Search code examples
laravelreset-password

Laravel 5.5 reset password without email field


I've not come across a site that asks you to confirm your email address during a reset request, it seems like an unnecessary step, i want my users to be able to enter only password and password confirmation but no email.

I'm wondering if there is a solution for this, i'm thinking of a simple solution i will pass the user email address as parameter in the reset link like this

website.com/verify/{{reset_token}}/{{email}}

Then i will retrieve this email parameter and pass it to the hidden input value but i don't know how to attach the email address to the reset link.

If everyone knows any solution please let me know in the comments

Thanks for your help


Solution

  • I hope you are using the default Laravel routes which are...

    // Don't forget to add the names to these routes. 
    Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.forgot.get');
    Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.forgot.post');
    Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset.get');
    Route::post('password/reset', 'Auth\ResetPasswordController@reset')->name('password.reset.post');
    

    Then run

    php artisan make:mail PasswordResetMail
    

    Then in your User model, add this function

    public function sendPasswordResetNotification($token)
    {
      Mail::send(new PasswordResetMail($this));
    }
    

    Then in PasswordResetMail, then in your constructor, you will get the user

    public function __construct($user)
    {
      $this->user = $user;
    }
    

    then pass the user to the blade view along with the token, and then in your blade file, add the route

    route('password.reset.get', ['token' => $token, 'email' => urlencode($user->email)]);
    

    This will pass the email as

    ?email=useremail%40gmail.com // Should be urlencoded
    

    Then, in your reset form, add it as

    <input type="hidden" value="{{ urldecode(request()->get('email')) }}" name="email">
    

    Should be good to go :)