From c61b156f1bd93ec4aadd8adc78523b42b0232918 Mon Sep 17 00:00:00 2001
From: Camil Staps
Date: Sun, 4 Sep 2016 23:30:15 +0200
Subject: User creation and authentication
---
app/Http/Controllers/UserController.php | 67 ++++++++++++
app/Http/Middleware/Authenticate.php | 45 ++++++++
app/Http/routes.php | 56 ++++++----
app/Observers/UserObserver.php | 34 ++++++
app/Providers/AppServiceProvider.php | 25 +++--
app/Providers/AuthServiceProvider.php | 39 +++++++
app/User.php | 82 +++++++++++++++
bootstrap/app.php | 14 ++-
composer.json | 4 +-
config/auth.php | 88 ++++++++++++++++
config/mail.php | 115 +++++++++++++++++++++
.../2016_09_04_081740_create_users_table.php | 33 ++++++
resources/views/layouts/master.blade.php | 11 +-
resources/views/mails/user/create.blade.php | 13 +++
resources/views/shared/already_logged_in.blade.php | 1 +
resources/views/shared/messages.blade.php | 5 +
resources/views/user/create.blade.php | 30 ++++++
17 files changed, 622 insertions(+), 40 deletions(-)
create mode 100644 app/Http/Controllers/UserController.php
create mode 100644 app/Http/Middleware/Authenticate.php
create mode 100644 app/Observers/UserObserver.php
create mode 100644 app/Providers/AuthServiceProvider.php
create mode 100644 app/User.php
create mode 100644 config/auth.php
create mode 100644 config/mail.php
create mode 100644 database/migrations/2016_09_04_081740_create_users_table.php
create mode 100644 resources/views/mails/user/create.blade.php
create mode 100644 resources/views/shared/already_logged_in.blade.php
create mode 100644 resources/views/shared/messages.blade.php
create mode 100644 resources/views/user/create.blade.php
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
new file mode 100644
index 0000000..7036439
--- /dev/null
+++ b/app/Http/Controllers/UserController.php
@@ -0,0 +1,67 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\ValidationException;
+use Laravel\Lumen\Routing\Controller as BaseController;
+
+use HebrewParseTrainer\User;
+
+class UserController extends BaseController {
+
+ public function createForm(Request $request) {
+ $messages = [];
+
+ if ($request->isMethod('post')) {
+ $validator = Validator::make($request->input(), [
+ 'email' => 'required|unique:users|email',
+ 'name' => 'required|unique:users',
+ 'password' => 'required|confirmed|min:8',
+ ]);
+
+ if ($validator->fails()) {
+ foreach ($validator->errors()->all() as $error) {
+ $messages[] = ['danger', $error];
+ }
+ } else {
+ $user = new User;
+ $user->name = $request->input('name');
+ $user->email = $request->input('email');
+ $user->password = $request->input('password');
+ if ($user->save()) {
+ $messages[] = ['success', 'Your account has been created.'];
+ } else {
+ $messages[] = ['danger', 'Your account could not be created.'];
+ }
+ }
+ }
+
+ return view('user.create',
+ [
+ 'messages' => $messages,
+ 'form' => [
+ 'email' => $request->input('email'),
+ 'name' => $request->input('name')
+ ]
+ ]);
+ }
+
+}
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
new file mode 100644
index 0000000..6db8bb0
--- /dev/null
+++ b/app/Http/Middleware/Authenticate.php
@@ -0,0 +1,45 @@
+auth = $auth;
+ }
+
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Illuminate\Http\Request $request
+ * @param \Closure $next
+ * @param string|null $guard
+ * @return mixed
+ */
+ public function handle($request, Closure $next, $guard = null)
+ {
+ if ($this->auth->guard($guard)->guest()) {
+ return response('Unauthorized.', 401)
+ ->header('WWW-Authenticate', 'Basic realm="Please enter your email and password"');
+ }
+
+ return $next($request);
+ }
+}
diff --git a/app/Http/routes.php b/app/Http/routes.php
index 67b661b..9cf12b4 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -28,24 +28,40 @@
|
*/
-$app->group(['prefix' => parse_url(env('APP_URL'), PHP_URL_PATH)], function ($app) {
-
- $app->get('/', function () use ($app) {
- return view('trainer');
- });
-
- $app->get('/stem', function () use ($app) {
- return \HebrewParseTrainer\Stem::all();
- });
-
- $app->get('/tense', function () use ($app) {
- return \HebrewParseTrainer\Tense::all();
