> ## Documentation Index
> Fetch the complete documentation index at: https://docs.larafast.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Forgot Password

> Learn about the password reset link logic implemented in the Larafast API Boilerplate.

## Password Reset Link

This document describes the password reset link logic implemented in the Larafast API Boilerplate. The logic is primarily handled by the `PasswordResetLinkController` class.

## Password Reset Link Request Validation

The first step in the password reset link process is validating the incoming request data. This is done using the `PasswordResetLinkRequest` class, which extends Laravel's `FormRequest` class. Currently, there are no validation rules specified in this class.

```php theme={null}
class PasswordResetLinkRequest extends FormRequest
{
    public function rules(): array
    {
        return [
            'email' => ['required', 'email'],
        ];
    }
}
```

## Password Reset Link Generation

The `store` method in the `PasswordResetLinkController` class handles the generation of the password reset link. It uses Laravel's `Password` facade to send a password reset link to the email address provided in the request.

If the password reset link cannot be sent, a `ValidationException` is thrown with a message indicating the reason.

```php theme={null}
public function store(PasswordResetLinkRequest $request): JsonResponse
{
    $status = Password::sendResetLink(
        $request->only('email')
    );

    if ($status !== Password::RESET_LINK_SENT) {
        throw ValidationException::withMessages([
            'email' => [__($status)],
        ]);
    }

    return response()->success(['status' => __($status)]);
}
```

## Routes

The route for password reset link generation is defined in the `routes/auth.php` file. The route uses the `PasswordResetLinkController` class and the `store` method.

```php theme={null}
Route::post('/forgot-password', [PasswordResetLinkController::class, 'store'])
    ->middleware('guest')
    ->name('password.email');
```

This concludes the overview of the password reset link logic in the application.

# New Password Logic

This document describes the new password logic implemented in the PHP Laravel application. The logic is primarily handled by the `NewPasswordController` class.

## New Password Request Validation

The first step in the new password process is validating the incoming request data. This is done using the `NewPasswordRequest` class, which extends Laravel's `FormRequest` class. The `rules` method of this class specifies that the `token`, `email`, and `password` fields are required.

```php theme={null}
class NewPasswordRequest extends FormRequest
{
    public function rules(): array
    {
        return [
            'token' => ['required'],
            'email' => ['required', 'email'],
            'password' => ['required', Password::defaults()],
        ];
    }
}
```

## Password Reset

The `store` method in the `NewPasswordController` class handles the password reset. It uses Laravel's `Password` facade to reset the user's password. If the password reset is successful, the user's password is updated in the database and a `PasswordReset` event is dispatched.

If the password reset is not successful, a `ValidationException` is thrown with a message indicating the reason.

```php theme={null}
public function store(NewPasswordRequest $request): JsonResponse
{
    $status = Password::reset(
        $request->only('email', 'password', 'password_confirmation', 'token'),
        function ($user) use ($request) {
            $user->forceFill([
                'password' => Hash::make($request->password),
                'remember_token' => Str::random(60),
            ])->save();

            event(new PasswordReset($user));
        }
    );

    if ($status !== Password::PASSWORD_RESET) {
        throw ValidationException::withMessages([
            'email' => [__($status)],
        ]);
    }

    return response()->success(['status' => __($status)]);
}
```

## Routes

The route for password reset is defined in the `routes/auth.php` file. The route uses the `NewPasswordController` class and the `store` method.

```php theme={null}
Route::post('/reset-password', [NewPasswordController::class, 'store'])
    ->middleware('guest')
    ->name('password.store');
```

This concludes the overview of the new password logic in the application.
