Forgot My Password Fixes - Native Laravel 5.4 Multiple Authentication Series (Part 5)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everybody and welcome back to the deaf marketer Channel I'm your host J a Curtis but you guys can call me Alex now today's video is finishing up the final video in our multiple authentication series for label so in this series we've gotten all the users set up we can handle multiple types of users we're doing two in this case but you could obviously duplicate this out and make three or four kinds of users if your application so needs it and this allows us to basically monitor multiple types of users in our application the one thing we don't have working yet is the forget my password functionality and that's we're going to be focusing on today so that your users if they forget their password they can get an email sent to them and get that password reset okay so I am going to warn you that this is the trickiest part of this entire series so I'm going to walk you guys through it we're going to go through it nice and slow and methodical I know a lot of you guys out there I think I already go too slow on it but I want you guys to truly understand it the whole point of my videos is to teach the concepts so you fully understand it not just show you guys the code if you are interested in only the code you don't want the explanation on how or why it works you can just go over to github links in the description I'm also having a written I'm finishing up a written tutorial now the link for that will be down in the description as well and you can fly through and browse the written tutorial which also might be very handy for those of you guys that watch the video and just need reminders on the different steps to see it all written out so again links for all that's going to be down in the description I urge you guys to check it out but I do want to take some time even before we get going into the code to explain what happens and forgot my password the the process the views we use the controllers we use so that we understand how it all comes together so that you guys don't just have to copy my code but you actually know how and why it works so that then if you guys need to modify it even further you guys are going to know how to do it because of you guys actually truly understand how it works and not just what code to type okay so that's kind of my goal throughout this whole series and throughout all of my videos just be aware that this is going to get a little tricky and you might just stop and rewind different parts of the videos but that's okay you guys are going to get it we're I take you through so you felt truly understand it [Music] now the first thing that I want to do before we get into this too much is I want to just go through the process of what it takes to reset your password so we're going to look at this from the users perspective first of all and then we're going to go through and look at it from the programming perspective what us as the system administrator or as the program or developer team need to be concerned about okay so from the user's experience if you guys haven't had the opportunity to do this I do recommend you take a look at it and kind of go through this maybe as a normal user before we set it up for admin because remember the normal user forget my password function already works so if you try to click on forget my password you'll actually go through and it should all work if you've done everything correctly it kind of works out of the box of level for the normal users the only thing we need to customize right now is for the admins in particular or for any other type of user that you create you'll need to do all these steps for each type of user that you do okay so when the user is logging in in this case we're on the admin login let's say they can't remember their password they're going to click this forgot my password link okay I'm calling this step zero because this really just initiates the process that's not actually part of the process the one thing we do need to remember though before we can get this working is that right now this forgot my password link is linking to the user forgot my password the default forgot my password path we need to then change that to be for the admin ok so that's one thing to keep in mind we're going to have to go to this view page and change this link so it goes to the one for admins instead of the one for normal users okay so when they click this link it's then going to take them to a small form with a asks em for their email address so this email address is our request form this we're going to call this our request form or the link request form throughout this tutorial and this is basically where the users they've said hey I forgot my password they type in their email address and then they're going to click send password reset link okay and that's going to be the first step in the process is filling out that form and we're going to need to figure out how to process or we need to figure out how we're going to create the view for that warm and everything as well so once they get through there then the user is going to get an email sent to them so here you go here's the default email and course I'll show you guys how to customize that but you're going to get the default email here it just said to receiving this password re quick reset request you can click the button there's also a you know plain text link down below they both go to the same place you're going to click reset my password remember this is going to the users email account okay and that's how we confirm that they have access to the email account that belongs to that user once they click that they're going to go back to your application now so that reset link is a unique link with a token in it it's going to take them back to your application now they're going to see this second this is the second view they're now seeing and it plus the email so the first one is where they request they put in their email address then they're going to get their email and then third step three is where they actually confirm their email they're going to type their email in again and then they're going to create a new password and confirm that password and then they're going to submit this last form when they click reset their password it's going to go to the fourth and final step which is where the submitted form is actually going to go into the database reset it save the new password and then it's also going to log the user in and then redirect them to the page that we want them to be redirected to and we'll select all that and I'll show you guys how to do that so this just shows you basically you're going to go to the admin dashboard in our case and you're going to be logged in as an admin so those are the four steps they're going to fill out the request form give them a give their email we're going to then shoot an email off to their email our shoot something off to their email with a token and unique URLs they can click on that URL is going to bring them back to the application where they're going to actually confirm their email put in a new password and then they're going to submit that and that's