[new] Add Change Password Feature #14

✓ User must be logged in x User click the "Change Password" menu/link I'm using `Edit Profil Form`, since the change password form is already there ✓ User must fill in the old password, new password and confirm new password. ✓ System checks that old password is correct ✓ If old password correct, save new password ✓ Else, notify user that old password is incorrect. Bonus buat Mas @nafiels 😋 👌 ✓ New password cannot be same as user current password
7 years ago · 1ea6c3263d
6 changed files with 31 additions and 5 deletions
--- a/app/Http/Controllers/UsersController.php
+++ b/app/Http/Controllers/UsersController.php
@ -142,8 +142,8 @@ class UsersController extends Controller
        $user->city = $request->get('city');
        $user->email = $request->get('email');

-        if ($request->get('password')) {
-            $user->password = bcrypt($request->get('password'));
+        if ($request->new_password) {
+            $user->password = bcrypt($request->new_password);
        }

        $user->save();
--- a/app/Http/Requests/Users/UpdateRequest.php
+++ b/app/Http/Requests/Users/UpdateRequest.php
@ -36,7 +36,16 @@ class UpdateRequest extends FormRequest
            'address'   => 'nullable|string|max:255',
            'city'      => 'nullable|string|max:255',
            'email'     => 'nullable|string|max:255',
-            'password'  => 'nullable|min:6|max:15',
+            'password'  => 'nullable|min:6|max:15|current_password',
+            'new_password'  => 'nullable|min:6|max:15|same_password|confirmed',
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+           'password.current_password' => trans('passwords.old_password'),
+           'new_password.same_password' => trans('passwords.same_password'),
        ];
    }
 }
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -19,6 +19,18 @@ class AppServiceProvider extends ServiceProvider
        if($this->app->environment() === 'production') {
            $this->app['request']->server->set('HTTPS', true);
        }
+
+        \Validator::extend('current_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && \Hash::check($value, $user->password);
+        });
+
+        \Validator::extend('same_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && !\Hash::check($value, $user->password);
+        });
    }

    /**
--- a/resources/lang/en/passwords.php
+++ b/resources/lang/en/passwords.php
@ -18,5 +18,6 @@ return [
    'sent'     => 'We have e-mailed your password reset link!',
    'token'    => 'This password reset token is invalid.',
    'user'     => "We can't find a user with that e-mail address.",
-
+    "old_password" => "Your current password does not matches with the password you provided. Please try again.",
+    "same_password" => "New password cannot be same as your current password. Please choose a different password."
 ];
--- a/resources/lang/id/passwords.php
+++ b/resources/lang/id/passwords.php
@ -18,5 +18,7 @@ return [
    "sent"      => "Kami sudah mengirim email yang berisi tautan untuk mereset Password Anda!",
    "token"     => "Token Reset Password tidak sah.",
    "user"      => "Kami tidak dapat menemukan pengguna dengan email tersebut.",
+    "old_password" => "Password yang Anda masukan tidak sesuai dengan password yang tersimpan. Silahkan coba kembali.",
+    "same_password" => "Password baru Anda tidak boleh sama dengan password lama. Silahkan pilih password yang berbeda."

 ];
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@ -89,7 +89,9 @@
                <div class="panel-heading"><h3 class="panel-title">{{ trans('app.login_account') }}</h3></div>
                <div class="panel-body">
                    {!! FormField::email('email', ['label' => trans('auth.email'), 'placeholder' => trans('app.example').' nama@mail.com']) !!}
-                    {!! FormField::text('password', ['label' => trans('auth.password'), 'placeholder' => '******', 'value' => '']) !!}
+                    {!! FormField::password('password', ['label' => trans('auth.old_password'), 'placeholder' => '******', 'value' => '']) !!}
+                    {!! FormField::password('new_password', ['label' => trans('auth.new_password'), 'placeholder' => '******', 'value' => '']) !!}
+                    {!! FormField::password ('new_password_confirmation', ['label' => trans('auth.new_password_confirmation'), 'placeholder' => '******', 'value' => '']) !!}
                </div>
            </div>
            <div class="text-right">