This is just a security advice... On a "forgot password" form, never show a message like "cant find a user with that email address"... That is a way to hackers know if you are a user on that page... Always show a positive message like "We sent a recover link to your email", it doesnt matter if the email/user was found or not. Thanks for the video and sorry for the advice
@@PenguinDigital I have seen a lot of pages doing this. It should be common knowledge that you shouldnt do this. Sorry for writing this under a video of you, but I just wanted to alert the people that are doing this, that it might be a big problem doing it this way.
No problem Johnny I agree with what you're saying, it's not something I would have implemented myself if I was coding the library from scratch. I can't see the vast majority of people changing the message so it will be down to getting a PR pulled in to the framework to have the maximum impact
@@PenguinDigital the thing is that you actually have a thankless job on the youtube world. There is a lot of knowledge behind a good tutorial and measured against the views, you often don't achieve that much with it. In fact, the impact of your tutorials is very big because people don't just look through it for a moment - forget everything and don't think about it anymore. this can lead to completely new projects! but even if you(as a viewer) realize that -> mostly you don't bother to comment in the end. I work on myself here and that's why I'll do it at this point ;-) I think your way to present this - which include commandline commands that present how to get the results is very well. The fact that you delete unused content in order to re-implement it just a video later has a clear value because the connections between the individual components become so much more understandable. this is really well done! thanks for that
a little confusion here. In reset-password.blade.php at 09:56 you said we gonna use 'password.reset' route here for form. And then you also said at 12:55 to use 'password.update' route for that same form. :(
Hi Rui. Yes sure, you just copy over the assets into the resources/view folder in the exact same way you would in previous versions. There is a built-in artisan command that will do that for you automatically: php artisan vendor:publish --tag=laravel-mail
Hello, after doing all of this in the reset-password view after clicking the reset password button the css , etc doesnt work. Is there a way to fix it?
I'm having a problem with when i click the reset password button it sends me to a 419 page expired link. I've done as you did in the video and set the action to route password.request but i'm not sure why this is happening. Do you have any idea? Thanks for the videos too, they're very useful.
Hi @Penquin digital, I really like the vids and the detail you are putting in! Still lot to learn for me on this side. Not 100% sure but it looks like PHP8 does not support the line: return view(view: 'auth.reset-password', ['request' => $request]); I got the error message: Cannot use positional argument after named argument. So I removed the view: naming. and changed the line to return view('auth.reset-password', ['request' => $request]);. This seems to fix the issue.
Your tutorials make Laravel human friendly. Thanks a lot, Penguin Digital.
Thank you for your kind feedback
You are doing a great job. Thanks.
This is just a security advice... On a "forgot password" form, never show a message like "cant find a user with that email address"... That is a way to hackers know if you are a user on that page... Always show a positive message like "We sent a recover link to your email", it doesnt matter if the email/user was found or not.
Thanks for the video and sorry for the advice
Hey, you are correct on what you're saying. This is the default message from laravel so it could be worth sending them a PR to change that message
@@PenguinDigital It should be known, but I also could make a PR. Thank you
Yeah I agree, probably not the most optimum default message.
@@PenguinDigital I have seen a lot of pages doing this. It should be common knowledge that you shouldnt do this. Sorry for writing this under a video of you, but I just wanted to alert the people that are doing this, that it might be a big problem doing it this way.
No problem Johnny I agree with what you're saying, it's not something I would have implemented myself if I was coding the library from scratch. I can't see the vast majority of people changing the message so it will be down to getting a PR pulled in to the framework to have the maximum impact
Great videos...Thank you sir.
Btw, can you make a video about update profile information/password with fortify?
Possibly in the future yes, I will see what time I have spare
very very nice and useful tutorials!
Thank you for the feedback
@@PenguinDigital the thing is that you actually have a thankless job on the youtube world. There is a lot of knowledge behind a good tutorial and measured against the views, you often don't achieve that much with it. In fact, the impact of your tutorials is very big because people don't just look through it for a moment - forget everything and don't think about it anymore. this can lead to completely new projects! but even if you(as a viewer) realize that -> mostly you don't bother to comment in the end. I work on myself here and that's why I'll do it at this point ;-) I think your way to present this - which include commandline commands that present how to get the results is very well. The fact that you delete unused content in order to re-implement it just a video later has a clear value because the connections between the individual components become so much more understandable. this is really well done! thanks for that
a little confusion here. In reset-password.blade.php at 09:56 you said we gonna use 'password.reset' route here for form. And then you also said at 12:55 to use 'password.update' route for that same form. :(
I guess he confused himself but it's password.update that is correct lol
Thx for making this videos.
How can I modify the email template of the reset password notification? Can I create my own template? Thanks in advance.
Hi Rui. Yes sure, you just copy over the assets into the resources/view folder in the exact same way you would in previous versions.
There is a built-in artisan command that will do that for you automatically:
php artisan vendor:publish --tag=laravel-mail
Thx for making such awesome videos 😍
will this email reset work for all users in production?
When I click on the link on the mailtrap, the link will shows to 404 not found, what might be the issue for this ??
Hello, after doing all of this in the reset-password view after clicking the reset password button the css , etc doesnt work. Is there a way to fix it?
Hi thank you so much for this vids, do some body knows why Im losing the page styles when I open the sent email?
You use jetstream?
It's not something I've used in production yet but i haven't launched any new products since jetstream came out
why after reset password i can't redirected to login page... i already following every step on this video..
tanx
awesome...love it, bro...
Thank you trik
I'm having a problem with when i click the reset password button it sends me to a 419 page expired link. I've done as you did in the video and set the action to route password.request but i'm not sure why this is happening. Do you have any idea?
Thanks for the videos too, they're very useful.
Sounds like somewhere along the way you are missing an @csrf under a form... maybe.
Hi @Penquin digital, I really like the vids and the detail you are putting in! Still lot to learn for me on this side. Not 100% sure but it looks like PHP8 does not support the line: return view(view: 'auth.reset-password', ['request' => $request]); I got the error message: Cannot use positional argument after named argument. So I removed the view: naming. and changed the line to return view('auth.reset-password', ['request' => $request]);. This seems to fix the issue.
The part "view:" after "return view(" is just a hint provided by the IDE. It's not part of the actual code.
How to change, and send parameter {{ $slot }} to layout in inbox
you skip some changes in this video so can you provide the whole code source please
please you said you used noreply@test.com as the senders address because you are in dev. mood, what about in production, what can we use?
You can use what ever you like, noreplay is a common one most companies use. Obviously the @test.com will be your own domain
Action should be {{password.email}} instead of {{password.update}} ..:)