DEV Community 👩‍💻👨‍💻

Cover image for Laravel 7 - Forgot Password APIs using inbuilt Laravel methods
Chandresh Singh
Chandresh Singh

Posted on

Laravel 7 - Forgot Password APIs using inbuilt Laravel methods

Want to build forgot password APIs really fast?

Let me show you how to use the inbuilt Laravel methods and notification template to build forgot password APIs.

If you would like to watch the in depth tutorial then you watch the tutorial here, where I explain each and everything used in code:

Let’s Start!

Create a new controller using command

php artisan make:controller ForgotPasswordController

Open it and write a new function forgot just like this:

    public function forgot() {
        $credentials = request()->validate(['email' => 'required|email']);


        return response()->json(["msg" => 'Reset password link sent on your email id.']);

Don't forget to add use Illuminate\Support\Facades\Password; at the top.

Register route in api.php file.

Route::post('password/email', 'ForgotPasswordController@forgot');

Now, sendResetLink function will send a reset password link with email and token in url. To make it use our route link. Create a route with route name 'password.reset'. You can either return a view directly from here or you can even redirect it to a frontend page url with parameters.

As an example, here is a very basic form at resources/views/auth/reset_password.blade.php file which you can use.

<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <title>Laravel Starter</title>

    <!-- Fonts -->
    <link href=",600" rel="stylesheet">

    <!-- Styles -->
        html, body {
            background-color: #f1f1f1;
            color: #636b6f;
            font-family: 'Nunito', sans-serif;
            font-weight: 200;
            height: 100vh;
            margin: 0;
        .full-height {
            height: 100vh;
        .flex-center {
            align-items: center;
            display: flex;
            justify-content: center;
        .position-ref {
            position: relative;
        input {
            padding: 10pt;
            width: 60%;
            font-size: 15pt;
            border-radius: 5pt;
            border: 1px solid lightgray;
            margin: 10pt;
        .form-container {
            display: flex;
            flex-direction: column;
            width: 60%;
            align-items: center;
            margin: 20pt;
            border: 1px solid lightgray;
            padding: 20pt;
            border-radius: 5pt;
            background: white;
        button {
            border-radius: 5pt;
            padding: 10pt 14pt;
            background: white;
            border: 1px solid gray;
            font-size: 14pt;
            margin: 20pt;
        button:hover {
            background: lightgray;
<div class="flex-center position-ref full-height">
    <form class="form-container" action="api/password/reset" method="POST">
        <h2>Forgot Password?</h2>

        <input name="email" placeholder="Enter email" value="{{request()->get('email')}}">
        <input name="password" placeholder="Enter new password">
        <input name="password_confirmation" placeholder="Confirm new password">
        <input hidden name="token" placeholder="token" value="{{request()->get('token')}}">

        <button type="submit">Submit</button>

Register the route in routes/web.php file

Route::view('forgot_password', 'auth.reset_password')->name('password.reset');

Now, Let's write the function which will finally reset the password. For that create a new reset function inside ForgotPasswordController.

    public function reset() {
        $credentials = request()->validate([
            'email' => 'required|email',
            'token' => 'required|string',
            'password' => 'required|string|confirmed'

        $reset_password_status = Password::reset($credentials, function ($user, $password) {
            $user->password = $password;

        if ($reset_password_status == Password::INVALID_TOKEN) {
            return response()->json(["msg" => "Invalid token provided"], 400);

        return response()->json(["msg" => "Password has been successfully changed"]);

Register the route inside api.php.

Route::post('password/reset', 'ForgotPasswordController@reset');

That's it!

You can find the entire code here at

Top comments (1)

useapp profile image
Andžej Teličan

in ForgotPasswordController

$reset_password_status = Password::reset($credentials, function ($user, $password) {
$user->password = Hash::make($password);

And use Illuminate\Support\Facades\Hash;

Hacktoberfest is happening now!

It is a month-long celebration of open source. For a lot of devs, its their introduction to open source.

Check out the Hacktoberfest tag on DEV to keep up with the latest!