diff options
Diffstat (limited to 'src')
9 files changed, 66 insertions, 49 deletions
diff --git a/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php b/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php index 049dfc4..3fe3ee0 100644 --- a/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php +++ b/src/CamilStaps/BotleaguesApi/ActivationCodeAuthenticationProvider.php @@ -31,10 +31,9 @@ class ActivationCodeAuthenticationProvider implements Provider { */ public function authenticate(Request $request, Route $route) { $user = User::findOrFail($request->route('user')); - $passwordReminder = PasswordReminder::find($request->route('password_reminder')); + $passwordReminder = PasswordReminder::findOrFail($request->route('password_reminder')); - if (!empty($user) && !empty($passwordReminder) && $passwordReminder->userId == $user->id) { - $passwordReminder->useToken(); + if (!empty($user) && !empty($passwordReminder) && $passwordReminder->userId == $user->id && $passwordReminder->isValid()) { Auth::login($user); return Auth::user(); } diff --git a/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php b/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php index 012d140..696a0a1 100644 --- a/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php +++ b/src/CamilStaps/BotleaguesApi/Database/PasswordReminder.php @@ -8,7 +8,6 @@ namespace CamilStaps\BotleaguesApi\Database; -use Illuminate\Events\Dispatcher; use Illuminate\Support\Facades\Mail; class PasswordReminder extends Model { @@ -24,7 +23,7 @@ class PasswordReminder extends Model { PasswordReminder::creating(function($passwordReminder) { $passwordReminder->valid_till = date("Y-m-d H:i:s", time() + 3600); - $user = User::findOrFail($passwordReminder->userId); + $user = User::findOrFail($passwordReminder->userEmail); Mail::send('botleagues-api::emails.auth.reminder', ['token' => $passwordReminder->token], function($message) use ($user) { $message->to($user->email, "User " . $user->id); }); @@ -36,6 +35,10 @@ class PasswordReminder extends Model { $this->save(); } + public function isValid() { + return empty($this->used_at) && strtotime($this->valid_till) > time(); + } + public function getDates() { return ['created_at']; } diff --git a/src/CamilStaps/BotleaguesApi/Database/User.php b/src/CamilStaps/BotleaguesApi/Database/User.php index e74bd82..6b0d863 100644 --- a/src/CamilStaps/BotleaguesApi/Database/User.php +++ b/src/CamilStaps/BotleaguesApi/Database/User.php @@ -1,11 +1,13 @@ <?php namespace CamilStaps\BotleaguesApi\Database; +use CamilStaps\BotleaguesApi\Exception\ValidationException; use Illuminate\Auth\Authenticatable; use Illuminate\Auth\Passwords\CanResetPassword; use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract; use Illuminate\Support\Facades\Hash; +use Illuminate\Support\Facades\Validator; class User extends Model implements AuthenticatableContract, CanResetPasswordContract { @@ -14,6 +16,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon protected $table = 'users'; protected $hidden = ['password', 'remember_token', 'api_key']; protected $fillable = ['email', 'password']; + protected $primaryKey = 'email'; public function isAdministrator() { return (bool) $this->isAdministrator; @@ -90,7 +93,27 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon return $this->email; } + public function setEmailAttribute($email) { + $rules = [ + 'email' => ['required', 'email', 'unique:' . $this->table] + ]; + $validator = Validator::make(['email' => $email], $rules); + if ($validator->fails()) { + throw new ValidationException('Invalid input', $validator->errors()); + } + + $this->attributes['email'] = $email; + } + public function setPasswordAttribute($password) { + $rules = [ + 'password' => ['required', 'min:7'] + ]; + $validator = Validator::make(['password' => $password], $rules); + if ($validator->fails()) { + throw new ValidationException('Invalid input', $validator->errors()); + } + $this->attributes['password'] = Hash::make($password); } }
\ No newline at end of file diff --git a/src/controllers/PasswordReminderController.php b/src/controllers/PasswordReminderController.php index b3fd8da..ed3592e 100644 --- a/src/controllers/PasswordReminderController.php +++ b/src/controllers/PasswordReminderController.php @@ -31,7 +31,7 @@ class PasswordReminderController extends BaseController { public function store($userId) { $user = User::findOrFail($userId); - $this->passwordReminder->userId = $user->id; + $this->passwordReminder->userEmail = $user->email; $this->passwordReminder->token = bin2hex(openssl_random_pseudo_bytes(24)); if ($this->passwordReminder->save()) { @@ -43,13 +43,16 @@ class PasswordReminderController extends BaseController { /** * Destroy the password reminder means setting a new password for the user - * @param Request $request - * @param $userId + * @param $userEmail + * @param $reminderToken + * @return null */ - public function destroy($userId, $reminderToken) { + public function destroy($userEmail, $reminderToken) { $user = Auth::user(); $user->password = Request::get('password'); $user->save(); + $this->passwordReminder = $this->passwordReminder->findOrFail($reminderToken); + $this->passwordReminder->useToken(); return null; } diff --git a/src/controllers/UserController.php b/src/controllers/UserController.php index 2a454ff..9f70f58 100644 --- a/src/controllers/UserController.php +++ b/src/controllers/UserController.php @@ -40,16 +40,6 @@ class UserController extends BaseController { } public function store() { - $rules = [ - 'email' => ['required', 'email', 'unique:users'], - 'password' => ['required', 'min:7'] - ]; - $payload = Input::only('email', 'password'); - $validator = Validator::make($payload, $rules); - if ($validator->fails()) { - throw new ValidationException('Could not create new user.', $validator->errors()); - } - $this->user->email = Input::get('email'); $this->user->password = Input::get('password'); diff --git a/src/migrations/2015_02_23_184402_botleaguesapi-create_users.php b/src/migrations/2015_02_23_184402_botleaguesapi-create_users.php index b054a43..f04f3f0 100644 --- a/src/migrations/2015_02_23_184402_botleaguesapi-create_users.php +++ b/src/migrations/2015_02_23_184402_botleaguesapi-create_users.php @@ -14,8 +14,7 @@ class BotleaguesapiCreateUsers extends Migration { { Schema::create('users', function(Blueprint $table) { - $table->increments('id')->unsigned(); - $table->string('email', 127)->unique(); + $table->string('email', 127)->primary(); $table->string('password', 60); $table->rememberToken(); $table->boolean('isAdministrator')->default(false); diff --git a/src/migrations/2015_02_23_184413_botleaguesapi-create_bots.php b/src/migrations/2015_02_23_184413_botleaguesapi-create_bots.php index 11ab786..268039b 100644 --- a/src/migrations/2015_02_23_184413_botleaguesapi-create_bots.php +++ b/src/migrations/2015_02_23_184413_botleaguesapi-create_bots.php @@ -15,8 +15,8 @@ class BotleaguesapiCreateBots extends Migration { Schema::create('bots', function(Blueprint $table) { $table->increments('id')->unsigned(); - $table->integer('userId')->unsigned(); - $table->foreign('userId')->references('id')->on('users'); + $table->string('userEmail', 127)->index(); + $table->foreign('userEmail')->references('email')->on('users'); $table->integer('gameId')->unsigned(); $table->foreign('gameId')->references('id')->on('games'); $table->string('title', 45); diff --git a/src/migrations/2015_05_10_134654_botleaguesapi-create_user_tokens.php b/src/migrations/2015_05_10_134654_botleaguesapi-create_user_tokens.php index 3d8c82e..f4ce31a 100644 --- a/src/migrations/2015_05_10_134654_botleaguesapi-create_user_tokens.php +++ b/src/migrations/2015_05_10_134654_botleaguesapi-create_user_tokens.php @@ -15,8 +15,8 @@ class BotleaguesapiCreateUserTokens extends Migration { Schema::create('user_tokens', function(Blueprint $table) { $table->increments('id'); - $table->integer('userId')->unsigned(); - $table->foreign('userId')->references('id')->on('users'); + $table->string('userEmail', 127)->index(); + $table->foreign('userEmail')->references('email')->on('users'); $table->string('token'); $table->timestamp('valid_till'); $table->timestamps(); diff --git a/src/migrations/2015_05_13_105945_botleaguesapi-create_password_reminders.php b/src/migrations/2015_05_13_105945_botleaguesapi-create_password_reminders.php index a2473fb..2ef93f4 100644 --- a/src/migrations/2015_05_13_105945_botleaguesapi-create_password_reminders.php +++ b/src/migrations/2015_05_13_105945_botleaguesapi-create_password_reminders.php @@ -5,32 +5,32 @@ use Illuminate\Database\Migrations\Migration; class BotleaguesApiCreatePasswordReminders extends Migration { - /** - * Run the migrations. - * - * @return void - */ - public function up() - { - Schema::create('password_reminders', function(Blueprint $table) - { - $table->integer('userId')->unsigned(); - $table->foreign('userId')->references('id')->on('users'); - $table->string('token')->index(); - $table->timestamp('created_at'); + /** + * Run the migrations. + * + * @return void + */ + public function up() + { + Schema::create('password_reminders', function(Blueprint $table) + { + $table->string('userEmail', 127)->index(); + $table->foreign('userEmail')->references('email')->on('users'); + $table->string('token')->primary(); + $table->timestamp('created_at'); $table->timestamp('valid_till'); $table->timestamp('used_at')->nullable(); - }); - } + }); + } - /** - * Reverse the migrations. - * - * @return void - */ - public function down() - { - Schema::drop('password_reminders'); - } + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::drop('password_reminders'); + } } |