misc_pterodactyl-panel/app/Http/Controllers/Auth/ForgotPasswordController.php

<?php

namespace Pterodactyl\Http\Controllers\Auth;

use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Password;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Events\Auth\FailedPasswordReset;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;

class ForgotPasswordController extends Controller
{
    use SendsPasswordResetEmails;

    /**
     * Get the response for a failed password reset link.
     *
     * @param \Illuminate\Http\Request
     * @param string $response
     * @return \Illuminate\Http\JsonResponse
     */
    protected function sendResetLinkFailedResponse(Request $request, $response): JsonResponse
    {
        // As noted in #358 we will return success even if it failed
        // to avoid pointing out that an account does or does not
        // exist on the system.
        event(new FailedPasswordReset($request->ip(), $request->input('email')));

        return $this->sendResetLinkResponse($request, Password::RESET_LINK_SENT);
    }

    /**
     * Get the response for a successful password reset link.
     *
     * @param \Illuminate\Http\Request $request
     * @param string $response
     * @return \Illuminate\Http\JsonResponse
     */
    protected function sendResetLinkResponse(Request $request, $response): JsonResponse
    {
        return response()->json([
            'status' => trans($response),
        ]);
    }
}
Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 21:09:00 +00:00			`<?php`

			`namespace Pterodactyl\Http\Controllers\Auth;`

:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`use Illuminate\Http\Request;`
Cleanup login/reset functionality, address security issue with 2FA pathways 2018-04-07 21:17:51 +00:00			`use Illuminate\Http\JsonResponse;`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`use Illuminate\Support\Facades\Password;`
Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 21:09:00 +00:00			`use Pterodactyl\Http\Controllers\Controller;`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`use Pterodactyl\Events\Auth\FailedPasswordReset;`
Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 21:09:00 +00:00			`use Illuminate\Foundation\Auth\SendsPasswordResetEmails;`

			`class ForgotPasswordController extends Controller`
			`{`
			`use SendsPasswordResetEmails;`

:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`/**`
			`* Get the response for a failed password reset link.`
			`*`
Format files 2019-09-06 04:32:57 +00:00			`* @param \Illuminate\Http\Request`
Massive PHPCS linting 2017-08-22 03:10:48 +00:00			`* @param string $response`
Cleanup login/reset functionality, address security issue with 2FA pathways 2018-04-07 21:17:51 +00:00			`* @return \Illuminate\Http\JsonResponse`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`*/`
Cleanup login/reset functionality, address security issue with 2FA pathways 2018-04-07 21:17:51 +00:00			`protected function sendResetLinkFailedResponse(Request $request, $response): JsonResponse`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`{`
			`// As noted in #358 we will return success even if it failed`
			`// to avoid pointing out that an account does or does not`
			`// exist on the system.`
Push updates to login page, mostly UI enhancements. 2017-11-18 21:09:58 +00:00			`event(new FailedPasswordReset($request->ip(), $request->input('email')));`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00
Initial update 2018-11-26 00:25:18 +00:00			`return $this->sendResetLinkResponse($request, Password::RESET_LINK_SENT);`
:lock: Don't disclose if account exists when resetting passwords, closes #358 2017-03-30 21:44:20 +00:00			`}`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00
			`/**`
			`* Get the response for a successful password reset link.`
			`*`
Show success message to the user 2019-06-12 06:19:43 +00:00			`* @param \Illuminate\Http\Request $request`
Format files 2019-09-06 04:32:57 +00:00			`* @param string $response`
Cleanup login/reset functionality, address security issue with 2FA pathways 2018-04-07 21:17:51 +00:00			`* @return \Illuminate\Http\JsonResponse`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`*/`
Show success message to the user 2019-06-12 06:19:43 +00:00			`protected function sendResetLinkResponse(Request $request, $response): JsonResponse`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`{`
			`return response()->json([`
			`'status' => trans($response),`
			`]);`
			`}`
Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 21:09:00 +00:00			`}`