i want to reset password using email which is defalt provided by laravel 5.
i don't have any idea or knowledge how is password reset code sent to email and use that password to do reset in laravel.
I have mail configuration correct now i want to send the user the password from email.
How to send email having password to gmail and how to put password and update password in our laravel project.
For us to really help you, it is much better if you give something a try and if it doesn't work then post the code so that we can help you debug and improve it.
To begin with, I would suggest reading the documentation on how this all works.
Next, this blog post lays the whole process out from start to finish on how to implement password reset functionality using the default files that come with Laravel. There is too much to post the whole process here so I suggest you attempt to follow it then when/if you run in to trouble then you have something that you can actually post for us to help you on.
Finally, this package provides the auth scaffold that was removed in Laravel 5 that you might find useful as it provides all the views etc for registering, logging in and resetting passwords.
Check those out, give it a go and then come back to us with specific issues that you are having and post the code that is causing the issues and we can help you much more from there.
EDIT to clarify on comments
Trait
A Trait is intended to reduce some limitations of single inheritance
by enabling a developer to reuse sets of methods freely in several
independent classes living in different class hierarchies. The
semantics of the combination of Traits and classes is defined in a way
which reduces complexity, and avoids the typical problems associated
with multiple inheritance and Mixins.
A Trait is similar to a class, but only intended to group
functionality in a fine-grained and consistent way. It is not possible
to instantiate a Trait on its own. It is an addition to traditional
inheritance and enables horizontal composition of behavior; that is,
the application of class members without requiring inheritance.
This is from the PHP docs, essentially it groups a whole load of functionality for us to use.
In this case the ResetsPasswords holds all of the actual code that resets the password and is called in to the Controller that handles this using use ResetsPasswords;.
Related
I'm building a CRUD for users in my rest API, and currently my GET route looks like this:
get("/api/users/:id")
But this just occured to me: what if a users tries to search for other users via their username?
So I thought about implementing another route, like so:
get("api/users/username/:id")
But this just looks a bit reduntant to me. Even more so if ever my app should allow searching for actual names as well. Would I then need 3 routes?
So in this wonderful community, are there any experienced web developers that could tell me how they would handle having to search for a user via their username?
Obs: if you need more details, just comment about it and I'll promptly update my question 🙃
how they would handle having to search for a user via their username?
How would you support this on a web site?
You would probably have a form; that form would have an input control that would allow the user to provide a user name. When the user submit the form, the browser would copy the form input controls into an application/x-www-form-urlencoded document (as described by the HTTP standard), then substitute that document as the query_part of the form action, and submit the query.
So the resulting request would perhaps look like
GET /api/users?username=GuiMendel HTTP/x.y
You could, of course, have as many different forms as you like, with different combinations of input controls. Some of those forms might share actions, but not necessarily.
so I could just have my controller for GET "/api/users" redirect to an action based on the inputs?
REST doesn't care about "controllers" -- that's an implementation detail; the whole point is that the client doesn't need to know how the server produces a representation of the resource, we just need to know how to ask for it (via the "uniform interface").
Your routing framework might care a great deal, but again that's just another implementation detail hiding behind the facade.
for example, there were no inputs, it would return all users (index), but with the input you suggested, it would filter out only users whose usernames matched the input? Did I get it right?
Yup, that's fine.
From the point of view of a REST client
/api/users
/api/users?username=GuiMendel
These identify different resources; the two resources don't have to have any meaningful relationship with each other at all. The machines don't care (human beings do care, so we normally design our identifiers in such a way that at least some human beings have an easy time of it -- for example, we might optimize our identifiers to make things easy when operators are reading the access logs).
I'm building a web system with no public views (except for login fo course).
So far, I got Bjyauthorize running with zfcUser, what I would like to do is:
1) Guard all routes but the login, so I don't have to be writting guards for every single page while I'm in development and for security reasons this would be a plus for me, because I wouldnt accidentaly expose any part that is not intended to be exposed.
2) I need the admin Role to be able to retrieve any route, any controller, disregarding any guards.
3) I'd like to add the functionality for the Super user to be able to spoof any user aka make the system think I'm that specific user, so I could test my system functionality through the eyes of a specific user.
We already have a system in PHP, MVC which makes all of these and we are migrating to Zend, so this would be a necessity for us.
