X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/9dc9724e15bdd6d2bd316f7fa24592da72124bc5..7d38c96a23f2d9127b4201f5ed80b5d75fefcefb:/app/Http/Controllers/Auth/ResetPasswordController.php

diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
index 656b8cc42..efdf00159 100644
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -4,6 +4,8 @@ namespace BookStack\Http\Controllers\Auth;
 
 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ResetsPasswords;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Password;
 
 class ResetPasswordController extends Controller
 {
@@ -20,6 +22,8 @@ class ResetPasswordController extends Controller
 
     use ResetsPasswords;
 
+    protected $redirectTo = '/';
+
     /**
      * Create a new controller instance.
      *
@@ -28,6 +32,42 @@ class ResetPasswordController extends Controller
     public function __construct()
     {
         $this->middleware('guest');
+        $this->middleware('guard:standard');
         parent::__construct();
     }
-}
\ No newline at end of file
+
+    /**
+     * Get the response for a successful password reset.
+     *
+     * @param Request $request
+     * @param string $response
+     * @return \Illuminate\Http\Response
+     */
+    protected function sendResetResponse(Request $request, $response)
+    {
+        $message = trans('auth.reset_password_success');
+        $this->showSuccessNotification($message);
+        return redirect($this->redirectPath())
+            ->with('status', trans($response));
+    }
+
+    /**
+     * Get the response for a failed password reset.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string  $response
+     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
+     */
+    protected function sendResetFailedResponse(Request $request, $response)
+    {
+        // We show invalid users as invalid tokens as to not leak what
+        // users may exist in the system.
+        if ($response === Password::INVALID_USER) {
+            $response = Password::INVALID_TOKEN;
+        }
+
+        return redirect()->back()
+            ->withInput($request->only('email'))
+            ->withErrors(['email' => trans($response)]);
+    }
+}