Home Explore Help
Register Sign In
zhangbj
/
web
Watch 1
Star 0
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
2 Commits
1 Branches
Tree: 97d25c38f3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97d25c38f3'
${ noResults }
web/vendor/illuminate/auth/Passwords/PasswordBroker.php

PasswordBroker.php 6.7KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243 
  1. <?php

  2. 

  3. namespace Illuminate\Auth\Passwords;

  4. 

  5. use Closure;

  6. use Illuminate\Support\Arr;

  7. use UnexpectedValueException;

  8. use Illuminate\Contracts\Auth\UserProvider;

  9. use Illuminate\Contracts\Auth\PasswordBroker as PasswordBrokerContract;

  10. use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;

  11. 

  12. class PasswordBroker implements PasswordBrokerContract

  13. {

  14.     /**

  15.      * The password token repository.

  16.      *

  17.      * @var \Illuminate\Auth\Passwords\TokenRepositoryInterface

  18.      */

  19.     protected $tokens;

  20. 

  21.     /**

  22.      * The user provider implementation.

  23.      *

  24.      * @var \Illuminate\Contracts\Auth\UserProvider

  25.      */

  26.     protected $users;

  27. 

  28.     /**

  29.      * The custom password validator callback.

  30.      *

  31.      * @var \Closure

  32.      */

  33.     protected $passwordValidator;

  34. 

  35.     /**

  36.      * Create a new password broker instance.

  37.      *

  38.      * @param  \Illuminate\Auth\Passwords\TokenRepositoryInterface  $tokens

  39.      * @param  \Illuminate\Contracts\Auth\UserProvider  $users

  40.      * @return void

  41.      */

  42.     public function __construct(TokenRepositoryInterface $tokens,

  43.                                 UserProvider $users)

  44.     {

  45.         $this->users = $users;

  46.         $this->tokens = $tokens;

  47.     }

  48. 

  49.     /**

  50.      * Send a password reset link to a user.

  51.      *

  52.      * @param  array  $credentials

  53.      * @return string

  54.      */

  55.     public function sendResetLink(array $credentials)

  56.     {

  57.         // First we will check to see if we found a user at the given credentials and

  58.         // if we did not we will redirect back to this current URI with a piece of

  59.         // "flash" data in the session to indicate to the developers the errors.

  60.         $user = $this->getUser($credentials);

  61. 

  62.         if (is_null($user)) {

  63.             return static::INVALID_USER;

  64.         }

  65. 

  66.         // Once we have the reset token, we are ready to send the message out to this

  67.         // user with a link to reset their password. We will then redirect back to

  68.         // the current URI having nothing set in the session to indicate errors.

  69.         $user->sendPasswordResetNotification(

  70.             $this->tokens->create($user)

  71.         );

  72. 

  73.         return static::RESET_LINK_SENT;

  74.     }

  75. 

  76.     /**

  77.      * Reset the password for the given token.

  78.      *

  79.      * @param  array  $credentials

  80.      * @param  \Closure  $callback

  81.      * @return mixed

  82.      */

  83.     public function reset(array $credentials, Closure $callback)

  84.     {

  85.         // If the responses from the validate method is not a user instance, we will

  86.         // assume that it is a redirect and simply return it from this method and

  87.         // the user is properly redirected having an error message on the post.

  88.         $user = $this->validateReset($credentials);

  89. 

  90.         if (! $user instanceof CanResetPasswordContract) {

  91.             return $user;

  92.         }

  93. 

  94.         $password = $credentials['password'];

  95. 

  96.         // Once the reset has been validated, we'll call the given callback with the

  97.         // new password. This gives the user an opportunity to store the password

  98.         // in their persistent storage. Then we'll delete the token and return.

  99.         $callback($user, $password);

  100. 

  101.         $this->tokens->delete($user);

  102. 

  103.         return static::PASSWORD_RESET;

  104.     }

  105. 

  106.     /**

  107.      * Validate a password reset for the given credentials.

