Reset password flow implementation

app/Http/Controllers/LoginController.php

@@ -4,9 +4,11 @@ namespace App\Http\Controllers;
 
 use App\Http\Middleware\RedirectAuthenticatedPro;
 use App\Lib\Backend;
+use App\Models\Pro;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cookie;
 use Exception;
+use Illuminate\Support\Facades\Http;
 
 class LoginController extends Controller
 {
@@ -28,7 +30,40 @@ class LoginController extends Controller
 
     public function processRequestPasswordReset(Request $request)
     {
-        //Api call
+        try {
+
+            $url = env('BACKEND_URL', 'http://localhost:8080') . '/pro/requestPasswordReset';
+
+            $data = [
+                'cellNumber' => $request->input('cellNumber'),
+            ];
+
+            $response = Http::asForm()
+                ->post($url, $data)
+                ->json();
+
+            if(!isset($response['success']) || !$response['success']){
+                $message = 'API error';
+                if(isset($response['error'])) {
+                    $message = $response['error'];
+                    if(isset($response['path'])) $message .= ': ' . $response['path'];
+                }
+                else if(isset($response['message'])) $message = $response['message'];
+                return redirect('/request_password_reset')
+                    ->withInput()
+                    ->with('message', $message);
+            }
+
+            // load pro and set security questions in the session
+            $guestPro = Pro::where('cell_number', $request->input('cellNumber'))->first();
+            $request->session()->put('sq1', $guestPro->security_question_1);
+            $request->session()->put('sq2', $guestPro->security_question_2);
+
+            return redirect('/self_reset_password');
+
+        } catch (\Exception $e) {
+            return redirect()->back()->with('message', $e->getMessage());
+        }
     }
 
     public function showSelfResetPassword(Request $request)
@@ -38,7 +73,43 @@ class LoginController extends Controller
 
     public function processSelfResetPassword(Request $request)
     {
-       //Api call
+        try {
+
+            $url = env('BACKEND_URL', 'http://localhost:8080') . '/pro/selfResetPassword';
+
+            $data = [
+                'cellNumber' => $request->input('cellNumber'),
+                'passwordResetToken' => $request->input('passwordResetToken'),
+                'securityQuestionAnswer1' => $request->input('securityQuestionAnswer1'),
+                'securityQuestionAnswer2' => $request->input('securityQuestionAnswer2'),
+                'password' => $request->input('password'),
+                'passwordConfirmation' => $request->input('passwordConfirmation'),
+            ];
+
+            $response = Http::asForm()
+                ->post($url, $data)
+                ->json();
+
+            if(!isset($response['success']) || !$response['success']){
+                $message = 'API error';
+                if(isset($response['error'])) {
+                    $message = $response['error'];
+                    if(isset($response['path'])) $message .= ': ' . $response['path'];
+                }
+                else if(isset($response['message'])) $message = $response['message'];
+                return redirect('/self_reset_password')
+                    ->withInput()
+                    ->with('message', $message);
+            }
+
+            $request->session()->remove('sq1');
+            $request->session()->remove('sq2');
+
+            return redirect('/login');
+
+        } catch (\Exception $e) {
+            return redirect()->back()->with('message', $e->getMessage());
+        }
     }
 
 

resources/views/app/login.blade.php

@@ -25,6 +25,11 @@
                 <div class="row">
                   <div class="col-md-6 login-form">
                     <h4 class="login-header mb-3">Sign in to your account</h4>
+                      @if(session()->has('message'))
+                          <div class="alert alert-danger">
+                              {{session('message')}}
+                          </div>
+                      @endif
                     <div class="w-70">
                       <div class="form-group">
                         <label for="cell-number" class="">Cell Number</label>
@@ -36,13 +41,11 @@
                         <label for="password" class="">Password</label>
                         <input type="password" id="password" name="password" class="form-control" required <?= old('cell-number') ? 'autofocus' : '' ?>>
                       </div>
+                        <div class="d-flex align-items-center">
+                            <button id="sign-in-btn" class="mt-2 px-3 btn btn-info btn-sm" type="submit">Sign in</button>
+                            <a href="/request_password_reset" class="ml-auto small text-secondary">Forgot password?</a>
+                        </div>
                     </div>
-                    @if(session()->has('message'))
-                    <div class="alert alert-danger">
-                      {{session('message')}}
-                    </div>
-                    @endif
-                    <button id="sign-in-btn" class="mt-2 px-3 btn btn-info btn-sm" type="submit">Sign in</button>
                   </div>
                   <div class="col-md-6 bg-holder">
                     <a href="{{route('request_password_reset')}}">forgot your password?</a>

resources/views/app/request_password_reset.blade.php

@@ -1,10 +1,28 @@
-@extends ('layouts.template')
+@extends ('layouts.auth')
 
 @section('content')
-<h1>Please enter your phone number to reset your password</h1>
 
-<form action="">
-    String cellNumber;
-</form>
-@endsection
+    <div class="card border-0 rounded-0 mcp-theme-1 bg-transparent">
+        <div class="card-header text-center font-weight-bold">
+            Reset Password
+        </div>
+        <div class="card-body bg-transparent">
+            @if(session()->has('message'))
+                <div class="alert alert-danger">
+                    {{session('message')}}
+                </div>
+            @endif
+            <form action="/request_password_reset" method="POST">
+                @csrf
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Cell Number *</label>
+                    <input type="text" class="form-control" value="" name="cellNumber" required>
+                </div>
+                <div class="form-group mb-0 text-center">
+                    <button class="btn btn-primary btn-sm px-4 py-2">Submit</button>
+                </div>
+            </form>
+        </div>
+    </div>
 
