Require re-confirming email address when it's changed

app/Events/UserSettingsChanged.php

@@ -8,14 +8,16 @@ class UserSettingsChanged extends Event {
 
 	use SerializesModels;
 
+    public $user;
+
 	/**
 	 * Create a new event instance.
 	 *
 	 * @return void
 	 */
-	public function __construct()
+	public function __construct($user = false)
 	{
-		//
+        $this->user = $user;
 	}
 
 }

app/Listeners/HandleUserSettingsChanged.php

@@ -6,6 +6,7 @@ use App\Events\UserSettingsChanged;
 use App\Ninja\Repositories\AccountRepository;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Contracts\Queue\ShouldBeQueued;
+use App\Ninja\Mailers\UserMailer;
 
 class HandleUserSettingsChanged {
 
@@ -14,9 +15,10 @@ class HandleUserSettingsChanged {
 	 *
 	 * @return void
 	 */
-	public function __construct(AccountRepository $accountRepo)
+	public function __construct(AccountRepository $accountRepo, UserMailer $userMailer)
 	{
         $this->accountRepo = $accountRepo;
+        $this->userMailer = $userMailer;
 	}
 
 	/**
@@ -27,12 +29,19 @@ class HandleUserSettingsChanged {
 	 */
 	public function handle(UserSettingsChanged $event)
 	{
-        if (Auth::check()) {
-            $account = Auth::user()->account;
-            $account->loadLocalizationSettings();
+        if (!Auth::check()) {
+            return;
+        }
 
-            $users = $this->accountRepo->loadAccounts(Auth::user()->id);
-            Session::put(SESSION_USER_ACCOUNTS, $users);
+        $account = Auth::user()->account;
+        $account->loadLocalizationSettings();
+
+        $users = $this->accountRepo->loadAccounts(Auth::user()->id);
+        Session::put(SESSION_USER_ACCOUNTS, $users);
+
+        if ($event->user && $event->user->isEmailBeingChanged()) {
+            $this->userMailer->sendConfirmation($event->user);
+            Session::flash('warning', trans('texts.verify_email'));
         }
 	}
 

app/Models/User.php

@@ -130,27 +130,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     {
         return Session::get(SESSION_COUNTER, 0);
     }
-
-    /*
-    public function getPopOverText()
-    {
-        if (!Utils::isNinja() || !Auth::check() || Session::has('error')) {
-            return false;
-        }
-
-        $count = self::getRequestsCount();
-
-        if ($count == 1 || $count % 5 == 0) {
-            if (!Utils::isRegistered()) {
-                return trans('texts.sign_up_to_save');
-            } elseif (!Auth::user()->account->name) {
-                return trans('texts.set_name');
-            }
-        }
-
-        return false;
-    }
-    */
     
     public function afterSave($success = true, $forced = false)
     {
@@ -204,6 +183,12 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         if ($user->password != $user->getOriginal('password')) {
             $user->failed_logins = 0;
         }
+
+        // if the user changes their email then they need to reconfirm it
+        if ($user->isEmailBeingChanged()) {
+            $user->confirmed = 0;
+            $user->confirmation_code = str_random(RANDOM_KEY_LENGTH);
+        }
     }
 
     public static function onUpdatedUser($user)
@@ -214,7 +199,14 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             event(new UserSignedUp());
         }
 
-        event(new UserSettingsChanged());
+        event(new UserSettingsChanged($user));
+    }
+
+    public function isEmailBeingChanged()
+    {
+        return Utils::isNinjaProd()
+                && $this->email != $this->getOriginal('email')
+                && $this->getOriginal('confirmed');
     }
 
 }

resources/lang/en/texts.php

@@ -817,6 +817,7 @@ return array(
   'custom_invoice_link' => 'Custom Invoice Link',
   'total_invoiced' => 'Total Invoiced',
   'open_balance' => 'Open Balance',
+  'verify_email' => 'Please visit the link in the account confirmation email to verify your email address.',
 
 );