3 namespace BookStack\Access\Controllers;
5 use BookStack\Activity\ActivityType;
6 use BookStack\Http\Controller;
7 use Illuminate\Http\Request;
8 use Illuminate\Support\Facades\Password;
9 use Illuminate\Support\Sleep;
11 class ForgotPasswordController extends Controller
13 public function __construct()
15 $this->middleware('guest');
16 $this->middleware('guard:standard');
20 * Display the form to request a password reset link.
22 public function showLinkRequestForm()
24 return view('auth.passwords.email');
28 * Send a reset link to the given user.
30 public function sendResetLinkEmail(Request $request)
32 $this->validate($request, [
33 'email' => ['required', 'email'],
36 // Add random pause to the response to help avoid time-base sniffing
37 // of valid resets via slower email send handling.
38 Sleep::for(random_int(1000, 3000))->milliseconds();
40 // We will send the password reset link to this user. Once we have attempted
41 // to send the link, we will examine the response then see the message we
42 // need to show to the user. Finally, we'll send out a proper response.
43 $response = Password::broker()->sendResetLink(
44 $request->only('email')
47 if ($response === Password::RESET_LINK_SENT) {
48 $this->logActivity(ActivityType::AUTH_PASSWORD_RESET, $request->get('email'));
51 if (in_array($response, [Password::RESET_LINK_SENT, Password::INVALID_USER, Password::RESET_THROTTLED])) {
52 $message = trans('auth.reset_password_sent', ['email' => $request->get('email')]);
53 $this->showSuccessNotification($message);
55 return redirect('/password/email')->with('status', trans($response));
58 // If an error was returned by the password broker, we will get this message
59 // translated so we can notify a user of the problem. We'll redirect back
60 // to where the users came from so they can attempt this process again.
61 return redirect('/password/email')->withErrors(
62 ['email' => trans($response)]
projects / bookstack / blob