From e153b61c47648ec40f891319801b4c6446eaca3d Mon Sep 17 00:00:00 2001 From: Pushpak Chhajed Date: Mon, 13 Oct 2025 12:07:18 +0530 Subject: [PATCH 1/5] Replace Login and Logout with fortify --- app/Providers/FortifyServiceProvider.php | 24 +++ resources/views/livewire/auth/login.blade.php | 200 +++++------------- .../livewire/auth/verify-email.blade.php | 11 +- routes/auth.php | 7 - tests/Feature/Auth/AuthenticationTest.php | 36 ++-- tests/Feature/Auth/TwoFactorChallengeTest.php | 17 +- 6 files changed, 99 insertions(+), 196 deletions(-) diff --git a/app/Providers/FortifyServiceProvider.php b/app/Providers/FortifyServiceProvider.php index b99dcc74..9b7effad 100644 --- a/app/Providers/FortifyServiceProvider.php +++ b/app/Providers/FortifyServiceProvider.php @@ -6,6 +6,7 @@ use Illuminate\Http\Request; use Illuminate\Support\Facades\RateLimiter; use Illuminate\Support\ServiceProvider; +use Illuminate\Support\Str; use Laravel\Fortify\Fortify; class FortifyServiceProvider extends ServiceProvider @@ -23,11 +24,34 @@ public function register(): void */ public function boot(): void { + $this->configureViews(); + $this->configureRateLimiting(); + + } + + /** + * Configure Fortify views. + */ + private function configureViews(): void + { + Fortify::loginView(fn () => view('livewire.auth.login')); Fortify::twoFactorChallengeView(fn () => view('livewire.auth.two-factor-challenge')); Fortify::confirmPasswordView(fn () => view('livewire.auth.confirm-password')); + } + /** + * Configure rate limiting. + */ + private function configureRateLimiting(): void + { RateLimiter::for('two-factor', function (Request $request) { return Limit::perMinute(5)->by($request->session()->get('login.id')); }); + + RateLimiter::for('login', function (Request $request) { + $throttleKey = Str::transliterate(Str::lower($request->input(Fortify::username())).'|'.$request->ip()); + + return Limit::perMinute(5)->by($throttleKey); + }); } } diff --git a/resources/views/livewire/auth/login.blade.php b/resources/views/livewire/auth/login.blade.php index 5a0352dc..fdc45798 100644 --- a/resources/views/livewire/auth/login.blade.php +++ b/resources/views/livewire/auth/login.blade.php @@ -1,156 +1,58 @@ - +
+ -use App\Models\User; -use Illuminate\Auth\Events\Lockout; -use Illuminate\Support\Facades\Auth; -use Illuminate\Support\Facades\RateLimiter; -use Illuminate\Support\Facades\Route; -use Illuminate\Support\Facades\Session; -use Illuminate\Support\Str; -use Illuminate\Validation\ValidationException; -use Laravel\Fortify\Features; -use Livewire\Attributes\Layout; -use Livewire\Attributes\Validate; -use Livewire\Volt\Component; + + -new #[Layout('components.layouts.auth')] class extends Component { - #[Validate('required|string|email')] - public string $email = ''; +
+ @csrf - #[Validate('required|string')] - public string $password = ''; - - public bool $remember = false; - - /** - * Handle an incoming authentication request. - */ - public function login(): void - { - $this->validate(); - - $this->ensureIsNotRateLimited(); - - $user = $this->validateCredentials(); - - if (Features::canManageTwoFactorAuthentication() && $user->hasEnabledTwoFactorAuthentication()) { - Session::put([ - 'login.id' => $user->getKey(), - 'login.remember' => $this->remember, - ]); - - $this->redirect(route('two-factor.login'), navigate: true); - - return; - } - - Auth::login($user, $this->remember); - - RateLimiter::clear($this->throttleKey()); - Session::regenerate(); - - $this->redirectIntended(default: route('dashboard', absolute: false), navigate: true); - } - - /** - * Validate the user's credentials. - */ - protected function validateCredentials(): User - { - $user = Auth::getProvider()->retrieveByCredentials(['email' => $this->email, 'password' => $this->password]); - - if (! $user || ! Auth::getProvider()->validateCredentials($user, ['password' => $this->password])) { - RateLimiter::hit($this->throttleKey()); - - throw ValidationException::withMessages([ - 'email' => __('auth.failed'), - ]); - } - - return $user; - } - - /** - * Ensure the authentication request is not rate limited. - */ - protected function ensureIsNotRateLimited(): void - { - if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) { - return; - } - - event(new Lockout(request())); - - $seconds = RateLimiter::availableIn($this->throttleKey()); - - throw ValidationException::withMessages([ - 'email' => __('auth.throttle', [ - 'seconds' => $seconds, - 'minutes' => ceil($seconds / 60), - ]), - ]); - } - - /** - * Get the authentication rate limiting throttle key. - */ - protected function throttleKey(): string - { - return Str::transliterate(Str::lower($this->email).'|'.request()->ip()); - } -}; ?> - -
