invoiceninja/app/Http/Controllers/Traits/VerifiesUserEmail.php

<?php

/**
 * Invoice Ninja (https://invoiceninja.com)
 *
 * @link https://github.com/invoiceninja/invoiceninja source repository
 *
 * @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
 *
 * @license https://opensource.org/licenses/AAL
 */

namespace App\Http\Controllers\Traits;

use App\Models\User;
use App\Utils\Traits\UserSessionAttributes;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;

/**
 * Class VerifiesUserEmail
 * @package App\Http\Controllers\Traits
 */
trait VerifiesUserEmail
{
    use UserSessionAttributes;

    /**
     * @param $code
     * @return \Illuminate\Http\RedirectResponse
     */
    public function confirm()
    {
        $user = User::where('confirmation_code', request()->confirmation_code)->first();
        
        // if ($user = User::whereRaw("BINARY `confirmation_code`= ?", request()->input('confirmation_code'))->first()) {

        if (!$user) {
            return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]);
        }

        if (is_null($user->password) || empty($user->password)) {
            return $this->render('auth.confirmation_with_password', ['root' => 'themes']);
        }

        $user->email_verified_at = now();
        $user->confirmation_code = null;
        $user->save();

        return $this->render('auth.confirmed', [
            'root' => 'themes',
            'message' => ctrans('texts.security_confirmation'),
        ]);
    }

    public function confirmWithPassword()
    {
        $user = User::where('confirmation_code', request()->confirmation_code)->first();

        if (!$user) {
            return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]);
        }
        
        request()->validate([
            'password' => ['required', 'min:6', 'confirmed'],
        ]);

        $user->password = Hash::make(request()->password);

        $user->email_verified_at = now();
        $user->confirmation_code = null;
        $user->save();

        return $this->render('auth.confirmed', [
            'root' => 'themes',
            'message' => ctrans('texts.security_confirmation'),
        ]);
    }
}
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00			`<?php`
Show page on account confirmation (#3720) 2020-05-19 14:59:44 +02:00
Update copyright 2019-05-11 05:32:07 +02:00			`/**`
			`* Invoice Ninja (https://invoiceninja.com)`
			`*`
			`* @link https://github.com/invoiceninja/invoiceninja source repository`
			`*`
Fix for password protected authorization (#3198) * Remove unnecessary save() on invoice * Update copyright * Working on Credit Repository * Implement credits as a paymentable entity * Add credit_id to transformer * fix rules for update payment * Fix random deleted_at keys in transformers * Fix for password_protect check 2020-01-07 01:13:47 +01:00			`* @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)`
Update copyright 2019-05-11 05:32:07 +02:00			`*`
			`* @license https://opensource.org/licenses/AAL`
			`*/`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00
			`namespace App\Http\Controllers\Traits;`

			`use App\Models\User;`
Set default company on account creation (#2487) * Fixes for tests * fixes for permissions * Set default company on account creation * Ensure default company ID is registered in session variables * Implement a generic resolver to harvest an entity from encoded value * Laravel Telescope 2018-11-03 02:01:40 +01:00			`use App\Utils\Traits\UserSessionAttributes;`
Confirmation Emails, Datatables (#2473) * Fixes for MakesHash trait * Client List DataTables * Data table dependencies * Confirmation URLs * Wire up firing events for notification emails 2018-10-29 04:16:17 +01:00			`use Illuminate\Support\Facades\Auth;`
Require password update if not set when confirming email 2020-06-26 14:20:45 +02:00			`use Illuminate\Support\Facades\Hash;`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00
DocBlocks 2019-01-27 00:22:57 +01:00			`/**`
			`* Class VerifiesUserEmail`
			`* @package App\Http\Controllers\Traits`
			`*/`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00			`trait VerifiesUserEmail`
			`{`
Set default company on account creation (#2487) * Fixes for tests * fixes for permissions * Set default company on account creation * Ensure default company ID is registered in session variables * Implement a generic resolver to harvest an entity from encoded value * Laravel Telescope 2018-11-03 02:01:40 +01:00			`use UserSessionAttributes;`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00
DocBlocks 2019-01-27 00:22:57 +01:00			`/**`
			`* @param $code`
			`* @return \Illuminate\Http\RedirectResponse`
			`*/`
Verify user notification (#3474) 2020-03-11 00:40:10 +01:00			`public function confirm()`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00			`{`
Require password update if not set when confirming email 2020-06-26 14:20:45 +02:00			`$user = User::where('confirmation_code', request()->confirmation_code)->first();`

			// if ($user = User::whereRaw("BINARY `confirmation_code`= ?", request()->input('confirmation_code'))->first()) {

			`if (!$user) {`
			`return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]);`
			`}`

			`if (is_null($user->password) \|\| empty($user->password)) {`
			`return $this->render('auth.confirmation_with_password', ['root' => 'themes']);`
			`}`

			`$user->email_verified_at = now();`
			`$user->confirmation_code = null;`
			`$user->save();`

			`return $this->render('auth.confirmed', [`
			`'root' => 'themes',`
			`'message' => ctrans('texts.security_confirmation'),`
			`]);`
			`}`

			`public function confirmWithPassword()`
			`{`
			`$user = User::where('confirmation_code', request()->confirmation_code)->first();`

			`if (!$user) {`
			`return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]);`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00			`}`
Require password update if not set when confirming email 2020-06-26 14:20:45 +02:00
			`request()->validate([`
			`'password' => ['required', 'min:6', 'confirmed'],`
			`]);`

			`$user->password = Hash::make(request()->password);`

			`$user->email_verified_at = now();`
			`$user->confirmation_code = null;`
			`$user->save();`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00
Show page on account confirmation (#3720) 2020-05-19 14:59:44 +02:00			`return $this->render('auth.confirmed', [`
			`'root' => 'themes',`
Require password update if not set when confirming email 2020-06-26 14:20:45 +02:00			`'message' => ctrans('texts.security_confirmation'),`
Show page on account confirmation (#3720) 2020-05-19 14:59:44 +02:00			`]);`
Tests, Multi-DB support for incoming URLs (#2466) * Tests for authentication * Add db field to company table (required if we are doing jobs without an auth()->user() ) * Add Laravel Dusk for browser testing, add ability to set DB by incoming URL Hash 2018-10-24 12:24:09 +02:00			`}`
Fixes for tests (#3184) * fix typo * php-cs traits * CS fixer pass * Password protect User routes * Implement checks to prevent editing a deleted record * Clean up payment flows * Fixes for tests 2019-12-30 22:59:12 +01:00			`}`