diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
index 4303afa40a04..b19a40cde50f 100644
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -3,6 +3,8 @@
namespace App\Http\Controllers\Auth;
use Event;
+use Illuminate\Http\Request;
+use App\Models\PasswordReset;
use App\Events\UserLoggedIn;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
@@ -58,10 +60,13 @@ class ResetPasswordController extends Controller
public function showResetForm(Request $request, $token = null)
{
$passwordReset = PasswordReset::whereToken($token)->first();
- $email = $passwordReset ? $passwordReset->email : '';
+
+ if (! $passwordReset) {
+ return redirect('login')->withMessage(trans('texts.invalid_code'));
+ }
return view('auth.passwords.reset')->with(
- ['token' => $token, 'email' => $email]
+ ['token' => $token, 'email' => $passwordReset->email]
);
}
}
diff --git a/app/Http/Controllers/ClientAuth/ResetPasswordController.php b/app/Http/Controllers/ClientAuth/ResetPasswordController.php
index a2b379a4191d..33b8f85e38ba 100644
--- a/app/Http/Controllers/ClientAuth/ResetPasswordController.php
+++ b/app/Http/Controllers/ClientAuth/ResetPasswordController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\ClientAuth;
use Password;
use Config;
+use App\Models\PasswordReset;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
use Illuminate\Http\Request;
@@ -56,10 +57,13 @@ class ResetPasswordController extends Controller
public function showResetForm(Request $request, $token = null)
{
$passwordReset = PasswordReset::whereToken($token)->first();
- $email = $passwordReset ? $passwordReset->email : '';
+
+ if (! $passwordReset) {
+ return redirect('login')->withMessage(trans('texts.invalid_code'));
+ }
return view('clientauth.passwords.reset')->with(
- ['token' => $token, 'email' => $email]
+ ['token' => $token, 'email' => $passwordReset->email]
);
}
diff --git a/resources/views/auth/passwords/reset.blade.php b/resources/views/auth/passwords/reset.blade.php
index 8d9df7cb83f2..46ff102143bf 100644
--- a/resources/views/auth/passwords/reset.blade.php
+++ b/resources/views/auth/passwords/reset.blade.php
@@ -40,7 +40,7 @@
- {!! Former::text('email')->placeholder(trans('texts.password'))->value($email)->raw() !!}
+ {!! Former::text('email')->placeholder(trans('texts.email'))->value($email)->readonly(true)->raw() !!}
{!! Former::password('password')->placeholder(trans('texts.password'))->autocomplete('new-password')->raw() !!}
{!! Former::password('password_confirmation')->placeholder(trans('texts.confirm_password'))->autocomplete('new-password')->raw() !!}
@@ -52,7 +52,7 @@
diff --git a/resources/views/clientauth/passwords/reset.blade.php b/resources/views/clientauth/passwords/reset.blade.php
index 0c2a50005e8a..f0a0b05aaf39 100644
--- a/resources/views/clientauth/passwords/reset.blade.php
+++ b/resources/views/clientauth/passwords/reset.blade.php
@@ -40,7 +40,7 @@
- {!! Former::text('email')->placeholder(trans('texts.password'))->value($email)->raw() !!}
+ {!! Former::text('email')->placeholder(trans('texts.email'))->value($email)->readonly(true)->raw() !!}
{!! Former::password('password')->placeholder(trans('texts.password'))->autocomplete('new-password')->raw() !!}
{!! Former::password('password_confirmation')->placeholder(trans('texts.confirm_password'))->autocomplete('new-password')->raw() !!}