- - - - - - - - - - -
+ - @if (Route::has('password.request')) - - {{ __('Forgot your password?') }} - - @endif -
- - - - -
- - {{ __('Log in') }} - -
- - - @if (Route::has('register')) -
- {{ __('Don\'t have an account?') }} - {{ __('Sign up') }} -
- @endif -
+ +
+ + + @if (Route::has('password.request')) + + {{ __('Forgot your password?') }} + + @endif +
+ + + + +
+ + {{ __('Log in') }} + +
+ + + @if (Route::has('register')) +
+ {{ __('Don\'t have an account?') }} + {{ __('Sign up') }} +
+ @endif +
+ diff --git a/resources/views/livewire/auth/verify-email.blade.php b/resources/views/livewire/auth/verify-email.blade.php index 9f63a401..7ee621b7 100644 --- a/resources/views/livewire/auth/verify-email.blade.php +++ b/resources/views/livewire/auth/verify-email.blade.php @@ -35,8 +35,6 @@ public function rendering(View $view): void { if (Auth::user()->hasVerifiedEmail()) { $this->redirectIntended(default: route('dashboard', absolute: false), navigate: true); - - return; } } }; ?> @@ -57,8 +55,11 @@ public function rendering(View $view): void {{ __('Resend verification email') }} - - {{ __('Log out') }} - +
+ @csrf + + {{ __('Log out') }} + +
diff --git a/routes/auth.php b/routes/auth.php index 57826226..ea50ec38 100644 --- a/routes/auth.php +++ b/routes/auth.php @@ -5,9 +5,6 @@ use Livewire\Volt\Volt; Route::middleware('guest')->group(function () { - Volt::route('login', 'auth.login') - ->name('login'); - Volt::route('register', 'auth.register') ->name('register'); @@ -16,7 +13,6 @@ Volt::route('reset-password/{token}', 'auth.reset-password') ->name('password.reset'); - }); Route::middleware('auth')->group(function () { @@ -27,6 +23,3 @@ ->middleware(['signed', 'throttle:6,1']) ->name('verification.verify'); }); - -Route::post('logout', App\Livewire\Actions\Logout::class) - ->name('logout'); diff --git a/tests/Feature/Auth/AuthenticationTest.php b/tests/Feature/Auth/AuthenticationTest.php index 2c19b3f7..dd069b1f 100644 --- a/tests/Feature/Auth/AuthenticationTest.php +++ b/tests/Feature/Auth/AuthenticationTest.php @@ -5,7 +5,6 @@ use App\Models\User; use Illuminate\Foundation\Testing\RefreshDatabase; use Laravel\Fortify\Features; -use Livewire\Volt\Volt as LivewireVolt; use Tests\TestCase; class AuthenticationTest extends TestCase @@ -23,13 +22,13 @@ public function test_users_can_authenticate_using_the_login_screen(): void { $user = User::factory()->withoutTwoFactor()->create(); - $response = LivewireVolt::test('auth.login') - ->set('email', $user->email) - ->set('password', 'password') - ->call('login'); + $response = $this->post(route('login.store'), [ + 'email' => $user->email, + 'password' => 'password', + ]); $response - ->assertHasNoErrors() + ->assertSessionHasNoErrors() ->assertRedirect(route('dashboard', absolute: false)); $this->assertAuthenticated(); @@ -39,12 +38,12 @@ public function test_users_can_not_authenticate_with_invalid_password(): void { $user = User::factory()->create(); - $response = LivewireVolt::test('auth.login') - ->set('email', $user->email) - ->set('password', 'wrong-password') - ->call('login'); + $response = $this->post(route('login.store'), [ + 'email' => $user->email, + 'password' => 'wrong-password', + ]); - $response->assertHasErrors('email'); + $response->assertSessionHasErrorsIn('email'); $this->assertGuest(); } @@ -62,19 +61,12 @@ public function test_users_with_two_factor_enabled_are_redirected_to_two_factor_ $user = User::factory()->create(); - $user->forceFill([ - 