admin add user, password

2026-05-26 12:02:16 +08:00
parent 6ca0bd82fd
commit 5fbededf8f
12 changed files with 531 additions and 0 deletions
--- a/app/Http/Controllers/PasswordResetController.php
+++ b/app/Http/Controllers/PasswordResetController.php
@@ -0,0 +1,95 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\User;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Mail;
+use Illuminate\Support\Str;
+use Illuminate\View\View;
+
+class PasswordResetController extends Controller
+{
+    public function create(): View
+    {
+        return view('auth.forgot-password');
+    }
+
+    public function store(Request $request): RedirectResponse
+    {
+        $validated = $request->validate([
+            'email' => ['required', 'email'],
+        ]);
+
+        $user = User::where('email', $validated['email'])->first();
+
+        if ($user) {
+            $token = Str::random(64);
+
+            DB::table('password_reset_tokens')->updateOrInsert([
+                'email' => $user->email,
+            ], [
+                'token' => Hash::make($token),
+                'created_at' => now(),
+            ]);
+
+            $url = route('password.reset', [
+                'token' => $token,
+                'email' => $user->email,
+            ]);
+
+            Mail::raw("Klik pautan ini untuk reset kata laluan:\n\n{$url}\n\nPautan sah selama 60 minit.", function ($message) use ($user): void {
+                $message->to($user->email)
+                    ->subject('Reset Kata Laluan RateMas');
+            });
+        }
+
+        return back()->with('status', 'Jika emel wujud, pautan reset kata laluan telah dihantar.');
+    }
+
+    public function edit(Request $request, string $token): View
+    {
+        return view('auth.reset-password', [
+            'token' => $token,
+            'email' => $request->query('email'),
+        ]);
+    }
+
+    public function update(Request $request): RedirectResponse
+    {
+        $validated = $request->validate([
+            'token' => ['required', 'string'],
+            'email' => ['required', 'email'],
+            'password' => ['required', 'string', 'min:8', 'confirmed'],
+        ]);
+
+        $record = DB::table('password_reset_tokens')
+            ->where('email', $validated['email'])
+            ->first();
+
+        if (! $record || ! Hash::check($validated['token'], $record->token) || Carbon::parse($record->created_at)->lt(now()->subMinutes(60))) {
+            return back()
+                ->withErrors(['email' => 'Token reset tidak sah atau telah tamat tempoh.'])
+                ->withInput($request->only('email'));
+        }
+
+        $user = User::where('email', $validated['email'])->first();
+        if (! $user) {
+            return back()
+                ->withErrors(['email' => 'Emel tidak dijumpai.'])
+                ->withInput($request->only('email'));
+        }
+
+        $user->forceFill([
+            'password' => Hash::make($validated['password']),
+        ])->save();
+
+        DB::table('password_reset_tokens')->where('email', $validated['email'])->delete();
+
+        return redirect()->route('login')->with('status', 'Password berjaya ditukar. Sila login semula.');
+    }
+}