Lumen 6 & Laravel’s Reset Passwords
This is a simple guide to setup Lumen 6 with Laravel’s Reset Passwords.
This tutorial assumes that you already created a new project.
1. Require illuminate/mail
Run this command in your root level of application.
composer require illuminate/mail2. Require guzzlehttp/guzzle
composer require guzzlehttp/guzzle3. Require illuminate/notifications
composer require illuminate/notifications4. Require ramsey/uuid
composer require ramsey/uuid5. Create a password resets migration
php artisan make:migration create_password_resets_tableYou can copy the files content directly from the Laravel repository.
6. Add rememberToken field to your users table.
Inside your users table migration you should add the following line $table->rememberToken(); when you’re done, your migration should look something like this:
Schema::create('users', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name');
$table->string('email')->unique();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});You can see a full version of the users migration in the official laravel repository.
Then re-run your migrations and if all went well, that should have created a new password_resets table in your database.
php artisan migrate7. Create the configuration files
- Create a
config/mail.phpfile and copy the contents over from Laravel. - Create a
config/services.phpfile and copy the contents over from Laravel. - Create a
config/auth.phpfile and copy the contents over from the Lumen Framework.
8. Set up Lumen bootstrap/app.php
Uncomment the following line into the file app.php:
$app->withFacades();
$app->withEloquent();Into the same file in section “Register Service Providers” uncomment the following line:
$app->register(App\Providers\AppServiceProvider::class);And then add the the following line:
$app->register(Illuminate\Mail\MailServiceProvider::class);
$app->register(Illuminate\Auth\Passwords\PasswordResetServiceProvider::class);
$app->register(Illuminate\Notifications\NotificationServiceProvider::class);Also add this lines to load the customs configuration files in config.
$app->configure('mail');
$app->configure('services');9. Set up config/auth.php
The file you created a few steps ago. If you scroll to the bottom, you should see code like this:
'passwords' => [
]Let’s change it to this:
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],'password_timeout' => 10800,
The “provider” key there will actually be equal to whatever you set as your provider in the “providers” array of that same file and it looks like this:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
]10. Set up your User model
You need to add the following to your user model:
use Illuminate\Notifications\Notifiable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;When you’re done, your model should look something like this:
use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;class User extends Model implements CanResetPasswordContract
{
use Notifiable, CanResetPassword;
}
Don’t forget to hide the new field “remember token”.
protected $hidden = ['password', 'remember_token'];11. Add ResetsPasswords and SendsPasswordResetEmails traits
- Create a
ResetsPasswords.phpfile into yourapp\Traitfolder and copy the contents over from Laravel. - Create a
SendsPasswordResetEmails.phpfile into yourapp\Traitfolder and copy the contents over from Laravel.
- Important: don’t forget to update the namespace to your own namespace.
This files can’t work directly copied from Laravel, because it makes use of things that wouldn’t be of much use to you in an API. For instance, several of the methods return redirects. Just some little changes to the responses and the removal of the methods that just returned views are needed. For example next function inside the trait ResetsPasswords.php
protected function sendResetResponse(Request $request, $response)
{
return redirect($this->redirectPath())
->with('status', trans($response));
}Change it for something like this:
protected function sendResetResponse(Request $request, $response)
{
return response()->json(['status' => trans($response)]);
}12. Create RequestPasswordController and ResetPasswordController
Into your folder app/Http/Controllers create the file RequestPasswordController.php
<?phpnamespace App\Http\Controllers;use App\Traits\SendsPasswordResetEmails;class RequestPasswordController extends Controller
{
use SendsPasswordResetEmails; public function __construct()
{
$this->broker = 'users';
}
}
Into your folder app/Http/Controllers create the file ResetPasswordController.php
<?phpnamespace App\Http\Controllers;use App\Http\Controllers\Controller;
use App\Traits\ResetsPasswords;class ResetPasswordController extends Controller
{
use ResetsPasswords;
}
13. Add the new routes
Add the following line into your routes/web.php file.
$router->post('/password/reset-request', 'RequestPasswordController@sendResetLinkEmail');$router->post('/password/reset', [ 'as' => 'password.reset', 'uses' => 'ResetPasswordController@reset' ]);
Finally a quick note, if in some part of your code you are using this Auth::attempt(array('email' => $email, 'password' => $password)), remember to change it for Auth::attempt(array('email' => $email, 'password' => $password), true), this is because we are now using the remember functionality.
If everything goes well you’ll see an email like this when you ask for a password reset:
This tutorial doesn’t cover everything. For instance, you still need to setup your mail.php file with your mail drivers configuration. But hopefully, at the very least, this gets you creating some errors that you can actually understand.
For more information visit the official Lumen documentation.
That’s it! Enjoy reseting passwords from your Lumen application!
*This tutorial is based on this previous publication by John Bonaccorsi.