- });
-
- $app->get('/verb/random', 'App\Http\Controllers\RandomVerbController@show');
-
- $app->get('/stats', function () use ($app) {
- return view('stats');
- });
-
+$app->group(
+ ['prefix' => parse_url(env('APP_URL'), PHP_URL_PATH)],
+ function ($app) {
+
+ $app->get('/', function () use ($app) {
+ return view('trainer');
+ });
+
+ $app->get('/stem', function () use ($app) {
+ return \HebrewParseTrainer\Stem::all();
+ });
+
+ $app->get('/tense', function () use ($app) {
+ return \HebrewParseTrainer\Tense::all();
+ });
+
+ $app->get('/logout', function () use ($app) {
+ return response('Unauthorized.', 401)
+ ->header('WWW-Authenticate', 'Basic realm="Please click OK, then Cancel to logout."');
+ });
+
+ $app->get('/verb/random', 'App\Http\Controllers\RandomVerbController@show');
+
+ $app->get('/user/create', 'App\Http\Controllers\UserController@createForm');
+ $app->post('/user/create', 'App\Http\Controllers\UserController@createForm');
+
+ $app->group(
+ ['middleware' => 'auth:basic-http'],
+ function ($app) {
+
+ $app->get('/stats', function () use ($app) {
+ return view('stats');
+ });
+
+ });
+
});
diff --git a/app/Observers/UserObserver.php b/app/Observers/UserObserver.php
new file mode 100644
index 0000000..0989bb2
--- /dev/null
+++ b/app/Observers/UserObserver.php
@@ -0,0 +1,34 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+namespace App\Observers;
+
+use Illuminate\Support\Facades\Mail;
+
+use HebrewParseTrainer\User;
+
+class UserObserver {
+
+ public function created(User $user) {
+ Mail::plain('mails.user.create', ['user' => $user], function ($msg) {
+ $msg->to(['info@camilstaps.nl']);
+ $msg->from(['test@camilstaps.nl']);
+ });
+ }
+
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index ddec046..9bc5fd1 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -3,16 +3,23 @@
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
+use App\Observers\UserObserver;
+use HebrewParseTrainer\User;
class AppServiceProvider extends ServiceProvider
{
- /**
- * Register any application services.
- *
- * @return void
- */
- public function register()
- {
- //
- }
+ /**
+ * Register any application services.
+ *
+ * @return void
+ */
+ public function register()
+ {
+ $this->app->singleton('mailer', function ($app) {
+ $app->configure('services');
+ return $app->loadComponent('mail', 'Illuminate\Mail\MailServiceProvider', 'mailer');
+ });
+
+ User::observe(UserObserver::class);
+ }
}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
new file mode 100644
index 0000000..7cf4b27
--- /dev/null
+++ b/app/Providers/AuthServiceProvider.php
@@ -0,0 +1,39 @@
+input('api_token')) {
+ return User::where('api_token', $request->input('api_token'))->first();
+ }
+ });
+ }
+}
diff --git a/app/User.php b/app/User.php
new file mode 100644
index 0000000..3c1799d
--- /dev/null
+++ b/app/User.php
@@ -0,0 +1,82 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+namespace HebrewParseTrainer;
+
+use Illuminate\Contracts\Auth\Authenticatable;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Hash;
+
+class User extends Model implements Authenticatable {
+
+ protected $table = 'users';
+ public $timestamps = false;
+ protected $fillable = ['email', 'name'];
+
+ public function changePoints($kind, $change, $verb = null) {
+ $change = new PointChange;
+ $change->user = $this->id;
+ $change->change = $change;
+ $change->kind = $kind;
+ $change->verb = is_null($verb) ? null : $verb->id;
+ $change->save();
+
+ $this->points += $change;
+ $this->save();
+ }
+
+ public function setPasswordAttribute($pass) {
+ $this->attributes['password'] = Hash::make($pass);
+ }
+
+ public function verifyPassword($pass) {
+ if (!Hash::check($pass, $this->password))
+ return false;
+
+ if (Hash::needsRehash($this->password)) {
+ $this->password = $pass;
+ $this->save();
+ }
+
+ return true;
+ }
+
+ public function getAuthIdentifierName() {
+ return $this->email;
+ }
+
+ public function getAuthIdentifier() {
+ return $this->id;
+ }
+
+ public function getAuthPassword() {
+ return $this->password;
+ }
+
+ public function getRememberToken() {