I don't expect a full answer of every single Item, Some guides, tutorials and above all a concise answer if this is achievable through BjyAuthorize would be much appreciated :D
I have my shell application working and I now want to ensure that a user is logged in before anything else occurs. I have a working auth controller and associated database tables, etc.
I assumed that the best ay to do this was to put the identity test in the bootstrap, as I don't want to check for identity in each controller. Basically, I think I want to put code in the bootstrap that says if identity, then run the index otherwise, run auth. Is this the best way to do it in Zend? If not, what is the preferred method?
I was thinking Bootstrap because for every request of any type, I don't want to allow it if the user is logged in and of course, it would be best to chave this check only in ne place.
I have more commonly seen this in done via a plugin. These can be done at various stages of the Zend Application dispatch cycle. The most common set up I have encountered would be to put a check user login status plugin in at preDispatch.
Search the Zend documentation for preDispatch plugins, or have a look on Youtube as there are some good video tutorials that walk you through it.
An advantage to doing this is that in the future you may want to run some kind of functionality prior to the user authentication test. In such an instance you could put new functionality in a dispatchLoopStartup plugin.
Having said this, there is nothing really wrong with checking the user login status in the bootstrap - I have seen this done many times. It is possibly just tidier to user plugins as they are more repeatable in new applications.
This is just my opinion of course, but I hope this helps.
I'm trying to build a membership site and I'm interested in using Perl to do this.
I looked at the Dancer framework which seems nice, but I can't figure out how to actually create a member registration / login process using Dancer::Plugin::Auth::RBAC. The CPAN page shows some example code but nothing that is very explicit or complete.
Googling around didn't turn up much usable except some simple examples with hardcoded login/passwords.
Thanks
B
Auth::RBAC is not for creating the members or the registration/management system but rather to do the actual authentication and authorisation based upon existing accounts.
Registering members is easy. You just create a suitable data store (DBIC is very nice and easy) and write a method to take details from the form, validate them and store them in the data store.
I'm currently using the Jira SOAP interface within a C# (I suppose the language used here isn't terribly important).
Basically, I'm creating an API and a Winform that wraps some of the functionality of the soap service so that our Devs can programmaticly add bugs when something goes wrong in our application.
As part of this, I need to know the custom field IDs that are in use in Jira, rather than hardcoding them (as they are still prone to the occasional change) I used the GetCustomFields() method in the jira-rpc api then filtered it, so that all the developer needs to know is the name of the field, then the ID is filled in for them automagically.
This all works fine, but with one quite important proviso: that you login to the SOAP/RPC service as a user with administrative privaliges.
The Jira documentation indicates that the soap/rpc service follows the usual workflows and security schemes, however I can't find anything anywhere that would appear to remove this restriction on enumerating custom fields (and quite why in any instance you would want someone to HAVE to be an administrator to gain this access, especially as the custom field id's tend to be in Jira's HTML source is beyond me)
Does anyone know if I've missed a setting somewhere? Or if there is some sort of work-around for this, short of hardcoding the custom field id's?
Or is this a case of having to delve in to Jira's RPC plugin and modifying the source for it in order to give me the functionality I require?
Cheers
Edit for the sake of google/posterity
Wow, all this time on, and it looks like Atlassian still haven't changed this behavior.
Worked around this by creating a custom dictionary that logs in as an administrative user, grabs the custom fields and then logs out. Not ideal, but it should work 'til atlassian change things
You're not missing anything - there's no way to get custom fields via standard SOAP API.
In JIRA Client, we learn about custom fields in two ways:
We download issues via RSS view of the issue navigator, or via XML representation of a specific issue. If a custom field is set for an issue, the XML will have its id, class and value (values).
From time to time we inspect the content of IssueNavigator search page - looking for searchers for the custom fields. Screen-scraping the HTML gives us not only ids of the custom fields but also possible values for enum fields.
This is hackery, of course, and it may go wrong, so a good API would have been a lot better.
In your case, I can suggest two solutions:
Create your own SOAP (or REST) remote API plugin that will give you just that info that you miss from the standard API. Since you're seemingly in control of your JIRA, you can install anything there.
Screen-scrape the "New Bug" page for the project and type of issue you need to submit. You'll get all the info - fields, options, default values, which field is required.