Replies: 1 comment 3 replies
-
You are currently using the tokens filter, which requires the Authorization value to be present in the request header for processing. This is why, when using I recommend referring to implementation number #639 for guidance and using it as a reference to properly implement the password change page. |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I am fairly new to ci4 and very new to shield.
I am creating a routine to update the users password, but first I would like to have them enter their old password. I am doing this with:
$check = auth()->check(['password'=>$oldPassword]); var_dump($check);
which returns:
I get this same response whether I use the correct old password or an incorrect old password.
I am submitting the old password, new password, and new re-password via post along with 'Authorization': 'Bearer ' in the header. I pass the request through a token filter in my Config\Routes:
$routes->post("updatePassword", "Home::updatePassword", ['filter' => 'tokens']);
I have checked this filter by not passing the token in the header is it gives me invalid token errors.
Why does auth()->check() require an Authorization header? How to I pass an Authorization header from within my own controller? (probably also explains why I am having trouble with auth()->logout() too!)
Any help would be appreciated!
EDIT:
I am passing the password via javascript:
Beta Was this translation helpful? Give feedback.
All reactions