actually going to process save the password and log them in okay so that's the basic process from the users experience four steps so now I want to take those four steps and this is going to be a really good guide that you guys might want to screenshot and save I'm going to put this in the written tutorial as well this is going to show you guys basically what we need to be involved with from the programming's perspective to make this all work so for step number one you can see here that we start off with a get request this a get request to the password / reset URL and of course we're going to customize all these URLs because we need to make our own versions of them so we're going to in our case prefix all these URLs with our slash admin so this is going to be slash admin / password slash reset but as of right now this is the the primary step this here is basically going to show them this URL is just going to show that request that request form you can see here it uses the forgot password controller is the controller that it uses and then the method is show link request form pretty easy all this route all this does is outputs a view and this is the email template PHP view so we can go through and find this view and modify it as well to get what we need for our specific use case all right that's step one now after they submit that form it goes it processes it sends the email and everything like that when we submit the form it's going to send a post request with that form data to password slash email that's step two so we're going to again customize this URL you can see the controller that it uses is the same controller as step one step one and to use the same controller step three and four use the same controller okay so there's two controllers being neat used here there's the forgot password controller which is four steps one and two and there's the reset password controller for steps three and four so we got to work up with two views or two controllers with me okay so then there's not a view for this necessarily but there is the email that we're going to need to customize now the email is handled as a notification and that's something that came in level 5.3 and so it's the reset password notification is the one that we're going to want to work with and so I'll show you guys how to work with this and get this all set up later on here in the video but that's how we actually customize the email and that's one of the most confusing things for people is where that email comes from and so I want to make sure that's known this is called the reset pass or notification and I'll show you guys how to work with that down the road so those are our first two steps and they both involve this one controller and then there's two methods that we may need to customize now for step three after you get the email you go back now to the application you're going to it's going to send us a get request to password slash reset and then it's going to attach the token on the end this token is stored in the database it's generated when you request a link in the so this step two is actually generating the token and then the token is then attached to this URL and then when you come back to the application with this token you're then going to confirm your email put in the new password and all of that's processed in this form so this is just a reset form and it uses this view so if we want to customize this form we can use the reset blade PHP is the view that we use okay so we'll need to customize this method to use our new and improved reset blade uh PHP view okay because we're going to two of them well up two of these two of these views one of it one for user and one for admin okay if you had other user types you'd have one for every other one as well now once you get this this is going to be a final submit you're going to submit this reset blade PHP form is going to submit to as a post request to password slash reset this is actually the message that does everything so it's actually going to reset the password it's going to put it back in the database it's going to log the user in now as a in our case an admin or whatever user type this is and it's then going to log them in a redirect and wherever they want to go so we will customize how we where we redirect and everything like that most likely you'll redirect to like the user dashboard or the admin dashboard or whatever so that's the process here you can see that these are the routes down here just got a quick screenshot you may want to take a look at it yourself print it out it might be handy for you guys it kind of shows everything involved in the password reset broken up under the four steps okay so hopefully that's interesting now that we got that out of the way though I think we can actually go in and start working with the code and the first step is going to be working on these controllers getting the controller's working then we're going to want to create our URLs or routes and then finally the views and then tie everything together so that's kind of our process to actually get this working okay so now that we got all that as a way I think we kind of understand the flow so now that we know how it works we're going to go through one step at a time and get everything in place the first thing I want to do is get those two controllers set up because we can't really do anything until we got the controllers to work with so let's start by making those controllers because we know that there's two controllers to make and we can see the existing ones remember the ones that already work for users they exist under app HTTP controllers under the auth folder and you can see them here we've got the reset password controller that's the site for steps three and four and then we've got forgot password controller which is for steps 1 and 2 we need duplicates of both of these and where you need to make sure that they're specified to use for the admins ok or whatever type of user you're working with so let's go through and duplicate both these files that's the easiest way to work with them just go ahead and duplicate the files will save them under the auth folder is just fine and what I'm going to do here is to make this work we're just going to rename it admin and then the name of the normal controller so the controllers normally named reset password controller I'm just going to add admin to the beginning of it and that's just going to follow the same pattern we did with some of these other ones so like our logging controller we duplicated it call the admin logging controller so I'm just going to kind of do the same thing so we've got the reset password controller we've got our own version of it let's also do the forgot password controller let's duplicate that one and we're going to rename it admin admin forgot password controller and save that so now we've got these two new controllers ok these are the two controllers that we need so now what do we do from here now before we get too carried away one thing that I always forget to do is when I duplicate these files I always forget to rename the classes okay so these class needs to match the the name of the of the file so in this case we duplicate the forgot password controller