I have simple function to reset my password. In my function there is minimum requirement for password
value is 1 digit
but when i try to update the password it is not updated, when i put 6 digits
in password it is working fine.
I found that in vendor\laravel\framework\src\Illuminate\Auth\Passwords
a passwordBroker.php
file has one function
protected function validatePasswordWithDefaults(array $credentials)
{
list($password, $confirm) = [
$credentials['password'],
$credentials['password_confirmation'],
];
return $password === $confirm && mb_strlen($password) >= 6; // here it is
}
and it contains validation that ($password) >= 6
how can i remove it, when i changes in this file it is working. on my .gitignore
vendor
folder not updated in live. what is the solution ? how can override this validation ?
for reference here is my resetpassword
function
public function resetPassword(ResetPasswordRequest $request, JWTAuth $JWTAuth)
{
$validator = Validator::make($request->all(), User::resetPasswordRules());
if ($validator->fails()) {
return response()->json([
'message' => "422 Unprocessable Entity",
'errors' => $validator->messages(),
'status_code' => 422,
]);
}
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->reset($user, $password);
}
);
if($response !== Password::PASSWORD_RESET) {
return response()->json([
'message' => "Internal Server Error",
'status_code' => 500,
]);
}
$user = User::where('email', '=', $request->get('email'))->first();
$user->UserDeviceData()->firstOrCreate([
'device_id' => $request->device_id
]);
return (new UserTransformer)->transform($user,[
'request_type' => 'reset_password',
'token' => $JWTAuth->fromUser($user)
]);
}
This is how you can fix this:
public function resetPassword(ResetPasswordRequest $request, JWTAuth $JWTAuth)
{
... // Validator check and json response
$broker = $this->broker();
// Replace default validation of the PasswordBroker
$broker->validator(function (array $credentials) {
return true; // Password match is already validated in PasswordBroker so just return true here
});
$response = $broker->reset(
$this->credentials($request), function ($user, $password) {
$this->reset($user, $password);
});
...
}
First you gen an instance of the broker and then you add a callable function which it will use for the validation instead of validatePasswordWithDefaults
. In there you just need to return true because the PasswordBroker already has a check $password === $confirm
.