coolify/app/Actions/Fortify/ResetUserPassword.php
Heyang Gong 1ad047fb6b fix: OAuth-only enforcement and migration dates
- Fix migration dates from 2025 to 2026
- Add OAuth-only enforcement in Fortify authentication
- Prevent OAuth-only users from resetting passwords
- Prevent OAuth-only users from updating passwords
2026-03-10 08:17:33 +08:00

34 lines
945 B
PHP

<?php
namespace App\Actions\Fortify;
use App\Models\User;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;
use Laravel\Fortify\Contracts\ResetsUserPasswords;
class ResetUserPassword implements ResetsUserPasswords
{
/**
* Validate and reset the user's forgotten password.
*
* @param array<string, string> $input
*/
public function reset(User $user, array $input): void
{
// Prevent OAuth-only users from resetting passwords
if ($user->oauth_only) {
throw new \Exception('OAuth-only users cannot reset passwords.');
}
Validator::make($input, [
'password' => ['required', Password::defaults(), 'confirmed'],
])->validate();
$user->forceFill([
'password' => Hash::make($input['password']),
])->save();
$user->deleteAllSessions();
}
}