reset password workflow now working #129

jadjoubran · Apr 17, 2016 · 12d0f8d · 12d0f8d
1 parent b33accf
commit 12d0f8d
Show file tree

Hide file tree

Showing 7 changed files with 20 additions and 14 deletions.
diff --git a/angular/app/components/forgot-password/forgot-password.component.js b/angular/app/components/forgot-password/forgot-password.component.js
@@ -12,7 +12,7 @@ class ForgotPasswordController {
     }
 
     submit() {
-        this.API.all('auth/forgot').post({
+        this.API.all('auth/password/email').post({
             email: this.email
         }).then(() => {
             this.ToastService.show(`Please check your email for instructions on how to reset your password.`);

diff --git a/angular/app/components/reset-password/reset-password.component.html b/angular/app/components/reset-password/reset-password.component.html
@@ -1,5 +1,5 @@
-<div class="ResetPassword-loader" layout="row" layout-align="center center">
-    <md-progress-circular md-mode="indeterminate" ng-if="!vm.isValidToken"></md-progress-circular>
+<div class="ResetPassword-loader" ng-if="!vm.isValidToken" layout="row" layout-align="center center">
+    <md-progress-circular md-mode="indeterminate"></md-progress-circular>
 </div>
 
 <form ng-submit="vm.submit()" ng-show="vm.isValidToken">

diff --git a/angular/app/components/reset-password/reset-password.component.js b/angular/app/components/reset-password/reset-password.component.js
@@ -23,10 +23,12 @@ class ResetPasswordController {
             email, token
         }).then(() => {
             this.isValidToken = true;
+        }, () => {
+            this.$state.go('app.landing');
         });
     }
 
-    reset() {
+    submit() {
         let data = {
             email: this.$state.params.email,
             token: this.$state.params.token,

diff --git a/app/Http/Controllers/Auth/PasswordResetController.php b/app/Http/Controllers/Auth/PasswordResetController.php
@@ -16,6 +16,9 @@ public function sendResetLinkEmail(Request $request)
             'email' => 'required|email|exists:users,email',
         ]);
 
+        //invalidate old tokens
+        PasswordReset::whereEmail($request->email)->delete();
+
         $email = $request->email;
         $reset = PasswordReset::create([
             'email' => $email,
@@ -26,6 +29,7 @@ public function sendResetLinkEmail(Request $request)
 
         Mail::send('auth.reset_link', compact('email', 'token'), function ($mail) use ($email) {
             $mail->to($email)
+            ->from('noreply@localhost')
             ->subject('Password reset link');
         });
 
@@ -62,6 +66,9 @@ public function reset(Request $request)
         $user->password = bcrypt($request->password);
         $user->save();
 
+        //delete pending resets
+        PasswordReset::whereEmail($request->email)->delete();
+
         return response()->success(true);
     }
 }
diff --git a/app/Http/routes.php b/app/Http/routes.php
@@ -28,7 +28,7 @@
 
     // Password Reset Routes...
     $api->post('auth/password/email', 'Auth\PasswordResetController@sendResetLinkEmail');
-    $api->post('auth/password/verify', 'Auth\PasswordResetController@verify');
+    $api->get('auth/password/verify', 'Auth\PasswordResetController@verify');
     $api->post('auth/password/reset', 'Auth\PasswordResetController@reset');
 
 });

diff --git a/resources/views/auth/reset_link.blade.php b/resources/views/auth/reset_link.blade.php
@@ -1,3 +1,3 @@
 Your reset password link:
 
-http://localhost:8000/reset-password/{{$email}}/{{$token}}
+http://localhost:8000/#/reset-password/{{$email}}/{{$token}}
diff --git a/tests/PasswordResetTest.php b/tests/PasswordResetTest.php
@@ -25,18 +25,15 @@ public function testVerifyTokenSuccessfully()
     {
         $reset = factory(PasswordReset::class)->create();
 
-        $this->post('/api/auth/password/verify', [
-            'email' => $reset->email,
-            'token' => $reset->token,
-            ])
-            ->seeApiSuccess();
+        $this->get("/api/auth/password/verify?email={$reset->email}&token={$reset->token}")
+             ->seeApiSuccess();
     }
 
     public function testVerifyTokenUnsuccessfully()
     {
         $reset = factory(PasswordReset::class)->create();
 
-        $this->post('/api/auth/password/verify', [
+        $this->get('/api/auth/password/verify', [
             'email' => $reset->email,
             'token' => str_random(10),
             ])
@@ -45,7 +42,7 @@ public function testVerifyTokenUnsuccessfully()
 
     public function testResetPasswordWithTokenSuccessfully()
     {
-        $user = factory(App\User::class)->create();
+        $user  = factory(App\User::class)->create();
         $reset = factory(PasswordReset::class)->create([
             'email' => $user->email,
         ]);
@@ -66,7 +63,7 @@ public function testResetPasswordWithTokenSuccessfully()
 
     public function testResetPasswordWithTokenUnsuccessfully()
     {
-        $user = factory(App\User::class)->create();
+        $user  = factory(App\User::class)->create();
         $reset = factory(PasswordReset::class)->create([
             'email' => $user->email,
         ]);