and we renamed it admin forgot password controller so we need to make sure that that's reflected here as well so we'll do admin forgot password controller and save that class so let's go and save that file and now I'll go down to the reset password controller which is now called admin it's right admin reset password controller just rename that as well now if you do forget this step then say might kind of fall apart and you might have two it might fall apart and then you even if you fix it it still might not work and so just one thing to keep in mind is that if you are having problems you may need to run composer dump auto load and this is just this kind of refreshes the cache that level has and so if you go too long using the you know where these are mixed match basically and then later you change them because you realized your mistake you might have to go through and run composer dump all the load I haven't had to do that when I'm testing it but I know that that's something that does happen when you're duplicating this this is just going to refresh everything make sure it all works it doesn't commit us to run it but you definitely probably you probably don't need to run it all go and run it just to make sure that it keeps track of all this and it's all working ok now both of these controllers are going to use the password facade so we need to just make sure we import password here for both of these so we can just use password and that's going to allow as you'll see here in a second we're going to use the password facade and then for the that's actually all we really need to do for admin forgot password controller that's all we really need to do for the reset password controller we are also going to utilize the auspice odd so we're going to need to make sure we do that and in addition to that we're also going to need the request so we're going to use utilize illuminate foundation or HTTP request just because we're going to need access to the request variables as well so just make sure you get that and remember that these three are for the reset password controller for the forgot password controller you just need to import password now the reason that we have to use off and request is because we're actually going to be accepting this is for step four the reset password controller utilizes step four which is where it actually is getting all the information and then it's going to authenticate the user in log them in and then redirect them to the right page it's the only step that actually does authentication the other steps aren't actually doing authentication so that's why we don't need off for any of the other steps it's only for this one because this is the one where we actually log people in all done with the process and because of that we also are going to want to kind of customize where the user gets redirected to after they logged in okay so for the final step we're going to process everything save it in the database and then redirect them log them in and then redirect them and so we can choose where that gets redirected in this case we want to redirect them probably to admin in our case just because that's the admin dashboard depending on your user type you might want to redirect them here but you can just adjust that here in the redirect too and if you don't have this in your file you can all you can just add it just go ahead and copy this code protected redirect to and change that and then it'll redirect to the right place okay so just customize where it redirects to after you've lost the process is complete and you're logged in and it was successful it will redirect to slash admin ok and then the other thing that we want to do is in the construct function for both of these for this and this for both of these here you can see that they use the middleware of guest well this is actually not going to work for us because the default at least in the case of this tutorial the default guard is for the users and we're using admins so when we set guest without specifying a guard it's going to be user guests and not admin guests and so what this will mean is this could prevent certain users from accessing this so what we need to do is we need to go to guest admin or whatever the name of your guard is to specify guests of the admin guard ok versus guests of the user guard k-x remember we have two different guards you want to specify that here so the only guests of the admin guard have access to this if they're logged in as an admin we don't need them to go to there to reset their password or anything like that that's just kind of silly okay so we basically have the basis set up here the next thing I want to do is talk about password brokers because as of right now these these two controllers other than the fact that we renamed them the controllers aren't actually configured to work with the admin what we call the broker the admin information they still work with the users so how do we configure these two controllers to work with the admin information instead of the users information and that happens in the password broker so that's the reason that we actually imported password up here for both of these was because we are going to be using password brokers to identify the type of user that this controller has access to okay so in order to access this we're going to go back to our config now in the config we did this in the first video I think of the second video and let's go on over there just take a look at it because we've actually probably already configured it but I just want to go through and explain where this comes from because we're about to identify something and I want to make sure you guys understand where it came from so inside of our config off PHP this is where we defined our different guards if you guys remember right we define the defaults up here so the default normal guard is web which is for users and then the default password resets is for users as well and that's why we need to now define a different password broker and we need to explicitly tell the controllers to use our admins password broker instead of the default which is for users okay because as of right now it's still going to try to use the user's table and stuff like that so if you come down to the bottom here we already know how to use guards that was in our first few videos you can see that we've got the providers here so we've got our admins provider the admins provider tells them to use eloquent of a post like query builder or something like that and then it you can tell it it uses the admin model okay so that's where it gets the information on admins is it knows admins belong to the admin model and they use eloquent as the driver and just below that you can actually see our password brokers so in this array for passwords this is where we can define the different types of ways to reset passwords so we currently have used come in by default the second one that we've created here is called admins and this is the one that you're going to want to create if you haven't and this tells it which provider to use right so the admins provider corresponds with this up here so basically this first line tells it to use eloquent and to use the admin model that's