'two_factor_secret' => encrypt('test-secret'), - 'two_factor_recovery_codes' => encrypt(json_encode(['code1', 'code2'])), - 'two_factor_confirmed_at' => now(), - ])->save(); - - $response = LivewireVolt::test('auth.login') - ->set('email', $user->email) - ->set('password', 'password') - ->call('login'); + $response = $this->post(route('login.store'), [ + 'email' => $user->email, + 'password' => 'password', + ]); $response->assertRedirect(route('two-factor.login')); - $response->assertSessionHas('login.id', $user->id); $this->assertGuest(); } diff --git a/tests/Feature/Auth/TwoFactorChallengeTest.php b/tests/Feature/Auth/TwoFactorChallengeTest.php index 48e9f7ac..4bd73384 100644 --- a/tests/Feature/Auth/TwoFactorChallengeTest.php +++ b/tests/Feature/Auth/TwoFactorChallengeTest.php @@ -5,7 +5,6 @@ use App\Models\User; use Illuminate\Foundation\Testing\RefreshDatabase; use Laravel\Fortify\Features; -use Livewire\Volt\Volt; use Tests\TestCase; class TwoFactorChallengeTest extends TestCase @@ -36,17 +35,9 @@ public function test_two_factor_challenge_can_be_rendered(): void $user = User::factory()->create(); - $user->forceFill([ - 'two_factor_secret' => encrypt('test-secret'), - 'two_factor_recovery_codes' => encrypt(json_encode(['code1', 'code2'])), - 'two_factor_confirmed_at' => now(), - ])->save(); - - Volt::test('auth.login') - ->set('email', $user->email) - ->set('password', 'password') - ->call('login') - ->assertRedirect(route('two-factor.login')) - ->assertOk(); + $this->post(route('login.store'), [ + 'email' => $user->email, + 'password' => 'password', + ])->assertRedirect(route('two-factor.login')); } } From 8c32eb01ef0e9782ec9507152b0efc2b4b1095e9 Mon Sep 17 00:00:00 2001 From: Pushpak Chhajed Date: Tue, 14 Oct 2025 19:00:05 +0530 Subject: [PATCH 2/5] Update remember me checkbox to retain checked state --- resources/views/livewire/auth/login.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/views/livewire/auth/login.blade.php b/resources/views/livewire/auth/login.blade.php index fdc45798..0e1854ec 100644 --- a/resources/views/livewire/auth/login.blade.php +++ b/resources/views/livewire/auth/login.blade.php @@ -39,7 +39,7 @@ - +
From 134146511fa23916bc9096ba942576e768261b47 Mon Sep 17 00:00:00 2001 From: Pushpak Chhajed Date: Thu, 16 Oct 2025 00:03:17 +0530 Subject: [PATCH 3/5] Replace email verification with fortify (#133) * Replace Login and Logout with fortify * Replace Login and Logout with fortify * Replace email verification with fortify * fix: logout on verify * Replace password reset with fortify (#134) * Replace Login and Logout with fortify * Replace Login and Logout with fortify * Replace email verification with fortify * Replace email verification with fortify * Replace reset password with fortify * Replace email verification with fortify --- .../Fortify/PasswordValidationRules.php | 18 ++ app/Actions/Fortify/ResetUserPassword.php | 28 +++ .../Auth/VerifyEmailController.php | 24 --- app/Providers/FortifyServiceProvider.php | 12 ++ config/fortify.php | 4 +- .../components/settings/layout.blade.php | 2 +- .../livewire/auth/forgot-password.blade.php | 80 ++++----- .../livewire/auth/reset-password.blade.php | 167 ++++++------------ .../livewire/auth/verify-email.blade.php | 88 +++------ routes/auth.php | 16 -- routes/web.php | 2 +- tests/Feature/Auth/PasswordResetTest.php | 26 ++- 12 files changed, 180 insertions(+), 287 deletions(-) create mode 100644 app/Actions/Fortify/PasswordValidationRules.php create mode 100644 app/Actions/Fortify/ResetUserPassword.php delete mode 100644 app/Http/Controllers/Auth/VerifyEmailController.php diff --git a/app/Actions/Fortify/PasswordValidationRules.php b/app/Actions/Fortify/PasswordValidationRules.php new file mode 100644 index 00000000..76b19d33 --- /dev/null +++ b/app/Actions/Fortify/PasswordValidationRules.php @@ -0,0 +1,18 @@ +|string> + */ + protected function passwordRules(): array + { + return ['required', 'string', Password::default(), 'confirmed']; + } +} diff --git a/app/Actions/Fortify/ResetUserPassword.php b/app/Actions/Fortify/ResetUserPassword.php