+ return null;
+ }
+
+ public function setRememberToken($token) {
+ }
+
+ public function getRememberTokenName() {
+ return null;
+ }
+
+}
diff --git a/bootstrap/app.php b/bootstrap/app.php
index eae5bcf..04f448e 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -66,9 +66,9 @@ $app->singleton(
// // Laravel\Lumen\Http\Middleware\VerifyCsrfToken::class,
// ]);
-// $app->routeMiddleware([
-
-// ]);
+$app->routeMiddleware([
+ 'auth' => App\Http\Middleware\Authenticate::class,
+]);
/*
|--------------------------------------------------------------------------
@@ -81,9 +81,13 @@ $app->singleton(
|
*/
-// $app->register(App\Providers\AppServiceProvider::class);
+$app->register(App\Providers\AppServiceProvider::class);
+$app->register(App\Providers\AuthServiceProvider::class);
// $app->register(App\Providers\EventServiceProvider::class);
+$app->register(Illuminate\Mail\MailServiceProvider::class);
+$app->register(Arubacao\BasicAuth\BasicGuardServiceProvider::class);
+
/*
|--------------------------------------------------------------------------
| Load The Application Routes
@@ -99,4 +103,6 @@ $app->group(['namespace' => 'App\Http\Controllers'], function ($app) {
require __DIR__.'/../app/Http/routes.php';
});
+$app->configure('mail');
+
return $app;
diff --git a/composer.json b/composer.json
index ba85f9d..dee60f3 100644
--- a/composer.json
+++ b/composer.json
@@ -7,9 +7,11 @@
"require": {
"php": ">=5.5.9",
"laravel/lumen-framework": "5.2.*",
+ "illuminate/mail": "5.2.*",
"vlucas/phpdotenv": "~2.2",
"twbs/bootstrap": "^3.3",
- "components/jquery": "^2.1"
+ "components/jquery": "^2.1",
+ "arubacao/http-basic-auth-guard": "^1.0"
},
"require-dev": {
"phpunit/phpunit": "~4.0",
diff --git a/config/auth.php b/config/auth.php
new file mode 100644
index 0000000..2331863
--- /dev/null
+++ b/config/auth.php
@@ -0,0 +1,88 @@
+ [
+ 'guard' => env('AUTH_GUARD', 'basic-http'),
+ ],
+
+ /*
+ |--------------------------------------------------------------------------
+ | Authentication Guards
+ |--------------------------------------------------------------------------
+ |
+ | Next, you may define every authentication guard for your application.
+ | Of course, a great default configuration has been defined for you
+ | here which uses session storage and the Eloquent user provider.
+ |
+ | All authentication drivers have a user provider. This defines how the
+ | users are actually retrieved out of your database or other storage
+ | mechanisms used by this application to persist your user's data.
+ |
+ | Supported: "token"
+ |
+ */
+
+ 'guards' => [
+ 'basic-http' => ['driver' => 'basic', 'provider' => 'users'],
+ ],
+
+ /*
+ |--------------------------------------------------------------------------
+ | User Providers
+ |--------------------------------------------------------------------------
+ |
+ | All authentication drivers have a user provider. This defines how the
+ | users are actually retrieved out of your database or other storage
+ | mechanisms used by this application to persist your user's data.
+ |
+ | If you have multiple user tables or models you may configure multiple
+ | sources which represent each model / table. These sources may then
+ | be assigned to any extra authentication guards you have defined.
+ |
+ | Supported: "database", "eloquent"
+ |
+ */
+
+ 'providers' => [
+ 'users' => [
+ 'driver' => 'eloquent',
+ 'model' => HebrewParseTrainer\User::class,
+ ],
+ ],
+
+ /*
+ |--------------------------------------------------------------------------
+ | Resetting Passwords
+ |--------------------------------------------------------------------------
+ |
+ | Here you may set the options for resetting passwords including the view
+ | that is your password reset e-mail. You may also set the name of the
+ | table that maintains all of the reset tokens for your application.
+ |
+ | You may specify multiple password reset configurations if you have more
+ | than one user table or model in the application and you want to have
+ | separate password reset settings based on the specific user types.
