Fortify Version
1.36.1
Laravel Version
12.54.1
PHP Version
8.5.3
Database Driver & Version
No response
Description
I found a PR (#562) that takes into account the lowercase_usernames configuration when requesting a password reset link, but the configuration is not taken into account when actually trying to reset the password.
It seems the NewPasswordController class needs updating to respect the lowercase_usernames configuration before validating the email address:
|
$request->validate([ |
|
'token' => 'required', |
|
Fortify::email() => 'required|email', |
|
'password' => 'required', |
|
]); |
Will create a PR later today unless someone else beats me to it.
Steps To Reproduce
- Generate a reset link for a user with an email, i.e.
john.doe@example.com
- Follow reset link to go to reset password page
- Enter email with different casing, i.e.
John.Doe@example.com
- Receive error message saying "We can't find a user with that email address."
Fortify Version
1.36.1
Laravel Version
12.54.1
PHP Version
8.5.3
Database Driver & Version
No response
Description
I found a PR (#562) that takes into account the
lowercase_usernamesconfiguration when requesting a password reset link, but the configuration is not taken into account when actually trying to reset the password.It seems the
NewPasswordControllerclass needs updating to respect thelowercase_usernamesconfiguration before validating the email address:fortify/src/Http/Controllers/NewPasswordController.php
Lines 57 to 61 in a50c004
Will create a PR later today unless someone else beats me to it.
Steps To Reproduce
john.doe@example.comJohn.Doe@example.com