mirror/UNIT3D-Community-Edition
1
0
Fork 0
mirror of https://github.com/HDInnovations/UNIT3D-Community-Edition.git synced 2026-01-20 11:00:38 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
aef482682b21031a94ae4b37f80820d09581dbbb
UNIT3D-Community-Edition/app/Http/Controllers/User/PasswordController.php
Roardom aef482682b refactor: swap comparing ids to is() and isNot
2023-07-07 00:28:47 +00:00

75 lines
2.6 KiB
PHP
Raw Blame History

<?php
/**
* NOTICE OF LICENSE.
*
* UNIT3D Community Edition is open-sourced software licensed under the GNU Affero General Public License v3.0
* The details is bundled with this project in the file LICENSE.txt.
*
* @project UNIT3D Community Edition
*
* @author Roardom <roardom@protonmail.com>
* @license https://www.gnu.org/licenses/agpl-3.0.en.html/ GNU Affero General Public License v3.0
*/
namespace App\Http\Controllers\User;
use App\Http\Controllers\Controller;
use App\Models\PrivateMessage;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Rules\Password;
class PasswordController extends Controller
{
/**
* Update user password.
*/
protected function update(Request $request, User $user): \Illuminate\Http\RedirectResponse
{
abort_unless($request->user()->is($user) || $request->user()->group->is_modo, 403);
$changedByStaff = $request->user()->isNot($user);
abort_if($changedByStaff && ! $request->user()->group->is_owner && $request->user()->group->level < $user->group->level, 403);
$request->validate([
'current_password' => Rule::when(! $changedByStaff, [
'required',
'current_password',
]),
'new_password' => [
'required',
'confirmed',
Password::min(12)->mixedCase()->letters()->numbers()->uncompromised(),
],
]);
$user->password = Hash::make($request->new_password);
$user->save();
if ($changedByStaff) {
PrivateMessage::create([
'sender_id' => 1,
'receiver_id' => $user->id,
'subject' => 'ATTENTION - Your password has been changed',
'message' => "Your password has been changed by staff. You will need to update your password manager with the new password.\n\nFor more information, please create a helpdesk ticket.\n\n[color=red][b]THIS IS AN AUTOMATED SYSTEM MESSAGE, PLEASE DO NOT REPLY![/b][/color]",
]);
}
return to_route('users.password.edit', ['user' => $user])
->withSuccess('Your new password has been saved successfully.');
}
/**
* Edit user password.
*/
public function edit(Request $request, User $user): \Illuminate\Contracts\View\Factory|\Illuminate\View\View
{
abort_unless($request->user()->is($user) || $request->user()->group->is_modo, 403);
return view('user.password.edit', ['user' => $user]);
}
}
Reference in New Issue View Git Blame Copy Permalink