+ |
+ | The expire time is the number of minutes that the reset token should be
+ | considered valid. This security feature keeps tokens short-lived so
+ | they have less time to be guessed. You may change this as needed.
+ |
+ */
+
+ 'passwords' => [
+ //
+ ],
+
+];
diff --git a/config/mail.php b/config/mail.php
new file mode 100644
index 0000000..92b3b29
--- /dev/null
+++ b/config/mail.php
@@ -0,0 +1,115 @@
+ env('MAIL_DRIVER', 'smtp'),
+
+ /*
+ |--------------------------------------------------------------------------
+ | SMTP Host Address
+ |--------------------------------------------------------------------------
+ |
+ | Here you may provide the host address of the SMTP server used by your
+ | applications. A default option is provided that is compatible with
+ | the Mailgun mail service which will provide reliable deliveries.
+ |
+ */
+
+ 'host' => env('MAIL_HOST'),
+
+ /*
+ |--------------------------------------------------------------------------
+ | SMTP Host Port
+ |--------------------------------------------------------------------------
+ |
+ | This is the SMTP port used by your application to deliver e-mails to
+ | users of the application. Like the host we have set this value to
+ | stay compatible with the Mailgun e-mail application by default.
+ |
+ */
+
+ 'port' => env('MAIL_PORT', 587),
+
+ /*
+ |--------------------------------------------------------------------------
+ | Global "From" Address
+ |--------------------------------------------------------------------------
+ |
+ | You may wish for all e-mails sent by your application to be sent from
+ | the same address. Here, you may specify a name and address that is
+ | used globally for all e-mails that are sent by your application.
+ |
+ */
+
+ 'from' => [
+ 'address' => env('MAIL_FROM_ADDRESS'),
+ 'name' => env('MAIL_FROM_NAME'),
+ ],
+
+ /*
+ |--------------------------------------------------------------------------
+ | E-Mail Encryption Protocol
+ |--------------------------------------------------------------------------
+ |
+ | Here you may specify the encryption protocol that should be used when
+ | the application send e-mail messages. A sensible default using the
+ | transport layer security protocol should provide great security.
+ |
+ */
+
+ 'encryption' => env('MAIL_ENCRYPTION', 'tls'),
+
+ /*
+ |--------------------------------------------------------------------------
+ | SMTP Server Username
+ |--------------------------------------------------------------------------
+ |
+ | If your SMTP server requires a username for authentication, you should
+ | set it here. This will get used to authenticate with your server on
+ | connection. You may also set the "password" value below this one.
+ |
+ */
+
+ 'username' => env('MAIL_USERNAME'),
+
+ /*
+ |--------------------------------------------------------------------------
+ | SMTP Server Password
+ |--------------------------------------------------------------------------
+ |
+ | Here you may set the password required by your SMTP server to send out
+ | messages from your application. This will be given to the server on
+ | connection so that the application will be able to send messages.
+ |
+ */
+
+ 'password' => env('MAIL_PASSWORD'),
+
+ /*
+ |--------------------------------------------------------------------------
+ | Sendmail System Path
+ |--------------------------------------------------------------------------
+ |
+ | When using the "sendmail" driver to send e-mails, we will need to know
+ | the path to where Sendmail lives on this server. A default path has
+ | been provided here, which will work well on most of your systems.
+ |
+ */
+
+ 'sendmail' => '/usr/sbin/sendmail -bs',
+
+];
diff --git a/database/migrations/2016_09_04_081740_create_users_table.php b/database/migrations/2016_09_04_081740_create_users_table.php
new file mode 100644
index 0000000..c5586dc
--- /dev/null
+++ b/database/migrations/2016_09_04_081740_create_users_table.php
@@ -0,0 +1,33 @@
+increments('id');
+ $table->string('email')->unique();
+ $table->string('name')->unique();
+ $table->string('password');
+ $table->integer('points')->default(0);
+ });
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::drop('users');
+ }
+}
diff --git a/resources/views/layouts/master.blade.php b/resources/views/layouts/master.blade.php
index 43c1a24..3c111da 100644
--- a/resources/views/layouts/master.blade.php
+++ b/resources/views/layouts/master.blade.php
@@ -20,9 +20,8 @@ along with this program. If not, see .
ParseTrainer
-
-
-
+
+
@@ -33,8 +32,8 @@ along with this program. If not, see .
@yield('master-content')