Laravel Manually generating reset password token : Getting error “This password reset token is invalid”

Question

I am trying to generate reset password token manually in laravel.

$string = hash_hmac('sha256', Str::random(40), "my hash string");

then I got "0afa340dc692ffa51c1ba12b1db8819a8e4eaebb44a991bb288c3af877d36ee6"

I hashed this string with

$hash = Hash::make($string);

then I got

$2y$10$onDUmasKFCF9r1.VwOq3ze7Kx225UZK/HkwoUmH4h5dRo/8iCV2Be

I saved the hashed token in "password_resets" table corresponding to an email id. I replaced the generated string in the reset password url and tried to reset the password of specified email, but I am always getting "This password reset token is invalid" .

Is there any mistake from my manual generation. Please help.

Solivan Solivan · Accepted Answer · 2018-05-11T07:46:41

this function in your model will generate password rest link:

public function getNewPassResetUrl(){
    $token=str_random(60);
    \DB::table('admin_password_resets')->where('email',$this->email)->delete();
    \DB::table('admin_password_resets')->insert([
        'email' => $this->email,
        'token' => \Hash::make($token), //change 60 to any length you want
        'created_at' => \Carbon\Carbon::now()
    ]);
    return url('reset',$token);
}

Laravel Manually generating reset password token : Getting error “This password reset token is invalid”

1 Answers