Change Password Functionality with Laravel Authentication
Filter

Change Password Functionality with Laravel Authentication

by Soeng Souy /
Share

1. Create a Change Password Form

Route Entry

First, add the route for displaying the change password form in the routes/web.php file:

Route::get('/changePassword','HomeController@showChangePasswordForm');

Controller Method

In your HomeController, create the method showChangePasswordForm:

public function showChangePasswordForm(){
    return view('auth.changepassword');
}

Also, ensure your controller is protected by the auth middleware to ensure only authenticated users can access this route:

public function __construct()
{
    $this->middleware('auth');
}

Change Password View (changepassword.blade.php)

Create the view file changepassword.blade.php in resources/views/auth:

@extends('layouts.app')

@section('content')
<div class="container">
    <div class="row">
        <div class="col-md-8 col-md-offset-2">
            <div class="panel panel-default">
                <div class="panel-heading">Change password</div>

                <div class="panel-body">
                    @if (session('error'))
                        <div class="alert alert-danger">
                            {{ session('error') }}
                        </div>
                    @endif
                    @if (session('success'))
                        <div class="alert alert-success">
                            {{ session('success') }}
                        </div>
                    @endif
                    <form class="form-horizontal" method="POST" action="{{ route('changePassword') }}">
                        {{ csrf_field() }}

                        <div class="form-group{{ $errors->has('current-password') ? ' has-error' : '' }}">
                            <label for="current-password" class="col-md-4 control-label">Current Password</label>
                            <div class="col-md-6">
                                <input id="current-password" type="password" class="form-control" name="current-password" required>
                                @if ($errors->has('current-password'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('current-password') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group{{ $errors->has('new-password') ? ' has-error' : '' }}">
                            <label for="new-password" class="col-md-4 control-label">New Password</label>
                            <div class="col-md-6">
                                <input id="new-password" type="password" class="form-control" name="new-password" required>
                                @if ($errors->has('new-password'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('new-password') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group">
                            <label for="new-password-confirm" class="col-md-4 control-label">Confirm New Password</label>
                            <div class="col-md-6">
                                <input id="new-password-confirm" type="password" class="form-control" name="new-password_confirmation" required>
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-6 col-md-offset-4">
                                <button type="submit" class="btn btn-primary">
                                    Change Password
                                </button>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>
@endsection

2. Process Change Password Request

Route Entry

In your routes/web.php, add the route for processing the password change:

Route::post('/changePassword', 'HomeController@changePassword')->name('changePassword');

Controller Method

In HomeController, create the method changePassword to handle the password change:

public function changePassword(Request $request){
    // Check if current password matches the password in the database
    if (!(Hash::check($request->get('current-password'), Auth::user()->password))) {
        return redirect()->back()->with("error", "Your current password does not match the one you provided. Please try again.");
    }

    // Ensure new password is not the same as current password
    if (strcmp($request->get('current-password'), $request->get('new-password')) == 0) {
        return redirect()->back()->with("error", "New password cannot be the same as the current password. Please choose a different password.");
    }

    // Validate the new password
    $validatedData = $request->validate([
        'current-password' => 'required',
        'new-password' => 'required|string|min:6|confirmed',
    ]);

    // Change the password
    $user = Auth::user();
    $user->password = bcrypt($request->get('new-password'));
    $user->save();

    // Redirect with success message
    return redirect()->back()->with("success", "Password changed successfully!");
}

In this method:

  • We first check if the current password entered by the user matches the stored password using Hash::check().

  • Then, we check if the current and new passwords are the same.

  • We validate that the new password meets the required criteria (minimum length of 6 characters, and it must be confirmed).

  • Finally, we change the user's password and save it.

3. Add Link to Change Password in Navigation

If you'd like to include a link to the change password page in your navigation bar, add the following snippet to your layouts/app.blade.php file, just below the logout link:

<li>
    <a href="/changePassword">Change Password</a>
</li>

4. Final Step: Test the Change Password Functionality

  1. Log in to your Laravel application.

  2. Visit the /changePassword route (e.g., http://yourdomain.dev/changePassword).

  3. Enter your current password, a new password, and confirm the new password.

  4. If everything is correct, the password will be updated, and you should see a success message.

Conclusion

You've successfully implemented the change password functionality in your Laravel application. With the above steps, you ensure that users can change their passwords securely while also validating the data to prevent common errors like entering the current password as the new one.

Tag
Soeng Souy

Soeng Souy

Website that learns and reads, PHP, Framework Laravel, How to and download Admin template sample source code free.

Post a Comment

CAN FEEDBACK
close