new file mode 100644 index 00000000..688d62f3 --- /dev/null +++ b/app/Actions/Fortify/ResetUserPassword.php @@ -0,0 +1,28 @@ + $input + */ + public function reset(User $user, array $input): void + { + Validator::make($input, [ + 'password' => $this->passwordRules(), + ])->validate(); + + $user->forceFill([ + 'password' => $input['password'], + ])->save(); + } +} diff --git a/app/Http/Controllers/Auth/VerifyEmailController.php b/app/Http/Controllers/Auth/VerifyEmailController.php deleted file mode 100644 index db389f20..00000000 --- a/app/Http/Controllers/Auth/VerifyEmailController.php +++ /dev/null @@ -1,24 +0,0 @@ -user()->hasVerifiedEmail()) { - return redirect()->intended(route('dashboard', absolute: false).'?verified=1'); - } - - $request->fulfill(); - - return redirect()->intended(route('dashboard', absolute: false).'?verified=1'); - } -} diff --git a/app/Providers/FortifyServiceProvider.php b/app/Providers/FortifyServiceProvider.php index 9b7effad..abddd37c 100644 --- a/app/Providers/FortifyServiceProvider.php +++ b/app/Providers/FortifyServiceProvider.php @@ -2,6 +2,7 @@ namespace App\Providers; +use App\Actions\Fortify\ResetUserPassword; use Illuminate\Cache\RateLimiting\Limit; use Illuminate\Http\Request; use Illuminate\Support\Facades\RateLimiter; @@ -24,9 +25,17 @@ public function register(): void */ public function boot(): void { + $this->configureActions(); $this->configureViews(); $this->configureRateLimiting(); + } + /** + * Configure Fortify actions. + */ + private function configureActions(): void + { + Fortify::resetUserPasswordsUsing(ResetUserPassword::class); } /** @@ -35,8 +44,11 @@ public function boot(): void private function configureViews(): void { Fortify::loginView(fn () => view('livewire.auth.login')); + Fortify::verifyEmailView(fn () => view('livewire.auth.verify-email')); Fortify::twoFactorChallengeView(fn () => view('livewire.auth.two-factor-challenge')); Fortify::confirmPasswordView(fn () => view('livewire.auth.confirm-password')); + Fortify::resetPasswordView(fn () => view('livewire.auth.reset-password')); + Fortify::requestPasswordResetLinkView(fn () => view('livewire.auth.forgot-password')); } /** diff --git a/config/fortify.php b/config/fortify.php index 4143bd35..fd750fac 100644 --- a/config/fortify.php +++ b/config/fortify.php @@ -145,8 +145,8 @@ 'features' => [ // Features::registration(), - // Features::resetPasswords(), - // Features::emailVerification(), + Features::resetPasswords(), + Features::emailVerification(), // Features::updateProfileInformation(), // Features::updatePasswords(), Features::twoFactorAuthentication([ diff --git a/resources/views/components/settings/layout.blade.php b/resources/views/components/settings/layout.blade.php index 71e62026..dca245bd 100644 --- a/resources/views/components/settings/layout.blade.php +++ b/resources/views/components/settings/layout.blade.php @@ -2,7 +2,7 @@
{{ __('Profile') }} - {{ __('Password') }} + {{ __('Password') }} @if (Laravel\Fortify\Features::canManageTwoFactorAuthentication()) {{ __('Two-Factor Auth') }} @endif diff --git a/resources/views/livewire/auth/forgot-password.blade.php b/resources/views/livewire/auth/forgot-password.blade.php index ad1c260a..3268f457 100644 --- a/resources/views/livewire/auth/forgot-password.blade.php +++ b/resources/views/livewire/auth/forgot-password.blade.php @@ -1,51 +1,31 @@ -validate([ - 'email' => ['required', 'string', 'email'], - ]); - - Password::sendResetLink($this->only('email')); - - session()->flash('status', __('A reset link will be sent if the account exists.')); - } -}; ?> - -
- - - - - -
- - - - - {{ __('Email password reset link') }} - - - -
- {{ __('Or, return to') }} - {{ __('log in') }} + +
+ + + + + +
+ @csrf + + + + + + {{ __('Email password reset link') }} + + + +
+ {{ __('Or, return to') }} + {{ __('log in') }} +
-
