4 files changed, 98 insertions, 13 deletions
diff --git a/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php b/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php
new file mode 100644
index 0000000..049dfc4
--- /dev/null
+++ b/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: camilstaps
+ * Date: 24-5-15
+ * Time: 13:10
+ */
+
+namespace CamilStaps\BotleaguesApi;
+
+use CamilStaps\BotleaguesApi\Database\PasswordReminder;
+use CamilStaps\BotleaguesApi\Database\User;
+use Dingo\Api\Auth\Provider\Provider;
+use Dingo\Api\Routing\Route;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
+
+class ActivationCodeAuthenticationProvider implements Provider {
+
+    /**
+     * Authenticate the request and return the authenticated user instance.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Dingo\Api\Routing\Route $route
+     *
+     * @throw UnauthorizedHttpException invalid authentication
+     *
+     * @return mixed
+     */
+    public function authenticate(Request $request, Route $route) {
+        $user = User::findOrFail($request->route('user'));
+        $passwordReminder = PasswordReminder::find($request->route('password_reminder'));
+
+        if (!empty($user) && !empty($passwordReminder) && $passwordReminder->userId == $user->id) {
+            $passwordReminder->useToken();
+            Auth::login($user);
+            return Auth::user();
+        }
+
+        throw new UnauthorizedHttpException(null, "Invalid credentials");
+    }
+
+    /**
+     * Get the providers authorization method.
+     *
+     * @return string
+     */
+    public function getAuthorizationMethod() {
+        return 'activationcode';
+    }
+}
+\ No newline at end of file
diff --git a/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php b/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php
index 65c4773..012d140 100644
--- a/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php
+++ b/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php
@@ -8,6 +8,7 @@
 
 namespace CamilStaps\BotleaguesApi\Database;
 
+use Illuminate\Events\Dispatcher;
 use Illuminate\Support\Facades\Mail;
 
 class PasswordReminder extends Model {
@@ -15,24 +16,35 @@ class PasswordReminder extends Model {
     protected $table = 'password_reminders';
     protected $hidden = ['token'];
     protected $fillable = ['userId', 'token', 'valid_till'];
+    protected $primaryKey = 'token';
 
-    /**
-     * Override the parent's save() function to automatically update the valid_till timestamp, and send an email
-     */
-    public function save(array $options = array()) {
-        $this->valid_till = date("Y-m-d H:i:s", time() + 3600);
+    public static function boot() {
+        parent::boot();
 
-        $user = User::findOrFail($this->userId);
-        Mail::send('botleagues-api::emails.auth.reminder', ['token' => $this->token], function($message) use ($user) {
-            $message->to($user->email, "User " . $user->id);
+        PasswordReminder::creating(function($passwordReminder) {
+            $passwordReminder->valid_till = date("Y-m-d H:i:s", time() + 3600);
+
+            $user = User::findOrFail($passwordReminder->userId);
+            Mail::send('botleagues-api::emails.auth.reminder', ['token' => $passwordReminder->token], function($message) use ($user) {
+                $message->to($user->email, "User " . $user->id);
+            });
         });
+    }
+
+    public function useToken() {
+        $this->used_at = date('Y-m-d H:i:s');
+        $this->save();
+    }
 
-        return parent::save($options);
+    public function getDates() {
+        return ['created_at'];
     }
 
-    /**
-     * Disable updated_at timestamp
-     */
-    public function setUpdatedAtAttribute($value) {}
+    public function getUpdatedAtColumn() {
+        return null;
+    }
+
+    public function setUpdatedAtAttribute() {
+    }
 
 }
 \ No newline at end of file
diff --git a/src/CamilStaps/BotleaguesApi/Database/User.php b/src/CamilStaps/BotleaguesApi/Database/User.php
index 0af91c3..e74bd82 100644
--- a/src/CamilStaps/BotleaguesApi/Database/User.php
+++ b/src/CamilStaps/BotleaguesApi/Database/User.php
@@ -5,6 +5,7 @@ use Illuminate\Auth\Authenticatable;
 use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
+use Illuminate\Support\Facades\Hash;
 
 class User extends Model implements AuthenticatableContract, CanResetPasswordContract {
 
@@ -22,6 +23,18 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return UserToken::where('userId', $this->id)->where('token', $token)->where('valid_till', '>', date("Y-m-d H:i:s"))->count() > 0;
     }
 
+    public function findPasswordReminders($token = null) {
+        $base = PasswordReminder
+            ::where('userId', $this->id)
+            ->where('used_at', null)
+            ->where('valid_till', '>', date('Y-m-d H:i:s'));
+        if ($token == null) {
+            return $base->get();
+        } else {
+            return $base->where('token', $token)->get();
+        }
+    }
+
     /**
      * Get the unique identifier for the user.
      *
@@ -76,4 +89,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     public function getEmailForPasswordReset() {
         return $this->email;
     }
+
+    public function setPasswordAttribute($password) {
+        $this->attributes['password'] = Hash::make($password);
+    }
 }
 \ No newline at end of file
diff --git a/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php
index 3d15262..c973174 100644
--- a/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php
+++ b/src/CamilStaps/BotleaguesApi/TokenAuthenticationProvider.php
@@ -8,6 +8,7 @@
 
 namespace CamilStaps\BotleaguesApi;
 
+use CamilStaps\BotleaguesApi\Database\User;
 use Dingo\Api\Auth\Provider\Provider;
 use Dingo\Api\Routing\Route;
 use Illuminate\Http\Request;
@@ -22,6 +23,8 @@ class TokenAuthenticationProvider implements Provider {
      * @param \Illuminate\Http\Request $request
      * @param \Dingo\Api\Routing\Route $route
      *
+     * @throw UnauthorizedHttpException invalid authentication
+     *
      * @return mixed
      */
     public function authenticate(Request $request, Route $route) {