Lumen 6 & Laravel’s Reset Passwords

This is a simple guide to setup Lumen 6 with Laravel’s Reset Passwords.

This tutorial assumes that you already created a new project.

1. Require illuminate/mail

Run this command in your root level of application.

composer require illuminate/mail

2. Require guzzlehttp/guzzle

composer require guzzlehttp/guzzle

3. Require illuminate/notifications

composer require illuminate/notifications

4. Require ramsey/uuid

composer require ramsey/uuid

5. Create a password resets migration

php artisan make:migration create_password_resets_table

You can copy the files content directly from the Laravel repository.

https://github.com/laravel/laravel/blob/master/database/migrations/2014_10_12_100000_create_password_resets_table.php

6. Add rememberToken field to your users table.

Inside your users table migration you should add the following line $table->rememberToken(); when you’re done, your migration should look something like this:

Schema::create('users', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name');
$table->string('email')->unique();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});

You can see a full version of the users migration in the official laravel repository.

Then re-run your migrations and if all went well, that should have created a new password_resets table in your database.

php artisan migrate

7. Create the configuration files

  1. Create a config/mail.php file and copy the contents over from Laravel.
  2. Create a config/services.php file and copy the contents over from Laravel.
  3. Create a config/auth.php file and copy the contents over from the Lumen Framework.

8. Set up Lumen bootstrap/app.php

Uncomment the following line into the file app.php:

$app->withFacades();
$app->withEloquent();

Into the same file in section “Register Service Providers” uncomment the following line:

$app->register(App\Providers\AppServiceProvider::class);

And then add the the following line:

$app->register(Illuminate\Mail\MailServiceProvider::class);
$app->register(Illuminate\Auth\Passwords\PasswordResetServiceProvider::class);
$app->register(Illuminate\Notifications\NotificationServiceProvider::class);

Also add this lines to load the customs configuration files in config.

$app->configure('mail');
$app->configure('services');

9. Set up config/auth.php

The file you created a few steps ago. If you scroll to the bottom, you should see code like this:

'passwords' => [
]

Let’s change it to this:

'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => 10800,

The “provider” key there will actually be equal to whatever you set as your provider in the “providers” array of that same file and it looks like this:

'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
]

10. Set up your User model

You need to add the following to your user model:

use Illuminate\Notifications\Notifiable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;

When you’re done, your model should look something like this:

use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class User extends Model implements CanResetPasswordContract
{
use Notifiable, CanResetPassword;
}

Don’t forget to hide the new field “remember token”.

protected $hidden = ['password', 'remember_token'];

11. Add ResetsPasswords and SendsPasswordResetEmails traits

  1. Create a ResetsPasswords.php file into your app\Trait folder and copy the contents over from Laravel.
  2. Create a SendsPasswordResetEmails.php file into your app\Trait folder and copy the contents over from Laravel.
  • Important: don’t forget to update the namespace to your own namespace.

This files can’t work directly copied from Laravel, because it makes use of things that wouldn’t be of much use to you in an API. For instance, several of the methods return redirects. Just some little changes to the responses and the removal of the methods that just returned views are needed. For example next function inside the trait ResetsPasswords.php

protected function sendResetResponse(Request $request, $response)
{
return redirect($this->redirectPath())
->with('status', trans($response));
}

Change it for something like this:

protected function sendResetResponse(Request $request, $response)
{
return response()->json(['status' => trans($response)]);
}

12. Create RequestPasswordController and ResetPasswordController

Into your folder app/Http/Controllers create the file RequestPasswordController.php

<?phpnamespace App\Http\Controllers;use App\Traits\SendsPasswordResetEmails;class RequestPasswordController extends Controller
{
use SendsPasswordResetEmails;
public function __construct()
{
$this->broker = 'users';
}
}

Into your folder app/Http/Controllers create the file ResetPasswordController.php

<?phpnamespace App\Http\Controllers;use App\Http\Controllers\Controller;
use App\Traits\ResetsPasswords;
class ResetPasswordController extends Controller
{
use ResetsPasswords;
}

13. Add the new routes

Add the following line into your routes/web.php file.

$router->post('/password/reset-request', 'RequestPasswordController@sendResetLinkEmail');$router->post('/password/reset', [ 'as' => 'password.reset', 'uses' => 'ResetPasswordController@reset' ]);

Finally a quick note, if in some part of your code you are using this Auth::attempt(array('email' => $email, 'password' => $password)), remember to change it for Auth::attempt(array('email' => $email, 'password' => $password), true), this is because we are now using the remember functionality.

If everything goes well you’ll see an email like this when you ask for a password reset:

This tutorial doesn’t cover everything. For instance, you still need to setup your mail.php file with your mail drivers configuration. But hopefully, at the very least, this gets you creating some errors that you can actually understand.

For more information visit the official Lumen documentation.

That’s it! Enjoy reseting passwords from your Lumen application!

*This tutorial is based on this previous publication by John Bonaccorsi.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Nahuel Bulian

Nahuel Bulian

#Entrepreneur, tech developer & #crypto enthusiast #bitcoin #ethereum