I use the Laravel auth system to send out a welcome email to all new users. Mostly it works fine but I have had a few isolated incidents where I get the "password reset token is invalid" error.
In order to diagnose this I would like to be able to manually compare the strings that are provided in the user's URL (i.e. the token that I emailed them) against the value stored in the password_resets.token
field. How can I do that?
The token in the URL seems to be 64 hex characters. The token in the database starts with $2y$10$
, so I presume it is the output of the password_hash
function. How can I translate from one to another?