Skip to content

Commit

Permalink
[5.4] Fix bug with delete reset token (#18045)
Browse files Browse the repository at this point in the history
In commit c454c87, reset token will be hashed first before saving to the database. So it is not possible to delete the entry based on the public token sent to the user. Similar issue: #17524
  • Loading branch information
Omranic authored and taylorotwell committed Feb 21, 2017
1 parent d48e91a commit 5ffe7f2
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions src/Illuminate/Auth/Passwords/PasswordBroker.php
Original file line number Diff line number Diff line change
Expand Up @@ -208,14 +208,14 @@ public function createToken(CanResetPasswordContract $user)
}

/**
* Delete the given password reset token.
* Delete password reset tokens of the given user.
*
* @param string $token
* @param \Illuminate\Contracts\Auth\CanResetPassword $user
* @return void
*/
public function deleteToken($token)
public function deleteToken(CanResetPasswordContract $user)
{
$this->tokens->delete($token);
$this->tokens->delete($user);
}

/**
Expand Down

0 comments on commit 5ffe7f2

Please sign in to comment.