public function reset(UserRepository $users, Request $request)
{
if ($request->has('uid') && $request->has('token')) {
// get user instance from repository
$user = $users->get($request->input('uid'));
if (!$user) {
return redirect('auth/forgot')->with('msg', trans('auth.reset.invalid'));
}
// unpack to get user token & timestamp
$encrypted = base64_decode($request->input('token'));
$token = substr($encrypted, 0, -22);
$timestamp = substr($encrypted, strlen($token), 6);
if ($user->getToken() != $token) {
return redirect('auth/forgot')->with('msg', trans('auth.reset.invalid'));
}
// more than 1 hour
if (substr(time(), 4, 6) - $timestamp > 3600) {
return redirect('auth/forgot')->with('msg', trans('auth.reset.expired'));
}
return view('auth.reset')->with('user', $user);
} else {
return redirect('auth/login')->with('msg', trans('auth.check.anonymous'));
}
}
