Merge pull request #415 from vidhyut-pandya/develop

Bug fixes

Author: vidhyut-pandya

app/Http/Requests/Backend/Access/User/UpdateUserPasswordRequest.php

@@ -16,7 +16,7 @@ class UpdateUserPasswordRequest extends Request
      */
     public function authorize()
     {
-        return access()->allow('edit-user');
+        return true;
     }
 
     /**

app/Models/Access/User/User.php

@@ -79,18 +79,6 @@ public function getJWTIdentifier()
         return $this->getKey();
     }
 
-    /**
-     * Set password attribute.
-     *
-     * @param [string] $password
-     */
-    public function setPasswordAttribute($password)
-    {
-        if (!empty($password)) {
-            $this->attributes['password'] = bcrypt($password);
-        }
-    }
-
     /**
      * Return a key value array, containing any custom claims to be added to the JWT.
      *

app/Repositories/Backend/Access/User/UserRepository.php

@@ -177,7 +177,7 @@ public function updatePassword($user, $input)
         $user = $this->find(access()->id());
 
         if (Hash::check($input['old_password'], $user->password)) {
-            $user->password = $input['password'];
+            $user->password = Hash::make($input['password']);
 
             if ($user->save()) {
                 event(new UserPasswordChanged($user));
@@ -393,7 +393,7 @@ protected function createUserStub($input)
         $user->first_name = $input['first_name'];
         $user->last_name = $input['last_name'];
         $user->email = $input['email'];
-        $user->password = $input['password'];
+        $user->password = Hash::make($input['password']);
         $user->status = isset($input['status']) ? 1 : 0;
         $user->confirmation_code = md5(uniqid(mt_rand(), true));
         $user->confirmed = isset($input['confirmed']) ? 1 : 0;

app/Repositories/Frontend/Access/User/UserRepository.php

@@ -96,7 +96,7 @@ public function create(array $data, $provider = false)
         $user->email = $data['email'];
         $user->confirmation_code = md5(uniqid(mt_rand(), true));
         $user->status = 1;
-        $user->password = $provider ? null : $data['password'];
+        $user->password = $provider ? null : Hash::make($data['password']);
         $user->is_term_accept = $data['is_term_accept'];
 
         // If users require approval, confirmed is false regardless of account type
@@ -284,7 +284,7 @@ public function changePassword($input)
         $user = $this->find(access()->id());
 
         if (Hash::check($input['old_password'], $user->password)) {
-            $user->password = $input['password'];
+            $user->password = Hash::make($input['password']);
 
             if ($user->save()) {
                 $user->notify(new UserChangedPassword($input['password']));