important the second line here is for the table this tells it which table to store the information so when we're generating all this it's going to generate the token we need to generate that token and the expiration time in the database table and so that's going to be tell it basically the table to store that in now you'll notice here that I've actually using the same table that we used up here and this can work you can actually use these side-by-side you can actually put Pat all password resets in the same table however if you do want to do your own table and you want to separate them you would just you know you're gonna have to create another table with like a migration or something and then put the name of that table in here so if you did want to do this I'd recommend going and looking at the migration inside of your migrations file it's the second migration it came with label you're gonna want to take a look at that and then customize it as needed run the migration and then put the new Nabal name for your table here so that the password reset tokens are stored in that new table instead of the the default one but for our purposes we're just going to use the default one you can have user password resets and admin password resets in the same table there's not really any difference last but not least we've got the expire this is how many minutes until they expire so when a user is sent a token when they're sent a link to their in their email to reset their password you can you can set how long until that expires so you obviously want to keep that as you don't want it to be made too short that the users you know get errors when they link and come back but you don't want to be too long either that gives people time to get passwords and things like that as well so the default 60 minutes that's an hour I just changed mine to 15 but it really doesn't matter just do whatever is best for your application so being a little bit shorter is going to make it a little more secure but it could also cause problems for certain types of user that are kind of slow on the trigger okay so that's all we need to configure that so I wanted to note it notify you guys right here that we have this admins this is the name of the password broker that we're using so we're about to go point our controllers to use this information right here okay and indirectly this information as well because the provider links to admins which links to and here's the providers up here right so this tells it which model to use and stuff like that as well but we're this is called the password broker so we have to password brokers here users and admins and we're going to now define that in the controller so make sure you got this all set up it's under config off so let's go back over to controllers and define these so now to define these what we can do is just create a function a protected function so we're going to do protected function and what this is going to be called broker and this is going to tell level which broker to use for this type of this controller so in this case we're just going to return cast word so we're that's why we needed to import it up at the top and we'll do password broker and then define the name of the password broker so in our case it's admins and of course you guys know where this comes from now this needs to correspond with your config slash off and make sure so that they link up so it has the information so that's what's doing here is getting the information from the config file when we define the broker and then let's do the exact same thing actually just copy this and put it in our other controller so both controllers now have this protected function for brokers now the one other thing that we do need to do is that I actually forgot do earlier is in our reset password controller we need to define the guard to use when we log the user in so you guys remember the reset password controller we called in the off facade and we set a redirect function because we're going to log the user in and then redirect them to this page so we also need to define the guard to use when you log the user in and so that's one other function we need to do down here and this can be another protected functions we'll just do good function guard and then inside of here we're just going to return the same thing return the guard that we want to use so off guard and in the name of the guard which is admin okay once again this correlates with the guard do set in config slash auth so there we go that's the basic setup to get these controllers working now there's still a little bit of configuration we need to do to make sure they're going to the right views and stuff like that but we'll come back to that because the next step I want to do is actually go and configure the views and I want to or like go set up the views duplicate the views get them linking to the right places and in order to do that we also need to get the routes set up for our new routes so we already have routes for the core resetting the users password we now need to get routes to set to reset the admin password so let's go ahead and do that right now and then we'll come back to the controller and actually configure the four steps but this is kind of the basic setup for our controllers to get them working so I'm going to save those here and now let's go over and we'll start with our routes because when we go to make our views we need to make sure our routes work so let's go to our routes we're going to go to routes web and we're going to put all these inside of our we already have this prefix for admin and so we're going to put all of them inside of here okay so now to get this working what we can do is I can I recommend just going to your terminal running PHP artisan route list and taking a look at all the routes and just copying them over so let's go ahead and do that now so we'll do PHP artisan route list and a route list and from here we're going to copy these four methods right here okay so we need to get request to post request and we're going to copy all of this so I'm going to go ahead and copy them over here for you real quick okay so I've gone ahead and finished that so just want to show you guys what we did so I've got the four routes and again you can you can pause this if you want to copy it down it's kind of pointless to have you guys watch me type it out but I just copied this from the route list file and you guys can now screenshot this and copy it for me if you want or you can go to github and copy the code there that's easier but from here you can see that we have password slash email and you can see that it's inside the auth folder make sure you get this off folder and then we just did admin forgot password controller now if we go look at the actual routes inside of this route you can see it does auth slash forgot password controller and auth / reset password controller so the only thing we did was just add that admin in front to make it correspond with the new controllers we just created okay so we've got admin forgot controller or forgot password admin confer got past or controller and then the admin reset password controller for both of these two and then I went ahead and also named them so I just