I’m doing the forgot password and recover password feature using Laravel API and React. I’ve done the form and now I’m stuck at the backend part.
In the forgotPassword function, it will send a link for recover password at the user’s email. But this code Mail::send('email.forgetPassword',
is a view file for Laravel. How to adjust this part for React? This is my first time doing auth using Laravel hehe.
Function
public function forgotPassword(Request $request){
$request->validate(['email' => ['required', 'string', 'email', 'max:255']]);
$token = Str::random(64);
DB::table('password_reset_tokens')->insert([
'email' => $request->email,
'token' => $token,
'created_at' => Carbon::now()
]);
Mail::send('email.forgetPassword', ['token' => $token],
function($message) use ($request){
$message->to($request->email);
$message->subject('Reset Password');
}
);
return response()->json(['message', 'We have e-mailed your password reset link!']);
}
Route
Route::post('forgot-password', [UserController::class, 'forgotPassword'])->name('password.email');
Forgot Password Form
const handleSubmit = async (event) => {
event.preventDefault();
setLoading(true);
setStatus(null);
const data = {email};
try {
await API.get("/api/csrf-cookie").then(async () => {
const response = await API.post('/api/forgot-password', data);
setStatus(response.data.status);
if (response.data.error){
console.log(response.data.error);
setLoading(false);
}
});
} catch (error){
console.log(error);
setLoading(false);
}
}
2
Answers
I can see that in your question you’re doing the process manually, while Laravel provides built-in services that you can use to implement this functionality robustly and easily.
Let’s take a brief look at the process:
Prepare your authenticatable model(s): your authenticatable model(s) (e.g.
AppModelsUser
, or any other model that has login capabilities) must implement theIlluminateContractsAuthCanResetPassword
interface, and it should use theIlluminateAuthPasswordsCanResetPassword
trait.Prepare your routes: your application must contain 4 basic routes, these routes are as follows:
GET
route that returns the view that contains a form in which the user will be asked to enter his E-mail. Since you’re using React, you don’t need to return any view, so you can leave this route empty, but you must define it nevertheless.POST
route that handles the form submission request, this route will be responsible for validating the email address and sending the password reset request to the corresponding user. Here, sending the reset password link to the user is as easy as calling theIlluminateSupportFacadesPassword::sendResetLink()
method.GET
route that will display the reset password form that is displayed when the user clicks the reset password link. This route will receive a token parameter that we will use later to verify the password reset request. Once again, since you’re using React, you may leave this route empty, but it must be defined whatsoever.POST
route that will be responsible for validating the incoming request and updating the user’s password in the database.Notice that you don’t need to interact with the
password_reset_tokens
table, Laravel does that automatically.Regarding your question about the mail template: this is a blade file that gets turned into an E-mail and sent over to the user. In order to do customizations on this template, you should run the command:
Which will create a new
resources/views/vendor/mail
directory that contains the template files for the mail.You can learn more about Laravel password reset functionality at: https://laravel.com/docs/10.x/passwords
php artisan vendor:publish –tag=laravel-mail
Which will create a new resources/views/vendor/mail directory that contains the template files for the mail.
You can learn more about Laravel password reset functionality at: https://laravel.com/docs/10.x/passwords