Logout in-active users and dont respond to resets or logins

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -4,6 +4,8 @@ namespace App\Http\Controllers\Auth;
 
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Password;
 
 class ForgotPasswordController extends Controller
 {
@@ -19,4 +21,24 @@ class ForgotPasswordController extends Controller
     */
 
     use SendsPasswordResetEmails;
+
+	public function sendResetLinkEmail(Request $request)
+	{
+		$this->validateEmail($request);
+
+		// If the account is not active, or doesnt exist, we'll send a fake "sent" message.
+		if (! ($x=$this->broker()->getUser($this->credentials($request))) || (! $x->active))
+			return $this->sendResetLinkResponse($request, Password::RESET_LINK_SENT);
+
+		// We will send the password reset link to this user. Once we have attempted
+		// to send the link, we will examine the response then see the message we
+		// need to show to the user. Finally, we'll send out a proper response.
+		$response = $this->broker()->sendResetLink(
+			$this->credentials($request)
+		);
+
+		return $response == Password::RESET_LINK_SENT
+			? $this->sendResetLinkResponse($request, $response)
+			: $this->sendResetLinkFailedResponse($request, $response);
+	}
 }