From 142afd5fb1c14daeddcd1745a6aa47664382afff Mon Sep 17 00:00:00 2001
From: Nima8FT <nima_8ak@yahoo.com>
Date: Thu, 17 Apr 2025 14:35:53 +0330
Subject: [PATCH] Implement Forgot Password and Reset Password functionality
 using Laravel Passport

---
 .../Auth/Password/ResetPasswordController.php | 48 +++++++++++++++++++
 .../SendPasswordNotificationController.php    | 37 ++++++++++++++
 .../Requests/PasswordNotificationRequest.php  | 28 +++++++++++
 .../Http/Requests/ResetPasswordRequest.php    | 30 ++++++++++++
 API/Passport/routes/api.php                   | 10 +++-
 5 files changed, 152 insertions(+), 1 deletion(-)
 create mode 100644 API/Passport/app/Http/Controllers/API/Auth/Password/ResetPasswordController.php
 create mode 100644 API/Passport/app/Http/Controllers/API/Auth/Password/SendPasswordNotificationController.php
 create mode 100644 API/Passport/app/Http/Requests/PasswordNotificationRequest.php
 create mode 100644 API/Passport/app/Http/Requests/ResetPasswordRequest.php

diff --git a/API/Passport/app/Http/Controllers/API/Auth/Password/ResetPasswordController.php b/API/Passport/app/Http/Controllers/API/Auth/Password/ResetPasswordController.php
new file mode 100644
index 0000000..21c9860
--- /dev/null
+++ b/API/Passport/app/Http/Controllers/API/Auth/Password/ResetPasswordController.php
@@ -0,0 +1,48 @@
+<?php
+
+namespace App\Http\Controllers\API\Auth\Password;
+
+use App\Models\User;
+use Illuminate\Support\Str;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Password;
+use Illuminate\Auth\Events\PasswordReset;
+use App\Http\Requests\ResetPasswordRequest;
+
+class ResetPasswordController extends Controller
+{
+    public function resetPassword(ResetPasswordRequest $request)
+    {
+        try {
+            $status = Password::reset(
+                $request->only('email', 'password', 'password_confirmation', 'token'),
+                function (User $user, string $password) {
+                    $user->forceFill([
+                        'password' => Hash::make($password)
+                    ])->setRememberToken(Str::random(60));
+                    $user->save();
+                    event(new PasswordReset($user));
+                }
+            );
+            if ($status === Password::PasswordReset) {
+                return response()->json([
+                    'status' => 1,
+                    'message' => 'Your password has been reset!'
+                ]);
+            } else {
+                return response()->json([
+                    'status' => 1,
+                    'message' => 'This password reset token is invalid.'
+                ]);
+            }
+        } catch (\Exception $e) {
+            return response()->json([
+                'status' => 0,
+                'error' => 'We couldn’t process the request due to an error. Please try again later.',
+                'message' => $e->getMessage(),
+            ], 500);
+        }
+    }
+}
diff --git a/API/Passport/app/Http/Controllers/API/Auth/Password/SendPasswordNotificationController.php b/API/Passport/app/Http/Controllers/API/Auth/Password/SendPasswordNotificationController.php
new file mode 100644
index 0000000..5572397
--- /dev/null
+++ b/API/Passport/app/Http/Controllers/API/Auth/Password/SendPasswordNotificationController.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Http\Controllers\API\Auth\Password;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Password;
+use App\Http\Requests\PasswordNotificationRequest;
+
+class SendPasswordNotificationController extends Controller
+{
+    public function passwordNotification(PasswordNotificationRequest $request)
+    {
+        try {
+            $status = Password::sendResetLink(
+                $request->only('email')
+            );
+            if ($status === Password::ResetLinkSent) {
+                return response()->json([
+                    'status' => 1,
+                    'message' => "We’ve emailed you the password reset link. Please check your inbox!",
+                ], 200);
+            } else {
+                return response()->json([
+                    'status' => 0,
+                    'message' => "We can’t find a user with that email address.",
+                ], 200);
+            }
+        } catch (\Exception $e) {
+            return response()->json([
+                'status' => 0,
+                'error' => 'We couldn’t send the password reset email due to an error. Please try again later.',
+                'message' => $e->getMessage(),
+            ], 500);
+        }
+    }
+}
diff --git a/API/Passport/app/Http/Requests/PasswordNotificationRequest.php b/API/Passport/app/Http/Requests/PasswordNotificationRequest.php
new file mode 100644
index 0000000..fa36433
--- /dev/null
+++ b/API/Passport/app/Http/Requests/PasswordNotificationRequest.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class PasswordNotificationRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            "email" => "required|email|exists:users,email",
+        ];
+    }
+}
diff --git a/API/Passport/app/Http/Requests/ResetPasswordRequest.php b/API/Passport/app/Http/Requests/ResetPasswordRequest.php
new file mode 100644
index 0000000..fc47663
--- /dev/null
+++ b/API/Passport/app/Http/Requests/ResetPasswordRequest.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ResetPasswordRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'token' => 'required',
+            'email' => 'required|email|exists:users,email',
+            'password' => 'required|min:8|confirmed',
+        ];
+    }
+}
diff --git a/API/Passport/routes/api.php b/API/Passport/routes/api.php
index 2968c39..85639ae 100644
--- a/API/Passport/routes/api.php
+++ b/API/Passport/routes/api.php
@@ -7,7 +7,9 @@ use App\Http\Controllers\API\Auth\LogoutController;
 use App\Http\Controllers\API\Auth\RegisterController;
 use App\Http\Controllers\API\Auth\DeleteAccountController;
 use App\Http\Controllers\API\Auth\Mail\VerifyMailController;
+use App\Http\Controllers\API\Auth\Password\ResetPasswordController;
 use App\Http\Controllers\API\Auth\Mail\SendMailNotificationController;
+use App\Http\Controllers\API\Auth\Password\SendPasswordNotificationController;
 
 Route::get('/user', function (Request $request) {
     return $request->user();
@@ -22,5 +24,11 @@ Route::group(['middleware' => ['auth:api']], function () {
 
     //verified email route
     Route::post('email/verification-notification', [SendMailNotificationController::class, 'sendNotification'])->name('mail.notification');
-    Route::post('/email/verify/{id}/{hash}', [VerifyMailController::class, 'verifyMail'])->name('verification.verify');
+    Route::post('email/verify/{id}/{hash}', [VerifyMailController::class, 'verifyMail'])->name('verification.verify');
+});
+
+//route for forgot password
+Route::group(['middleware' => ['guest']], function () {
+    Route::post('forgot-password', [SendPasswordNotificationController::class, 'passwordNotification'])->name('password.notification');
+    Route::post('reset-password', [ResetPasswordController::class, 'resetPassword'])->name('password.reset');
 });