named them what they were named for the normal password so once again just copied these same naming schemes the only difference I added admin at the beginning so we have admin admin and admin okay so that's basically everything that you need to do for that so go ahead just copy that down and now our controller routes are set up and good to go in fact kind of work because all these functions are these methods currently exist in our controllers we can't quite see them yet because they're actually inherited from these other files okay so we don't see them here but there they're there because they're inherited from this right here we'll get into that in just a second so let's go back now to our routes our routes are good to go and so now we can do is just create our views customize the views and then go back and finish the controller's so let's go back to our views we know our views are stored under resources and views and then inside the auth folder alright and then inside of there we're just going to customize the views inside of this password so we've got email and reset so this email is the one where you actually input your email and then request the link sent to your email that's the first one that we need for step number one and then the reset delayed is where you put in your email again this is after you click through on the email you've got you have the token and then you click through and then you're going to put in your email and then actually set your new password and then submit it to actually change the password that's going to be the second one reset so what I'm going to do here is I'm actually it's going to duplicate both of these let's go ahead and duplicate it and I'm going to name it email - admin and then I'm going to do the same thing with reset let's go ahead and duplicate that we're going to do reset - admin like that and then the only thing that we really need to change in here is going to be the the route that it submits to so right now each of these submits to the users forgot my password routes and we need them to submit to the admin forgot my password routes we just created those other routes so we've got four routes for resetting the users password and now we have four routes for submitting the admins password so we need to make sure that these are going to the right ones and currently these are going to the users passwords or password reset so here when we actually get to the forum let's see I'm in the email - admin now so when we go to submit the form we just want to make sure that it goes to admin password email and then for you could obviously customize this more if needed I'm going to go ahead and just say admin reset password just so we know we're in the right reset password view but you could obviously customize this and do anything you need it unique to admins you could do with this view and customize it I'm going to leave it alone so it's going to look almost the same other than this text at the top and then the where the form submits to but otherwise you guys could customize it if you needed now let's go to the second view reset - admin once again I'm going to name it just so we know where we're at admin reset password and then when we go to the route let's go to admin password request and that's all you really need to get it working but again you can customize the view just however you want that's the bare minimum so now our views are set up so we're good let's go and close that close our let's close the routes and now we can go back to our controllers and actually go through the steps and get them ready we kind of all of this has been setting it up up to this point so now it's time to actually do the work so for step number one we already know if we go back to our routes so if we go to our routes we know that step number one is this one right here we go to the admin forgot pasture controller and we use the method show link request form so what we need to do is customize that method to make sure it's going to the new view that we created so let's take a look at this method in the code we're going to copy it out of the source code and put it and then we're going to override it in our controller here okay so make sure you're inside a forgot password controller not reset absolute controller needs to be forgot password controllers so make sure you're in the right controller when you do this and you can see that that method is inherited from this page right here okay illuminate foundation off sends password reset the emails that's worth inherited from so we need to go over there find the code copy it over here so we can override it so let's go ahead and do it so scroll down over here in our File Explorer go into our vendor folder and then to label there to there all right there framework source illuminate and then from here it's foundation off so foundation off and then sends password resets right there okay so this is the actual source code where this gets inherited from and you can see right here this first function is the one that actually shows the link request form and by default it is just using the normal email that we need to do now we can't change this one directly because if we change it directly inside of here the users when the users do their forgot my password it's going to inherit now the new one and then it's going to break the users one so we need to copy this with copy nuts we're going to put it in our admin controller and then we'll just override it for the admins only but the default will still go to the normal user one that's important so let's go back to our forgot password controller again make sure you're in the forgot password controller not reset password controller and then down here at the bottom go ahead and paste it in so now we've got the show link request form and then all it does return the view let's just make sure it go to the new view that we just created which is email - admin otherwise it's the same now remember this new view hat links to the right page if you don't do this it's going to show the wrong view and that view when they fill out the form is going to submit to the normal pass or reset instead of the admin one that we're creating right now okay so that's why you need to have this view and the view has to be updated as well okay so that's all you need to do for that first one so now if we go and we try to submit a password you will get the right view and when we submit that form it's going to go to the right place because we set all that up when we were doing the view so that's working so now it's going to head to step two so let's take a look let's go back to the same page back in to send password resets email the one that's inherited up here let's go back over here and inside of here let's take a look at step number two now we know step number two is the send reset link email now how do we know that well we can if we just go to our aroused here you can see here's the second step and it tells you where it comes from so it's good it uses the send reset link email method okay so we go over here send reset link email this is the one it's using it's going to accept the request remember this is the request coming from the form that they just submitted the form