Remove new password validation from broker

These changes remove all hardcoded valdation from the PasswordBroker. The reason for this is because this is a hardcoded constraint in validation and thus limits people from building password reset forms with their specific flow. The validation is already done within the ResetsPassword trait and is only duplicated in the Broker. The Broker also seems like the wrong place to do this as it only facilitates the retrieval of the user and the token validation (which is still the correct place for these two). This also allows us to remove the https://github.com/laravel/laravel/blob/develop/resources/lang/en/passwords.php#L16 language line. See laravel/framework#25957 (comment)
illuminate · Aug 9, 2019 · 7c06627 · 7c06627
1 parent 1ddcfb5
commit 7c06627
Showing 1 changed file with 0 additions and 23 deletions.
diff --git a/Auth/PasswordBroker.php b/Auth/PasswordBroker.php
@@ -27,13 +27,6 @@ interface PasswordBroker
      */
     const INVALID_USER = 'passwords.user';
 
-    /**
-     * Constant representing an invalid password.
-     *
-     * @var string
-     */
-    const INVALID_PASSWORD = 'passwords.password';
-
     /**
      * Constant representing an invalid token.
      *
@@ -57,20 +50,4 @@ public function sendResetLink(array $credentials);
      * @return mixed
      */
     public function reset(array $credentials, Closure $callback);
-
-    /**
-     * Set a custom password validator.
-     *
-     * @param  \Closure  $callback
-     * @return void
-     */
-    public function validator(Closure $callback);
-
-    /**
-     * Determine if the passwords match for the request.
-     *
-     * @param  array  $credentials
-     * @return bool
-     */
-    public function validateNewPassword(array $credentials);
 }