Update Password Checking Old Password In Laravel

Changing password is an essential for every web application and software. You will see that any web application in profile section, there is a option to change password or update password.

In this tutorial we are going to make same thing. That mean in this tutorial i am going to show you how to check old password and updating a new password using laravel.

After completing this tutorial you can add change password option in your applciation. Laravel change password validation is the todays topic to learn. So let's start.

I assume that you have already implemented the login register and email verification tutorial on your end and now want to have change password feature added to the same application, then let’s get started. 


Process to change Current Password

Let me tell you the details on how you should proceed and what should be the use case while changing current password. basically first thing you will need is the active login users ID or Email so that you can find out old password (hash).

One you have old password or old password’s hash in hand then you can simply ask user to enter current password and validated it with the password that is stored in the database


Read aslo :  How to Add CKEditor with Image Upload using KCFinder in Laravel


This is actually a important step to protect user account security, so if any other person finds user account active and visits change password page then he can not modify password until and unless he know the current password. Good so far? Let's start


Step 1 : Create Controller

Now create controller 

php artisan make:controller SettingsController -r


Step 2: Create Route

we have to create a route for that. So lets make it . To do it i am using resource controller. You can use normal controller .



After doing it , we have to create our method inside SettingsController . So go to SettingsController & copy these following code .


Step 3: Create Required Method

Now visit controller and paste this following code.

namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Model\admin\admin;
use Illuminate\Support\Facades\Auth;
class SettingsController extends Controller
    public function __construct()
      $this->middleware('auth:admin'); //If user is not logged in then he can't access this page
    public function edit($id)
        $users = admin::find(Auth::user()->id);
        return view('backend.settings.updatepassword',compact('users'));
    public function update(Request $request, $id)
         $this->validate($request, [
        'oldpassword' => 'required',
        'newpassword' => 'required',
       $hashedPassword = Auth::user()->password;
       if (\Hash::check($request->oldpassword , $hashedPassword )) {
         if (!\Hash::check($request->newpassword , $hashedPassword)) {
              $users =admin::find(Auth::user()->id);
              $users->password = bcrypt($request->newpassword);
              admin::where( 'id' , Auth::user()->id)->update( array( 'password' =>  $users->password));
              session()->flash('message','password updated successfully');
              return redirect()->back();
                  session()->flash('message','new password can not be the old password!');
                  return redirect()->back();
               session()->flash('message','old password doesnt matched ');
               return redirect()->back();


Step 4: Create Blade File 

Now paste the following code to your updatepassword.blade.php file.


Hope it can help you. 


#laravel #update-password #check-old-password #change-password