2 files changed, 26 insertions, 17 deletions

diff --git a/src/controllers/PasswordReminderController.php b/src/controllers/PasswordReminderController.php
index bf9d959..b3fd8da 100644
--- a/src/controllers/PasswordReminderController.php
+++ b/src/controllers/PasswordReminderController.php
@@ -9,9 +9,10 @@
 namespace CamilStaps\BotleaguesApi\Controllers;
 
 use CamilStaps\BotleaguesApi\Database\PasswordReminder;
-use CamilStaps\BotleaguesApi\Exception\ValidationException;
-use Illuminate\Support\Facades\Input;
-use Illuminate\Support\Facades\Validator;
+use CamilStaps\BotleaguesApi\Database\User;
+use Dingo\Api\Exception\StoreResourceFailedException;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Request;
 
 class PasswordReminderController extends BaseController {
 
@@ -23,25 +24,33 @@ class PasswordReminderController extends BaseController {
 
     /**
      * Set the userId and create a random token
+     * @param $userId
+     * @throws StoreResourceFailedException
+     * @return PasswordReminder
      */
-    public function store() {
-        $rules = [
-            'user_id' => ['required']
-        ];
-        $payload = Input::only('user_id');
-        $validator = Validator::make($payload, $rules);
-        if ($validator->fails()) {
-            throw new ValidationException('Could not find user.', $validator->errors());
-        }
+    public function store($userId) {
+        $user = User::findOrFail($userId);
 
-        $this->passwordReminder->userId = Input::get('user_id');
-        $this->passwordReminder->token = base64_encode(openssl_random_pseudo_bytes(64));
+        $this->passwordReminder->userId = $user->id;
+        $this->passwordReminder->token = bin2hex(openssl_random_pseudo_bytes(24));
 
         if ($this->passwordReminder->save()) {
             return $this->passwordReminder;
         } else {
-            throw new \Dingo\Api\Exception\StoreResourceFailedException;
+            throw new StoreResourceFailedException;
         }
     }
 
+    /**
+     * Destroy the password reminder means setting a new password for the user
+     * @param Request $request
+     * @param $userId
+     */
+    public function destroy($userId, $reminderToken) {
+        $user = Auth::user();
+        $user->password = Request::get('password');
+        $user->save();
+        return null;
+    }
+
 }
\ No newline at end of file
diff --git a/src/controllers/UserController.php b/src/controllers/UserController.php
index 6af3fe8..2a454ff 100644
--- a/src/controllers/UserController.php
+++ b/src/controllers/UserController.php
@@ -30,7 +30,7 @@ class UserController extends BaseController {
 		$s = $this->user->find($id);
 
 		if (!empty(Input::get('password')))
-			$s->password = Hash::make(Input::get('password'));
+			$s->password = Input::get('password');
 
 		if ($s->save()) {
 			return $this->show($id);
@@ -51,7 +51,7 @@ class UserController extends BaseController {
         }
 
 		$this->user->email = Input::get('email');
-		$this->user->password = empty(Input::get('password')) ? null : Hash::make(Input::get('password'));
+		$this->user->password = Input::get('password');
 
 		if ($this->user->save()) {
 			return $this->response->created();