+ diff --git a/resources/views/livewire/auth/reset-password.blade.php b/resources/views/livewire/auth/reset-password.blade.php index a4501c3d..6f84d1d7 100644 --- a/resources/views/livewire/auth/reset-password.blade.php +++ b/resources/views/livewire/auth/reset-password.blade.php @@ -1,115 +1,52 @@ -token = $token; - - $this->email = request()->string('email'); - } - - /** - * Reset the password for the given user. - */ - public function resetPassword(): void - { - $this->validate([ - 'token' => ['required'], - 'email' => ['required', 'string', 'email'], - 'password' => ['required', 'string', 'confirmed', Rules\Password::defaults()], - ]); - - // Here we will attempt to reset the user's password. If it is successful we - // will update the password on an actual user model and persist it to the - // database. Otherwise we will parse the error and return the response. - $status = Password::reset( - $this->only('email', 'password', 'password_confirmation', 'token'), - function ($user) { - $user->forceFill([ - 'password' => Hash::make($this->password), - 'remember_token' => Str::random(60), - ])->save(); - - event(new PasswordReset($user)); - } - ); - - // If the password was successfully reset, we will redirect the user back to - // the application's home authenticated view. If there is an error we can - // redirect them back to where they came from with their error message. - if ($status !== Password::PasswordReset) { - $this->addError('email', __($status)); - - return; - } - - Session::flash('status', __($status)); - - $this->redirectRoute('login', navigate: true); - } -}; ?> - -
- - - - - -
- - - - - - - - - -
- - {{ __('Reset password') }} - -
- -
+ +
+ + + + + +
+ @csrf + + + + + + + + + + + + +
+ + {{ __('Reset password') }} + +
+ +
+ diff --git a/resources/views/livewire/auth/verify-email.blade.php b/resources/views/livewire/auth/verify-email.blade.php index 7ee621b7..42f9a574 100644 --- a/resources/views/livewire/auth/verify-email.blade.php +++ b/resources/views/livewire/auth/verify-email.blade.php @@ -1,65 +1,29 @@ -sendEmailVerificationNotification(); - - Session::flash('status', 'verification-link-sent'); - } - - /** - * Log the current user out of the application. - */ - public function logout(Logout $logout): void - { - $logout(); - - $this->redirect('/', navigate: true); - } - - /** - * Handle the component's rendering hook. - */ - public function rendering(View $view): void - { - if (Auth::user()->hasVerifiedEmail()) { - $this->redirectIntended(default: route('dashboard', absolute: false), navigate: true); - } - } -}; ?> - -
- - {{ __('Please verify your email address by clicking on the link we just emailed to you.') }} - - - @if (session('status') == 'verification-link-sent') - - {{ __('A new verification link has been sent to the email address you provided during registration.') }} + +
+ + {{ __('Please verify your email address by clicking on the link we just emailed to you.') }} - @endif - -
- - {{ __('Resend verification email') }} - -
- @csrf - - {{ __('Log out') }} - -
+ @if (session('status') == 'verification-link-sent') + + {{ __('A new verification link has been sent to the email address you provided during registration.') }} + + @endif + +
+
+ @csrf + + {{ __('Resend verification email') }} + +
+ +
+ @csrf + + {{ __('Log out') }} + +
+
-
+ diff --git a/routes/auth.php b/routes/auth.php index ea50ec38..a2d5432a 100644 --- a/routes/auth.php +++ b/routes/auth.php @@ -1,25 +1,9 @@ group(function () { Volt::route('register', 'auth.register') ->name('register'); - - Volt::route('forgot-password', 'auth.forgot-password') - ->name('password.request'); - - Volt::route('reset-password/{token}', 'auth.reset-password') - ->name('password.reset'); -}); - -Route::middleware('auth')->group(function () { - Volt::route('verify-email', 'auth.verify-email') - ->name('verification.notice'); - - Route::get('verify-email/{id}/{hash}', VerifyEmailController::class) - ->middleware(['signed', 'throttle:6,1']) - ->name('verification.verify'); }); diff --git a/routes/web.php b/routes/web.php index 1fec66d4..2e661dd9 100644 --- a/routes/web.php +++ b/routes/web.php @@ -16,7 +16,7 @@ Route::redirect('settings', 'settings/profile'); Volt::route('settings/profile', 'settings.profile')->name('profile.edit'); - Volt::route('settings/password', 