.
所以现在这可行了,虽然我知道 token 和 _token 不同,一个用于查看,另一个用于密码重置,但我仍然不明白我的解决方案与原始解决方案有何不同Laravel Auth 其中只有 @csrf 命令被调用,然后由 Blade 编译返回所有必要的隐藏输入。