has the email address that they're requesting so we're going to validate that we validate that it is an email and that it will make sure they actually submitted an email it's required and that's all we need to do to validate it if it isn't successful then obviously it shoots them back does all the stuff validation normally does if it is successful then this is what happens um or you know if there is a if there is an email in there and this is what happens it is going to go to the broker that's why we define the broker remember that we defined the broker so it knows which broker to use it's going to use the admin broker and then from there it's then going to send the reset link and it's going to pass in the email address that we requested and it's going to you know based on the name it's going to send the reset link so that they can reset their password and then all this does is basically just returns either success or failure message depending on whether it was successful or not so now if I wonder okay how's the email getting sent right this is what gets people confused with password resets because this is where it starts to get kind of deep so we're using the broker okay and then it's where does this send reset link come from well I can save you a lot of time I'll just tell you it COEs it's going to be it's located up here in this off folder so under illuminate off and then under passwords and then inside of here it's going to be password broker okay because we're this is a function of broker so it's password broker is what contains this this method so inside of our password broker dot PHP you can see this is the code that actually sends that and right down here is where that send reset link method is okay so this is where it comes from but it gets even deeper so once you get inside of here you can see that we actually have to go get the current user the we use the credentials the email address to go find the user with that email address and then store it here as user so this user is going to contain the user that we're trying to reset the password of it's going to be a user model and then obviously if it fails than me you know we abort so here we call this method called send password reset notification it comes from the user which remember is a user object which is from the model okay so in this case it's going to be the admin model so as part of the admin model it's going to call this method send password reset notification so where we need to customize this send password reset notification is inside the model and that's what gets confusing for people it's inside the model and not the controller's so we actually need to move now over to the admin model in order to customize that now before we do that just go one step deeper with me and let's look at this method so we can we know how to customize it so let's look for this send password reset notification method okay so in order to do this you actually need to bounce around back to the user model back to back around a few more times eventually you're going to end up in this file that's just two files above it called can reset password dot PHP so let's head up there and this is actually where that method comes from so here's the send password reset notification you can see that a token is passed in and we know that because if we go back to the broker right here it calls that method and then it passes in the token that was created okay it's passed in there so now when we come back here and we see send password reset notification that's where the token comes from it gets passed in and then we call this notify now notify as part of notifiable x' so this is actually an official notification that came with layer 5.3 so now all we need to do is actually just create a notification that's what we can customize the email and then from there we just custom we're just going to customize this function to point to our new notification hopefully that makes sense like I said this is where it starts to kind of bend your mind a little bit as this step so it's going to copy this I'm going to copy this function because we're going to now override this function because we don't want to use this notification there's notifications for our normal users we need to create another notification that contains our email we need to create another notification specifically for our admins and then we need to override this method to point to our new notification all right so in order to do that let's go now to our admin model not the controller but the model let's go to our admin model and then inside of here what we want to do is we can just paste that down below so let's just come down here and paste it so we're going to do public functions send password reset notification this is going to override the one that's default and when this default sends this one so now we want to do is we want to send an admin version of it right so we need to now make this notification and make it custom for admin so let's go ahead and make this notification and we're going to call it admin reset password notification in fact I'm going to copy this to make sure we get it right and in order to make this notification we're gonna head over to the terminal okay so now inside of our terminal and clear this out I'm inside of our project we're going to run PHP artisan make notification all right and then we're going to give it the name of the notification we want to create admin reset password notification okay we're going to click enter going to create that notification let's head back over to our project and you'll now see we have a new folder called notifications and inside of there we have admin reset password notification perfect so let's click on that and then inside of here this is actually the email that we're going to send so this is where we can customize the text and get it the way we want but before we do that we actually need to prepare it to receive the token we're going to need that token in order to create the URL that resets the password so that you can see right here we don't have a URL so we're going to create a URL to to go to the right place and we need to have the token in order to do that so in order to get that token we need to attach it as a property to this notification and we know if we go back to our admin controller or admin model you can see here that we pass the token in or here to sorry we pass the token in when we create the notification so we can now accept this token inside of our notification and then set it so back up to our notification here let's when we construct the the new notification we're going to accept a token let's go ahead and make it to a notification public make sure the public property and then public token and then the public it needs to be a public property in order for it to be passed to this sense of generating a view so we need to have it to be a public property with the private property then it won't work so make sure the public property and then from here what we're going to do is we're just going to say this we're just going to set it so we're going to say this token equals token and now we'll have this this will be set to what was passed in when we constructed it and now we can