No password in Customer Add page in Admin Panel
-
There is not field for adding password in Customer/add page. But a password is inserting in database. What is the password that is generating?
-
Passwords are random bcrypt hash strings
$password = bcrypt(rand(100000,10000000));Open packages\Webkul\Admin\src\Http\Controllers\Customer\CustomerController.php
and inside the store function you will find the code from above
/** * Store a newly created resource in storage. * * @return \Illuminate\Http\Response */ public function store() { $this->validate(request(), [ 'channel_id' => 'required', 'first_name' => 'string|required', 'last_name' => 'string|required', 'gender' => 'required', 'email' => 'required|unique:customers,email', 'date_of_birth' => 'date|before:today' ]); $data = request()->all(); $password = bcrypt(rand(100000,10000000)); $data['password'] = $password; $data['is_verified'] = 1; $this->customer->create($data); session()->flash('success', trans('admin::app.response.create-success', ['name' => 'Customer'])); return redirect()->route($this->_config['redirect']); }
-
This implementation does not seem correct. It seems to rely on that the pwd will be communicated via email.
Better way in my opinion should be to have a default password created and same to be know to the Admin who is creating a user. When a customer is logging first time, then he/she can be prompted to change the pwd.
