[5.2] expose token methods to user in password broker

[browner12]

this PR references internals issue 12. please read my initial comment on that page for my reason behind submitting this PR.

by giving the user access to the token repository, they now have full control over resetting passwords. the user is given free reign over validating the input, sending emails, and other things they would like to do.

here is how i would use it in a controller or service class.

class PasswordService
{
    public function __construct(\Illuminate\Contracts\Auth\PasswordBroker $broker)
    {
        $this->broker = $broker;
    }

    public function request(array $input)
    {
            //retrieve user
            $user = $this->broker->getUser($input);

            //no user found with email
            if (is_null($user)) {
                throw new Exception('User not found.');
            }

            //get token
            $token = $this->broker->generateToken($user);

            //send email
        }
    }

    public function reset(array $input)
    {
            //retrieve user
            $user = $this->broker->getUser($input);

            //no user found with email
            if (is_null($user)) {
                throw new Exception('User not found.');
            }

            //reset password
            if($this->broker->validateToken($user, $input['token'])){

                $user->password = bcrypt($password);
                $user->save();

                $this->broker->deleteToken($input['token'];
            } 

            throw new Exception('token was invalid');
    }
}

[taylorotwell]

Can all this be done by calling ->getRepository() and then calling whatever methods you want? You're just wanting these methods for convenience?

[browner12]

i guess technically yes. this makes the code feel a little more descriptive and easy to follow to me, and hopefully others as well.

thanks.

[tillkruss]

Thanks!