use it use it down here to create our URL so to create our URL well before we create the URL just get the text correct okay so what I did here is I went ahead and just copied the same text that's in the default email so you can customize it if you want this is the default text that comes with the normal email the only difference that we're going to have here is we are going to customize the the reset link so when they have the reset button we need that one to go to the right place because by default it goes to the normal one so to do that here let's go ahead and just create our route and we're going to submit it to let's go to our routes real fast instead of our routes we're going to submit it to this password slash wreath or sorry this one here password / reset slash token so we're going to use this this is a get request so we're going to use this one right here and we're going to attach the token and that's how we're going to create that URL so the name of this is admin password reset so back over in our notification we can give it the name drought is going to be admin dot Pats we got reset that's the name of the route and then as a second parameter we're going to pass in our token we're going to do this token and that's going to be the what it attaches to the the end of the URL so that's going to be the actual token so you're going to have a URL is going to be equivalent to slash admin / password / reset slash and then the random token okay and that's all you need to do there so you're receiving this email because you requested a password then we're gonna have a button here that's what this action does do you have a button called reset password this is the URL that the button goes to and then it says if he did not request the password don't worry about it okay so that's everything that we need and of course if you were customizing a send of is an SMS or whatever but by default we just need mail and that's it that's good to go let's go and save that file let's head back over to our admin now we've got the notification set up we can tell our admin the model to use it let's go back to our admin and you can see here we we already used it basically we say new admin reset password notifications so that links to the notification we created but we can't use this must we import it so let's import it up here so we're going to do use Apps / notifications / admin admin reset password notification okay once again you're just recreating this so admin or app I mean notifications and then that's just so that it can find this file here okay so that's actually it so now step two is complete that was along with step two is the hard one step two is complete so step one is good step two is good now it's time to do step three and step four now step three and step four are not inside of our let's close of these and just kind of clean up real quick we don't need anything more with forgot password controller the admin forgot password controller because those only this only handles step one and two we need to now work on step three and step four and both of those are handled inside of our admin reset password controller okay so inside of here you can see we use a different file everything inherits from this file here on aluminate foundation off reset password you can see it gets pulled in here we customized a few things like the redirect we customized the you know the admin guest for the middleware make sure it has the right guards when it logs us in it logs it sends the right type of user and then we tell the broker is the admins broker so that you're going to see here in a second when we use the broker we want to make sure it's linking to the right type of user information okay so that's all configured now what we need to worry about is if we look at our routes again we got to worry about these two methods here so we've got admin reset password controller reset that's step four and then the step three what we're going to do right now is admin reset password controller and then the show reset forms let's take a look at that show reset form and customize that one so once again we need to find it that will be inside of this file right here so let's head on over and look at that so down inside a vendor level framework source aluminate then we're going to go down to foundation so I can close this up go to foundation and then off and then reset passwords okay just like that and you can see here what we were looking for is right here at the top show reset form so let's copy that and you can see what's happening here by the way before we get going with it it's just going to pass in a view and pass the token in the email into the view so that's all we need to do so we don't think we really need to customize this right here so it's using the right view because we made a new version of this view but to override this we need to pull it in to our controller so let's pull it in over here so back over to our reset password' controller at the bottom let's go and paste it here's our show reset form and everything is good the only thing we need to change here is the view so the we named it the exact same thing we just had a dash admin at the end so this is for our admin one everything else you can leave the same everything else should work okay so now step three is complete now the final step step four is where we actually reset the user and the good news is there's not actually anything we have to do other than making sure the admin or the broker is configured and the guard is configured as long as and then the redirect because that's step four is where it uses all these these pieces of information right because step four is where it actually receives the request from this view that we created down here it's actually going to receive the submission it's going to process it going to and it knows where to save the updated user information because of the broker so as long as we defined the broker it knows where to save it after it successfully saved it it's then going to log us in and knows where how to log us in because we defined the guard and it's the admin guard so knows how to log it in after we're logged in it's then going to redirect us and let us continue on our business well it's going to know how to redirect us because of this redirected to so we actually don't need to do anything with step four so we're actually complete so this is this is all good to go so we're all done here let's go ahead and actually test this and see if it works one thing I will say before we test it a lot of people were trying to do this ahead of me and I just want to note a lot of people are having problems because they didn't actually configure their there's email server so make sure you configure your email server otherwise you're going to get an error okay so let's go and do that head over to our EMV file I'm going to go over to our EMV file and just make sure you have this configured a lot of you guys if you haven't done this before it'll say null and it'll say null right here okay so just make sure that these are all set up with your email service provider information if you're currently in development I suggest using male trap but there's always one person that doesn't even get this