Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/PasswordResetController.php
Show All 10 Lines | |||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
use Illuminate\Support\Str; | use Illuminate\Support\Str; | ||||
/** | /** | ||||
* Password reset API | * Password reset API | ||||
*/ | */ | ||||
class PasswordResetController extends Controller | class PasswordResetController extends Controller | ||||
{ | { | ||||
/** @var \App\VerificationCode A verification code object */ | |||||
protected $code; | |||||
/** | /** | ||||
* Sends password reset code to the user's external email | * Sends password reset code to the user's external email | ||||
* | * | ||||
* Verifies user email, sends verification email message. | * Verifies user email, sends verification email message. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request HTTP request | * @param \Illuminate\Http\Request $request HTTP request | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse JSON response | * @return \Illuminate\Http\JsonResponse JSON response | ||||
▲ Show 20 Lines • Show All 62 Lines • ▼ Show 20 Lines | public function verify(Request $request) | ||||
|| Str::upper($request->short_code) !== Str::upper($code->short_code) | || Str::upper($request->short_code) !== Str::upper($code->short_code) | ||||
) { | ) { | ||||
$errors = ['short_code' => "The code is invalid or expired."]; | $errors = ['short_code' => "The code is invalid or expired."]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
// For last-step remember the code object, so we can delete it | // For last-step remember the code object, so we can delete it | ||||
// with single SQL query (->delete()) instead of two (::destroy()) | // with single SQL query (->delete()) instead of two (::destroy()) | ||||
$this->code = $code; | $request->code = $code; | ||||
return response()->json([ | return response()->json([ | ||||
'status' => 'success', | 'status' => 'success', | ||||
// we need user's ID for e.g. password policy checks | // we need user's ID for e.g. password policy checks | ||||
'userId' => $code->user_id, | 'userId' => $code->user_id, | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Password change | * Password change | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request HTTP request | * @param \Illuminate\Http\Request $request HTTP request | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse JSON response | * @return \Illuminate\Http\JsonResponse JSON response | ||||
*/ | */ | ||||
public function reset(Request $request) | public function reset(Request $request) | ||||
{ | { | ||||
$v = $this->verify($request); | $v = $this->verify($request); | ||||
if ($v->status() !== 200) { | if ($v->status() !== 200) { | ||||
return $v; | return $v; | ||||
} | } | ||||
$user = $this->code->user; | $user = $request->code->user; | ||||
// Validate the password | // Validate the password | ||||
$v = Validator::make( | $v = Validator::make( | ||||
$request->all(), | $request->all(), | ||||
['password' => ['required', 'confirmed', new Password($user->walletOwner())]] | ['password' => ['required', 'confirmed', new Password($user->walletOwner())]] | ||||
); | ); | ||||
if ($v->fails()) { | if ($v->fails()) { | ||||
return response()->json(['status' => 'error', 'errors' => $v->errors()], 422); | return response()->json(['status' => 'error', 'errors' => $v->errors()], 422); | ||||
} | } | ||||
// Change the user password | // Change the user password | ||||
$user->setPasswordAttribute($request->password); | $user->setPasswordAttribute($request->password); | ||||
$user->save(); | $user->save(); | ||||
// Remove the verification code | // Remove the verification code | ||||
$this->code->delete(); | $request->code->delete(); | ||||
return AuthController::logonResponse($user, $request->password); | return AuthController::logonResponse($user, $request->password); | ||||
} | } | ||||
/** | /** | ||||
* Create a verification code for the current user. | * Create a verification code for the current user. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request HTTP request | * @param \Illuminate\Http\Request $request HTTP request | ||||
▲ Show 20 Lines • Show All 59 Lines • Show Last 20 Lines |