PHPackages desmart/password-reset - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. desmart/password-reset ActiveLibrary[Authentication & Authorization](/categories/authentication) desmart/password-reset ====================== Password reset mechanism for Laravel. Designed for https://github.com/DeSmart/laravel-vanilla. 1.0.1(8y ago)21.2k[1 issues](https://github.com/DeSmart/password-reset/issues)MITPHPPHP >=7.0.0 Since Jan 28Pushed 8y ago4 watchersCompare [ Source](https://github.com/DeSmart/password-reset)[ Packagist](https://packagist.org/packages/desmart/password-reset)[ RSS](/packages/desmart-password-reset/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (3)Versions (4)Used By (0) Laravel Password Reset ====================== [](#laravel-password-reset) Password reset mechanism for Laravel. The package provides endpoints and logic for a simple and easy way to allow your app's users reset their passwords. --- ### Installation [](#installation) Install package using Composer: ``` composer require desmart/password-reset ``` Register the package's service provider in `config/app.php`: ``` 'providers' => [ (...) DeSmart\PasswordReset\ServiceProvider::class, ], ``` Run the Artisan's `vendor:publish` command: ``` php artisan vendor:publish ``` This will copy the `password-reset.php` config file and the `password_reset_init.blade.php` email template into proper directories, allowing you the tweak them. Run DB migrations: ``` php artisan migrate ``` The provided migration will drop the current `password_resets` table (if present) and create a new one. --- ### Configuration [](#configuration) In order for the package to send emails to users, Laravel's mailer has to be configured. In order to do this, fill out these values in the `.env` file: ``` MAIL_DRIVER= # e.g. smtp MAIL_HOST= # e.g. smtp.gmail.com MAIL_PORT= # e.g. 587 MAIL_USERNAME= # e.g. mailer@foobar.com MAIL_PASSWORD= MAIL_ENCRYPTION= # e.g. tls MAIL_FROM_EMAIL= # e.g. mailer@foobar.com MAIL_FROM_NAME= # MyCompany ``` You have to make some changes in `config/mail.php` (as the file has some hardcoded defaults): ``` 'from' => [ 'address' => env('MAIL_FROM_EMAIL', 'hello@example.com'), 'name' => env('MAIL_FROM_NAME', 'Example'), ], ``` That's it, we're ready to go :) --- ### Usage [](#usage) The package provides three routes for handling password resets: - `POST /api/users/password-reset` - `GET /api/users/password-reset` - `PUT /api/users/password-reset` As you can see, the URI is the same for all requests - only the verbs are different. Let's go briefly through these routes. #### Initiate password reset [](#initiate-password-reset) Sending a `POST` request will do the following: - create a password reset token for the user - send an email, to the user, with a password reset link An exception will be thrown if the user does not exist. Fields required for this operation: - `email` #### Verify token [](#verify-token) *This route is optional but you may want to use it in order to make sure that the user's ID and password reset token are both valid.* Sending a `GET` request will do the following: - check if the given user's ID and password reset token are both valid An exception will be thrown if: - user does not exist - token is not valid Fields required for this operation: - `user_id` - `token` #### Set new password [](#set-new-password) Sending a `PUT` request will do the following: - set a new password for the user (using Laravel's password hasher) - remove the password reset token, so it can't be used again An exception will be thrown if: - user does not exist - token is not valid - password is too short (min. 6 characters) - password confirmation does not match password Fields required for this operation: - `user_id` - `token` - `password` - `password_confirmation` --- ### Custom behaviour [](#custom-behaviour) You can change nearly everything to suit your needs. The package assumes you use the default User model. If you want to use a custom model - change in the `password-reset.php` config file. The same file holds the info about the Password Reset model used and the password reset link pattern, sent in the email to the user. Should you need to change the validators or handlers - you can always write your **custom service provider** that binds your classes to appropriate interfaces. Don't like the routes provided by the package? Create your own service provider, remove the route loading section and define your own routes. Change what you want :) --- ### Notice [](#notice) The package has no unit tests, sorry :( If you can provide any tests - that would be great. ### Health Score 27 — LowBetter than 49% of packages Maintenance10 Infrequent updates — may be unmaintained Popularity17 Limited adoption so far Community8 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~72 days Total 3 Last Release 3249d ago Major Versions 0.1.0 → 1.0.02017-02-14 ### Community Maintainers ![](https://www.gravatar.com/avatar/92bc27fc8f1cba837cef419eee0fae358f52c804cd5450cf994f9095fa387a5c?d=identicon)[DeSmart](/maintainers/DeSmart) --- Top Contributors [![fojuth](https://avatars.githubusercontent.com/u/2622146?v=4)](https://github.com/fojuth "fojuth (2 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/desmart-password-reset/health.svg) ``` [![Health](https://phpackages.com/badges/desmart-password-reset/health.svg)](https://phpackages.com/packages/desmart-password-reset) ``` ### Alternatives [lab404/laravel-impersonate Laravel Impersonate is a plugin that allows to you to authenticate as your users. 2.3k16.4M48](/packages/lab404-laravel-impersonate)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[overtrue/laravel-follow User follow unfollow system for Laravel. 1.2k404.7k5](/packages/overtrue-laravel-follow)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)