Validate password on reset according to rules (#158)

* move password rules to Models\User::PASSWORD_RULES * validate new password according to rules on password reset * add password requirements info to auth.passwords.reset view
2026-04-18 06:13:45 +02:00 · 2016-10-30 21:02:39 +01:00
parent 9d69f47ade
commit e65dc5708d
4 changed files with 17 additions and 1 deletions
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -31,4 +31,12 @@ class ResetPasswordController extends Controller
    {
        $this->middleware('guest');
    }
+
+
+    protected function rules() {
+        return [
+            'token' => 'required', 'email' => 'required|email',
+            'password' => 'required|confirmed|' . User::PASSWORD_RULES,
+        ];
+    }
 }
--- a/app/Http/Controllers/Base/AccountController.php
+++ b/app/Http/Controllers/Base/AccountController.php
@@ -84,7 +84,7 @@ class AccountController extends Controller

        $this->validate($request, [
            'current_password' => 'required',
-            'new_password' => 'required|confirmed|different:current_password|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
+            'new_password' => 'required|confirmed|different:current_password|' . Models\User::PASSWORD_RULES,
            'new_password_confirmation' => 'required'
        ]);