even though I explain it every single time male trap is only for development it doesn't work in production because male trap gets all the emails that you send out it doesn't send them to the people that you would expect them to send it to it traps them all hence the name male trap it traps them all and so that you can inspect them okay so male trap is for debugging it's it's for testing and debugging it's not for production male trap doesn't send emails out to to the World Wide Web you need a real email service provider to do that so just notice when you do male trap it does not send to the real people it's for development only so when you do this this is good for development but when you go production make sure that you actually use a real email service provider so you're going to want to use something like spark post Amazon SES male jet is popular in Europe so take a look at those service providers if you're looking for a service provider here's our browser let's just refresh you can see we actually are currently logged in as admin so let's just go log out real quick so we're logged in as admin let's log out real quick ok we're completely logged out of everything now let's try to login as admin we already know the user 1 works by the way that worked out of the box so I don't need to test that so let's test admin so it's asking us to login we're going to say we forgot our password there we go and oh by the way I forgot to mention this you might need to go if this link isn't sending you to like right now it doesn't send us to the right place so we made one mistake let's go fix it so on that for we need to make sure it's sending us to the admin version let me just note that again so see up here it's not admin / password / reset it's the user password reset so this link here when we have our admin login this view right here we need to fix this link so it goes to the right place because right now it links us to the user password reset and not the admin password reset easy fix go over to our views where's our views resources views that's Endor off and then we have our admin login so under admin login what we can do is let's see forgotten password right here forgot your password so it links us to the password reset route we need to go to admin password reset okay so now it's going to go to the right place let's just paste that and then come back over here let me just refresh this so now I want to come down here you can see the link at the bottom it goes to the right place now we're at admin / password reset that's what we wanted and now we can if we're going we're in the right place so let's do our email address this is an email for admin if you put an email that's such as this one this is there's not currently an admin user for Alex at example.com right but there is a user user but if I click this it should it should fail perfect it can't find a user with that email address because that user exists for users but not for admins so I need to put in a email address that is for an admin in this case hello at deaf marketer I oh is a admin user let's click send password reset link and it says it was successful let's now head over to mail trap let me login let's go to our browser and here we go we got a new one so admin reset password notification this was sent a few seconds ago this is fresh off the press just got sent to us and here it says you're receiving this because of your password reset you can reset your password or you can here's the full URL here at the bottom if you have problems with it now you'll notice when you look at this it says I has our URL slash admin / password flash reset and then the Tok so that's the URL that we needed this is the correct one and if we highlight over this at the damn bottom you can see the same thing it sends us to slash admin / password let's click it and now you can see we're at the right one admins password reset let's now do our email address so once again hello at deaf marketer comm password is passed I'm just a new password for me password confirm it and then reset the password and now we're back to slash admin which is where we wanted to be redirected to we configure that in our controller and we're now logged in as admin okay we're not logged in so user but we're logged in as admin so it's working okay so hopefully that solves all of your guyses questions with multiple authentication if you guys have any further questions about multiple authentication you still have some questions about how to get it working and stuff like that leave a comment below because I do read those emails and/or I do read those comments you can also email me but I do read those comments they help me know where to direct the next videos so if there are further questions I'm happy to make another video to follow up with this one to address any questions that's actually what we did in part 4 part 4 was originally going to be this video but you guys had so many questions about the logged logging users in that I went ahead and made a video that I wasn't actually planning on making I made a video for that as part 4 and then we made this one as part 5 so if you guys have more questions just let me know I'll make a video about it will be part 6 but I'm not planning on having it in any future parts unless there's a lot of questions so this will finish up the tutorial if you guys found this useful reach out to me on Twitter I'd love to hear when you guys find these videos useful I love getting those emails of people that said hey I finally understand multiple authentication thank you thank you thank you I love those er those tweets the emails are great - you guys can shoot me an email over there also if you guys found this very informative and you guys haven't subscribed yet please subscribe it shows me that you guys care it shows me you guys are grateful the thumbs up show me you care if you're already subscriber but if you're not a subscriber you can get more great tutorials like this we got a lot more coming up soon so make sure that you subscribe I'll even stop talking so you guys can stop and subscribe alright so make sure you subscribe if you watch all these videos I'm given away for free the least I asked for is just that you subscribe it helps me out helps you guys out it's a win-win situation hit me up on Twitter if you guys found this informative if you have any other questions anything else you want to see you can email me hello @j a curtis calm or hello at dev marketer do whatever go to the same place you guys cannot tell me what else you're looking for if you're looking for some other tutorial related to level I'm always looking for video ideas so I would love to hear those from you guys so that's really really exciting and that's all I've got for you guys today so I hope you guys found this tutorial series very very useful again let me know if it was useful I love hearing it and until next time guys I'll see you guys in the next video

Info

Channel: DevMarketer

Views: 50,012

Rating: undefined out of 5

Keywords: laravel, multi-auth, users, authentication, password, forgot, help, tutorial, best, easy, code, php

Id: jNdVW8lsFOo

Channel Id: undefined

Length: 55min 26sec (3326 seconds)

Published: Tue May 23 2017