From d6640eacec9b92a4aab9708354c4af01526624c3 Mon Sep 17 00:00:00 2001 From: Lance Pioch Date: Tue, 7 Apr 2020 19:22:50 -0400 Subject: [PATCH 1/4] Require new password --- .../Requests/Api/Client/Account/UpdatePasswordRequest.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php index f52b71297..d279bd0a6 100644 --- a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php +++ b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php @@ -34,6 +34,9 @@ class UpdatePasswordRequest extends ClientApiRequest { $rules = User::getRulesForUpdate($this->user()); - return ['password' => array_merge($rules['password'], ['confirmed'])]; + return [ + 'password' => array_merge($rules['password'], ['confirmed']), + 'new_password' => 'required|string', + ]; } } From f9e6df5d71c789979f8aed3bb4d25523820e2629 Mon Sep 17 00:00:00 2001 From: Lance Pioch Date: Tue, 7 Apr 2020 19:25:11 -0400 Subject: [PATCH 2/4] Change to new password instead --- app/Http/Controllers/Api/Client/AccountController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Api/Client/AccountController.php b/app/Http/Controllers/Api/Client/AccountController.php index d956fc65b..a89806e35 100644 --- a/app/Http/Controllers/Api/Client/AccountController.php +++ b/app/Http/Controllers/Api/Client/AccountController.php @@ -78,7 +78,7 @@ class AccountController extends ClientApiController { $this->updateService->handle($request->user(), $request->validated()); - $this->sessionGuard->logoutOtherDevices($request->input('current_password')); + $this->sessionGuard->logoutOtherDevices($request->input('new_password')); return JsonResponse::create([], Response::HTTP_NO_CONTENT); } From 78e03cb9b229c02e8e757b495762bc3ad79a3ecf Mon Sep 17 00:00:00 2001 From: Lance Pioch Date: Wed, 8 Apr 2020 02:59:38 -0400 Subject: [PATCH 3/4] Update AccountController.php --- app/Http/Controllers/Api/Client/AccountController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Api/Client/AccountController.php b/app/Http/Controllers/Api/Client/AccountController.php index a89806e35..5d633c480 100644 --- a/app/Http/Controllers/Api/Client/AccountController.php +++ b/app/Http/Controllers/Api/Client/AccountController.php @@ -78,7 +78,7 @@ class AccountController extends ClientApiController { $this->updateService->handle($request->user(), $request->validated()); - $this->sessionGuard->logoutOtherDevices($request->input('new_password')); + $this->sessionGuard->logoutOtherDevices($request->input('password')); return JsonResponse::create([], Response::HTTP_NO_CONTENT); } From 53c7ec9126bd82aa98f66c5a56571de9bede28f1 Mon Sep 17 00:00:00 2001 From: Lance Pioch Date: Wed, 8 Apr 2020 03:00:03 -0400 Subject: [PATCH 4/4] Update UpdatePasswordRequest.php --- .../Requests/Api/Client/Account/UpdatePasswordRequest.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php index d279bd0a6..f52b71297 100644 --- a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php +++ b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php @@ -34,9 +34,6 @@ class UpdatePasswordRequest extends ClientApiRequest { $rules = User::getRulesForUpdate($this->user()); - return [ - 'password' => array_merge($rules['password'], ['confirmed']), - 'new_password' => 'required|string', - ]; + return ['password' => array_merge($rules['password'], ['confirmed'])]; } }