Add abilitly for admin to manually set password for users

2025-10-28 11:35:30 -05:00 · 2025-10-28 11:35:30 -05:00 · 10a4d1a140
parent 2dfb745861
commit 10a4d1a140
3 changed files with 39 additions and 1 deletions
--- a/app/Http/Controllers/Admin/UserController.php
+++ b/app/Http/Controllers/Admin/UserController.php
@ -15,9 +15,12 @@ use App\Models\AuditLogEntry;
 use App\Models\School;
 use App\Models\User;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Str;

+use function auditionLog;
+
 class UserController extends Controller
 {
    public function index()
@ -31,7 +34,8 @@ class UserController extends Controller
    {

        $schools = School::orderBy('name')->get();
-        $logEntries = AuditLogEntry::whereJsonContains('affected->users', $user->id)->orderBy('created_at', 'desc')->get();
+        $logEntries = AuditLogEntry::whereJsonContains('affected->users', $user->id)->orderBy('created_at',
+            'desc')->get();
        $userActions = AuditLogEntry::where('user', $user->email)->orderBy('created_at', 'desc')->get();

        return view('admin.users.edit', compact('user', 'schools', 'logEntries', 'userActions'));
@ -122,4 +126,22 @@ class UserController extends Controller

        return redirect()->route('admin.users.index')->with('success', 'User deleted successfully');
    }
+
+    public function setPassword(User $user, Request $request)
+    {
+        $validated = $request->validate([
+            'admin_password' => ['required', 'string', 'current_password:web'],
+            'new_password' => ['required', 'string', 'confirmed', 'min:8'],
+        ]);
+        $user->forceFill([
+            'password' => Hash::make($validated['new_password']),
+        ])->save();
+
+        auditionLog('Manually set password for '.$user->email, [
+            'users' => [$user->id],
+        ]);
+
+        return redirect()->route('admin.users.index')->with('success',
+            'Password changed successfully for '.$user->email);
+    }
 }
--- a/resources/views/admin/users/edit.blade.php
+++ b/resources/views/admin/users/edit.blade.php
@ -54,6 +54,21 @@
        </x-form.form>
    </x-card.card>

+    <x-card.card class="max-w-lg mx-auto mt-5" x-data="{ showPasswordForm: false}">
+        <x-card.heading @click="showPasswordForm = !showPasswordForm">
+            Manually Set Password
+        </x-card.heading>
+        <div class="mb-5 mt-3" x-cloak x-show="showPasswordForm">
+            <x-form.form method="POST" action="{{ route('admin.users.setPassword', $user) }}">
+                <x-form.field name="admin_password" label_text="YOUR password" type="password"/>
+                <x-form.field name="new_password" label_text="New password for {{ $user->email }}" type="password"/>
+                <x-form.field name="new_password_confirmation" label_text="Confirm new password for {{ $user->email }}"
+                              type="password"/>
+                <x-form.button class="mt-3">Update Password</x-form.button>
+            </x-form.form>
+        </div>
+    </x-card.card>
+
    <x-card.card class="mt-5">
        <x-card.heading>User Actions</x-card.heading>
        <x-table.table>
--- a/routes/admin.php
+++ b/routes/admin.php
@ -191,6 +191,7 @@ Route::middleware(['auth', 'verified', CheckIfAdmin::class])->prefix('admin/')->
        Route::get('/{user}/edit', 'edit')->name('admin.users.edit');
        Route::patch('/{user}', 'update')->name('admin.users.update');
        Route::delete('/{user}', 'destroy')->name('admin.users.destroy');
+        Route::post('/{user}/set_password', 'setPassword')->name('admin.users.setPassword');
    });

    // Admin Card Routes