'settings.password')->name('password.edit'); + Volt::route('settings/password', 'settings.password')->name('user-password.edit'); Volt::route('settings/appearance', 'settings.appearance')->name('appearance.edit'); Volt::route('settings/two-factor', 'settings.two-factor') diff --git a/tests/Feature/Auth/PasswordResetTest.php b/tests/Feature/Auth/PasswordResetTest.php index fc01b619..3dbabd62 100644 --- a/tests/Feature/Auth/PasswordResetTest.php +++ b/tests/Feature/Auth/PasswordResetTest.php @@ -6,7 +6,6 @@ use Illuminate\Auth\Notifications\ResetPassword; use Illuminate\Foundation\Testing\RefreshDatabase; use Illuminate\Support\Facades\Notification; -use Livewire\Volt\Volt; use Tests\TestCase; class PasswordResetTest extends TestCase @@ -26,9 +25,7 @@ public function test_reset_password_link_can_be_requested(): void $user = User::factory()->create(); - Volt::test('auth.forgot-password') - ->set('email', $user->email) - ->call('sendPasswordResetLink'); + $this->post(route('password.request'), ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class); } @@ -39,9 +36,7 @@ public function test_reset_password_screen_can_be_rendered(): void $user = User::factory()->create(); - Volt::test('auth.forgot-password') - ->set('email', $user->email) - ->call('sendPasswordResetLink'); + $this->post(route('password.request'), ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class, function ($notification) { $response = $this->get(route('password.reset', $notification->token)); @@ -58,19 +53,18 @@ public function test_password_can_be_reset_with_valid_token(): void $user = User::factory()->create(); - Volt::test('auth.forgot-password') - ->set('email', $user->email) - ->call('sendPasswordResetLink'); + $this->post(route('password.request'), ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) { - $response = Volt::test('auth.reset-password', ['token' => $notification->token]) - ->set('email', $user->email) - ->set('password', 'password') - ->set('password_confirmation', 'password') - ->call('resetPassword'); + $response = $this->post(route('password.update'), [ + 'token' => $notification->token, + 'email' => $user->email, + 'password' => 'password', + 'password_confirmation' => 'password', + ]); $response - ->assertHasNoErrors() + ->assertSessionHasNoErrors() ->assertRedirect(route('login', absolute: false)); return true; From f787805d7446cba5d1834eefa4b1bff15c5e5c98 Mon Sep 17 00:00:00 2001 From: Pushpak Chhajed Date: Mon, 20 Oct 2025 20:17:24 +0530 Subject: [PATCH 4/5] update ResetUserPassword.php --- app/Actions/Fortify/ResetUserPassword.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Actions/Fortify/ResetUserPassword.php b/app/Actions/Fortify/ResetUserPassword.php index 688d62f3..7a57c503 100644 --- a/app/Actions/Fortify/ResetUserPassword.php +++ b/app/Actions/Fortify/ResetUserPassword.php @@ -3,6 +3,7 @@ namespace App\Actions\Fortify; use App\Models\User; +use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Validator; use Laravel\Fortify\Contracts\ResetsUserPasswords; @@ -22,7 +23,7 @@ public function reset(User $user, array $input): void ])->validate(); $user->forceFill([ - 'password' => $input['password'], + 'password' => Hash::make($input['password']), ])->save(); } } From df3162c3f9ed024e44d50a01d3e06528edfe4e6a Mon Sep 17 00:00:00 2001 From: Pushpak Chhajed Date: Mon, 20 Oct 2025 20:25:40 +0530 Subject: [PATCH 5/5] remove hash calls --- app/Actions/Fortify/ResetUserPassword.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/Actions/Fortify/ResetUserPassword.php b/app/Actions/Fortify/ResetUserPassword.php index 7a57c503..688d62f3 100644 --- a/app/Actions/Fortify/ResetUserPassword.php +++ b/app/Actions/Fortify/ResetUserPassword.php @@ -3,7 +3,6 @@ namespace App\Actions\Fortify; use App\Models\User; -use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Validator; use Laravel\Fortify\Contracts\ResetsUserPasswords; @@ -23,7 +22,7 @@ public function reset(User $user, array $input): void ])->validate(); $user->forceFill([ - 'password' => Hash::make($input['password']), + 'password' => $input['password'], ])->save(); } }