+@endsection

resources/views/app/self_reset_password.blade.php

@@ -0,0 +1,48 @@
+@extends ('layouts.auth')
+
+@section('content')
+
+<div class="card border-0 rounded-0 mcp-theme-1 bg-transparent">
+    <div class="card-header text-center font-weight-bold">
+        Reset Password
+    </div>
+    <div class="card-body bg-transparent">
+        @if(session()->has('message'))
+        <div class="alert alert-danger">
+            {{session('message')}}
+        </div>
+        @endif
+        <form action="/self_reset_password" method="POST">
+            @csrf
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary">Cell Number *</label>
+                <input autofocus type="text" class="form-control" value="" name="cellNumber" required>
+            </div>
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary d-flex align-items-center">Reset Token * <span class="ml-auto text-sm">(sent to your phone)</span></label>
+                <input type="text" class="form-control" name="passwordResetToken" required>
+            </div>
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary d-flex align-items-center"><b>{{ session()->get('sq1') }}</b></label>
+                <input type="text" class="form-control" name="securityQuestionAnswer1" required>
+            </div>
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary d-flex align-items-center"><b>{{ session()->get('sq2') }}</b></label>
+                <input type="text" class="form-control" name="securityQuestionAnswer2" required>
+            </div>
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary">Password *</label>
+                <input autofocus type="password" class="form-control" value="" name="password" required>
+            </div>
+            <div class="form-group">
+                <label for="" class="control-label mb-1 text-secondary d-flex align-items-center">Confirm Password *</label>
+                <input type="password" class="form-control" name="passwordConfirmation" required>
+            </div>
+            <div class="form-group mb-0 text-center">
+                <button class="btn btn-primary btn-sm px-4 py-2">Submit</button>
+            </div>
+        </form>
+    </div>
+</div>
+
+@endsection

resources/views/app/self_reset_password.php

@@ -1,20 +0,0 @@
-@extends ('layouts.template')
-
-@section('content')
-<h1>Please fill the form below to reset your password.</h1>
-
-<form action="">
-		String cellNumber;
-		
-		String passwordResetToken;
-		
-		String securityQuestionAnswer1;
-		
-		String securityQuestionAnswer2;
-		
-		String password;
-		
-		String passwordConfirmation;
-</form>
-@endsection
-

resources/views/app/set_security_questions.blade.php

@@ -16,7 +16,14 @@
                 @csrf
                 <div class="form-group">
                     <label for="" class="control-label mb-1 text-secondary">Security Question 1 *</label>
-                    <input autofocus type="text" class="form-control" value="" name="securityQuestion1" required>
+                    <select autofocus class="form-control" name="securityQuestion1" required>
+                        <option value="">-- select --</option>
+                        <option value="Your mother's maiden name?">What is your mother's maiden name?</option>
+                        <option value="Name of your first pet?">What is the name of your first pet?</option>
+                        <option value="Brand of your first car?">What was your first car?</option>
+                        <option value="The elementary school did attended?">What elementary school did you attend?</option>
+                        <option value="The City you were born?">What is the name of the town where you were born?</option>
+                    </select>
                 </div>
                 <div class="form-group">
                     <label for="" class="control-label mb-1 text-secondary">Security Answer 1 *</label>
@@ -24,7 +31,14 @@
                 </div>
                 <div class="form-group">
                     <label for="" class="control-label mb-1 text-secondary">Security Question 2 *</label>
-                    <input type="text" class="form-control" value="" name="securityQuestion2" required>
+                    <select autofocus class="form-control" name="securityQuestion2" required>
+                        <option value="">-- select --</option>
+                        <option value="Your favorite book?">What is your favorite book?</option>
+                        <option value="The first company that you worked for">The first company that you worked for</option>
+                        <option value="Where did you meet your spouse?">Where did you meet your spouse?</option>
+                        <option value="What is your favorite food?">What is your favorite food?</option>
+                        <option value="Your favorite place to vacation?">Your favorite place to vacation?</option>
+                    </select>
                 </div>
                 <div class="form-group">
                     <label for="" class="control-label mb-1 text-secondary">Security Answer 2 *</label>

routes/web.php

@@ -25,9 +25,9 @@ Route::get('login', 'LoginController@showLoginForm')->name('login');
 Route::post('login', 'LoginController@login');
 
 Route::get('request_password_reset', 'LoginController@showRequestPasswordReset')->name('request_password_reset');
-Route::post('process_request_password_reset', 'LoginController@processRequestPasswordReset')->name('process_request_password_reset');
+Route::post('request_password_reset', 'LoginController@processRequestPasswordReset')->name('process_request_password_reset');
 Route::get('self_reset_password', 'LoginController@showSelfResetPassword')->name('self_reset_password');
-Route::post('process_self_reset_password', 'LoginController@processSelfResetPassword')->name('process_self_reset_password');
+Route::post('self_reset_password', 'LoginController@processSelfResetPassword')->name('process_self_reset_password');
 
 Route::post('logout', 'LoginController@logout')->name('logout');