我正在构建一个密码重置机制,它工作得很好,除了一个小奇怪的问题。Redirect::to('/login')
如果在 Password::reset() 部分调用,则不起作用。
Password::reset($credentials, function($user, $password) {
$user->password = Hash::make($password);
$user->save();
return Redirect::to('/login');
});
但是,如果我把它放在外面,它会起作用:
Password::reset($credentials, function($user, $password) {
$user->password = Hash::make($password);
$user->save();
});
return Redirect::to('/login');
但在这种情况下,我如何验证用户的电子邮件是否属于实际令牌?
理想情况下,我想得到这样的东西
Password::reset($credentials, function($user, $password) {
$user->password = Hash::make($password);
$user->save();
return Redirect::to('/login'); // success you may use your new password
});
return Redirect::to('/reset'); // validation falied try one more time