I am using Laravel's "reset password".
There is something particular in our architecture: several accounts can have the same email address, the login is the unique key. I would like to change the password reset controller so that, in password reset view: - if the user put its email, the password is set for all accounts with this email (should I do it in a middleware? now only a random account is set, the first one I guess) - if the user put its login, we change the password of its login only
Do you think this is possible? (for new accounts it will be impossible to create a new account with an existing email, but now we have about 8000 users with double email accounts, so this cannot be changed unfortunately). thanks a lot in advance for your advices!
here is my code and I don't know where to start
[EDIT]
Here is my code after Mostakim Billah's suggestion: I rewrote the existing resetPassword et reset function (let them as they were) and added the //HERE part
public function reset(Request $request)
{
$request->validate($this->rules(), $this->validationErrorMessages());
$response = $this->broker()->reset(
$this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
return $response == Password::PASSWORD_RESET
? $this->sendResetResponse($request, $response)
: $this->sendResetFailedResponse($request, $response);
}
protected function resetPassword($user, $password)
{
$user->password = Hash::make($password);
$user->setRememberToken(Str::random(60));
$user->save();
// HERE: set passwords for other users with the same email
**User::where('email', $user->email)
->where('login', '!=', $user->login)
->where('password', null)
->update(['password' => Hash::make($password)]);**
event(new PasswordReset($user));
$this->guard()->login($user);
}
