From 9c971e20d87f654b60d39e5f185ce5ce84a0abf8 Mon Sep 17 00:00:00 2001
From: Jason Varga <jason@pixelfear.com>
Date: Wed, 2 Dec 2020 11:56:24 -0500
Subject: [PATCH] Use the setUserPassword method from the trait ...

Closes #2795

Looks like we were overriding the entire resetPassword method because it was before a setUserPassword method was extracted in https://github.com/laravel/framework/pull/30218

Seems like that PR was created for almost the same reason.
---
 .../Controllers/ResetPasswordController.php   | 23 +++++++++++--------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/Http/Controllers/ResetPasswordController.php b/src/Http/Controllers/ResetPasswordController.php
index 16daab15ca..87fd3964c5 100644
--- a/src/Http/Controllers/ResetPasswordController.php
+++ b/src/Http/Controllers/ResetPasswordController.php
@@ -3,16 +3,16 @@
 namespace Statamic\Http\Controllers;
 
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Password;
 use Statamic\Auth\Passwords\PasswordReset;
 use Statamic\Auth\ResetsPasswords;
+use Statamic\Contracts\Auth\User;
 use Statamic\Http\Middleware\RedirectIfAuthenticated;
 
 class ResetPasswordController extends Controller
 {
-    use ResetsPasswords {
-        resetPassword as protected traitResetPassword;
-    }
+    use ResetsPasswords;
 
     public function __construct()
     {
@@ -44,14 +44,17 @@ public function redirectPath()
         return request('redirect') ?? route('statamic.site');
     }
 
-    protected function resetPassword($user, $password)
+    protected function setUserPassword($user, $password)
     {
-        // We override because the parent (trait) method hashes the password first,
-        // but the Statamic User class's password method also hashes, which would
-        // result in a double-hashed password. Also, it uses the mutator style.
-        $user->password($password);
-
-        $this->traitResetPassword($user, $password);
+        // The Statamic user class has a password method that will hash a given plain
+        // text password. If we're using the "statamic" user provider, we'll get a
+        // Statamic user. Otherwise (i.e. using the "eloquent" provider), we'd
+        // just a User model, which requires the password to be pre-hashed.
+        if ($user instanceof User) {
+            $user->password($password);
+        } else {
+            $user->password = Hash::make($password);
+        }
     }
 
     public function broker()