diff --git a/app/Http/Controllers/api/AuthController.php b/app/Http/Controllers/api/AuthController.php index 8a19f09..9e6627e 100644 --- a/app/Http/Controllers/api/AuthController.php +++ b/app/Http/Controllers/api/AuthController.php @@ -43,4 +43,9 @@ class AuthController extends Controller { $request->user()->currentAccessToken()->delete(); return JSONResponse::Success(); } + + public function changePassword(Request $request) { + $request->user()->changePassword($request); + return JSONResponse::Success(); + } } diff --git a/app/Models/User.php b/app/Models/User.php index c6deda6..591e130 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -6,6 +6,8 @@ namespace App\Models; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; +use Illuminate\Http\Request; +use Illuminate\Support\Facades\Hash; use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable @@ -44,4 +46,18 @@ class User extends Authenticatable 'email_verified_at' => 'datetime', 'password' => 'hashed', ]; + + public function changePassword(Request $request) { + $request->validate([ + 'newPassword' => 'required|string|min:8', + 'confirmNewPassword' => 'required|string|min:8', + ]); + + if($request->newPassword != $request->confirmNewPassword) { + throw new \Exception("New Password & Confirm New Pasword are not same"); + } + + $this->password = Hash::make($request->newPassword); + $this->save(); + } } diff --git a/routes/api.php b/routes/api.php index 0d34e2f..5e2846e 100644 --- a/routes/api.php +++ b/routes/api.php @@ -21,6 +21,7 @@ Route::controller(AuthController::class )->group(function() { Route::post('/login', 'login'); Route::middleware(USER_MIDDLEWARES)->group(function() { Route::post('/auth/check', 'check'); + Route::post('/auth/change-password', 'changePassword'); Route::post('/auth/logout', 'logout'); }); });