  108.      *

  109.      * @param  array  $credentials

  110.      * @return \Illuminate\Contracts\Auth\CanResetPassword|string

  111.      */

  112.     protected function validateReset(array $credentials)

  113.     {

  114.         if (is_null($user = $this->getUser($credentials))) {

  115.             return static::INVALID_USER;

  116.         }

  117. 

  118.         if (! $this->validateNewPassword($credentials)) {

  119.             return static::INVALID_PASSWORD;

  120.         }

  121. 

  122.         if (! $this->tokens->exists($user, $credentials['token'])) {

  123.             return static::INVALID_TOKEN;

  124.         }

  125. 

  126.         return $user;

  127.     }

  128. 

  129.     /**

  130.      * Set a custom password validator.

  131.      *

  132.      * @param  \Closure  $callback

  133.      * @return void

  134.      */

  135.     public function validator(Closure $callback)

  136.     {

  137.         $this->passwordValidator = $callback;

  138.     }

  139. 

  140.     /**

  141.      * Determine if the passwords match for the request.

  142.      *

  143.      * @param  array  $credentials

  144.      * @return bool

  145.      */

  146.     public function validateNewPassword(array $credentials)

  147.     {

  148.         if (isset($this->passwordValidator)) {

  149.             list($password, $confirm) = [

  150.                 $credentials['password'],

  151.                 $credentials['password_confirmation'],

  152.             ];

  153. 

  154.             return call_user_func(

  155.                 $this->passwordValidator, $credentials

  156.             ) && $password === $confirm;

  157.         }

  158. 

  159.         return $this->validatePasswordWithDefaults($credentials);

  160.     }

  161. 

  162.     /**

  163.      * Determine if the passwords are valid for the request.

  164.      *

  165.      * @param  array  $credentials

  166.      * @return bool

  167.      */

  168.     protected function validatePasswordWithDefaults(array $credentials)

  169.     {

  170.         list($password, $confirm) = [

  171.             $credentials['password'],

  172.             $credentials['password_confirmation'],

  173.         ];

  174. 

  175.         return $password === $confirm && mb_strlen($password) >= 6;

  176.     }

  177. 

  178.     /**

  179.      * Get the user for the given credentials.

  180.      *

  181.      * @param  array  $credentials

  182.      * @return \Illuminate\Contracts\Auth\CanResetPassword|null

  183.      *

  184.      * @throws \UnexpectedValueException

  185.      */

  186.     public function getUser(array $credentials)

  187.     {

  188.         $credentials = Arr::except($credentials, ['token']);

  189. 

  190.         $user = $this->users->retrieveByCredentials($credentials);

  191. 

  192.         if ($user && ! $user instanceof CanResetPasswordContract) {

  193.             throw new UnexpectedValueException('User must implement CanResetPassword interface.');

  194.         }

  195. 

  196.         return $user;

  197.     }

  198. 

  199.     /**

  200.      * Create a new password reset token for the given user.

  201.      *

  202.      * @param  \Illuminate\Contracts\Auth\CanResetPassword $user

  203.      * @return string

  204.      */

  205.     public function createToken(CanResetPasswordContract $user)

  206.     {

  207.         return $this->tokens->create($user);

  208.     }

  209. 

  210.     /**

  211.      * Delete password reset tokens of the given user.

  212.      *

  213.      * @param  \Illuminate\Contracts\Auth\CanResetPassword $user

  214.      * @return void

  215.      */

  216.     public function deleteToken(CanResetPasswordContract $user)

  217.     {

  218.         $this->tokens->delete($user);

  219.     }

  220. 

  221.     /**

  222.      * Validate the given password reset token.

  223.      *

  224.      * @param  \Illuminate\Contracts\Auth\CanResetPassword $user

  225.      * @param  string $token

  226.      * @return bool

  227.      */

  228.     public function tokenExists(CanResetPasswordContract $user, $token)

  229.     {

  230.         return $this->tokens->exists($user, $token);

  231.     }

  232. 

  233.     /**

  234.      * Get the password reset token repository implementation.

  235.      *

  236.      * @return \Illuminate\Auth\Passwords\TokenRepositoryInterface

  237.      */

  238.     public function getRepository()

  239.     {

  240.         return $this->tokens;

  241.     }

  242. }