tracer/speedBB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add avatars, profiles, and auth flows

Browse Source
This commit is contained in:
Micha
2026-01-12 23:40:11 +01:00
parent bbbf8eb6c1
commit 3bb2946656
30 changed files with 691 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
app/Http/Controllers/AuthController.php
View File

@@ -3,14 +3,22 @@
namespace App\Http\Controllers;
use App\Actions\Fortify\CreateNewUser;
use App\Actions\Fortify\PasswordValidationRules;
use App\Models\User;
use Illuminate\Auth\Events\Verified;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
class AuthController extends Controller
{
use PasswordValidationRules;
public function register(Request $request, CreateNewUser $creator): JsonResponse
{
$input = [
@@ -33,16 +41,30 @@ class AuthController extends Controller
public function login(Request $request): JsonResponse
{
$request->merge([
'login' => $request->input('login', $request->input('email')),
]);
$request->validate([
'email' => ['required', 'email'],
'login' => ['required', 'string'],
'password' => ['required', 'string'],
]);
$user = User::where('email', $request->input('email'))->first();
$login = trim((string) $request->input('login'));
$loginNormalized = Str::lower($login);
$userQuery = User::query();
if (filter_var($login, FILTER_VALIDATE_EMAIL)) {
$userQuery->whereRaw('lower(email) = ?', [$loginNormalized]);
} else {
$userQuery->where('name_canonical', $loginNormalized);
}
$user = $userQuery->first();
if (!$user || !Hash::check($request->input('password'), $user->password)) {
throw ValidationException::withMessages([
'email' => ['Invalid credentials.'],
'login' => ['Invalid credentials.'],
]);
}
@@ -62,6 +84,93 @@ class AuthController extends Controller
]);
}
public function verifyEmail(Request $request, string $id, string $hash): RedirectResponse
{
$user = User::findOrFail($id);
if (!hash_equals($hash, sha1($user->getEmailForVerification()))) {
abort(403);
}
if (!$user->hasVerifiedEmail()) {
$user->markEmailAsVerified();
event(new Verified($user));
}
return redirect('/login');
}
public function forgotPassword(Request $request): JsonResponse
{
$request->validate([
'email' => ['required', 'email'],
]);
$status = Password::sendResetLink(
$request->only('email')
);
if ($status !== Password::RESET_LINK_SENT) {
throw ValidationException::withMessages([
'email' => [__($status)],
]);
}
return response()->json(['message' => __($status)]);
}
public function resetPassword(Request $request): JsonResponse
{
$request->validate([
'token' => ['required'],
'email' => ['required', 'email'],
'password' => $this->passwordRules(),
]);
$status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'),
function (User $user, string $password) {
$user->forceFill([
'password' => Hash::make($password),
'remember_token' => Str::random(60),
])->save();
event(new PasswordReset($user));
}
);
if ($status !== Password::PASSWORD_RESET) {
throw ValidationException::withMessages([
'email' => [__($status)],
]);
}
return response()->json(['message' => __($status)]);
}
public function updatePassword(Request $request): JsonResponse
{
$request->validate([
'current_password' => ['required'],
'password' => $this->passwordRules(),
]);
$user = $request->user();
if (!$user || !Hash::check($request->input('current_password'), $user->password)) {
throw ValidationException::withMessages([
'current_password' => ['Invalid current password.'],
]);
}
$user->forceFill([
'password' => Hash::make($request->input('password')),
'remember_token' => Str::random(60),
])->save();
return response()->json(['message' => 'Password updated.']);
}
public function logout(Request $request): JsonResponse
{
$request->user()?->currentAccessToken()?->delete();