blessing-skin-server/app/Http/Controllers/AuthController.php

<?php

namespace App\Http\Controllers;

use URL;
use Mail;
use View;
use Cache;
use Session;
use App\Events;
use App\Models\User;
use App\Models\Player;
use App\Mail\ForgotPassword;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Exceptions\PrettyPageException;
use App\Services\Repositories\UserRepository;

class AuthController extends Controller
{
    public function handleLogin(Request $request, UserRepository $users)
    {
        $this->validate($request, [
            'identification' => 'required',
            'password'       => 'required|min:6|max:32',
        ]);

        $identification = $request->input('identification');

        // Guess type of identification
        $authType = (validate($identification, 'email')) ? 'email' : 'username';

        event(new Events\UserTryToLogin($identification, $authType));

        // Get user instance from repository.
        // If the given identification is not registered yet,
        // it will return a null value.
        $user = $users->get($identification, $authType);

        // Require CAPTCHA if user fails to login more than 3 times
        $loginFailsCacheKey = sha1('login_fails_'.get_client_ip());
        $loginFails = (int) Cache::get($loginFailsCacheKey, 0);

        if ($loginFails > 3) {
            $this->validate($request, ['captcha' => 'required|captcha']);
        }

        if (! $user) {
            return json(trans('auth.validation.user'), 2);
        } else {
            if ($user->verifyPassword($request->input('password'))) {
                Session::forget('login_fails');

                Auth::login($user, $request->input('keep') == 'true');

                event(new Events\UserLoggedIn($user));

                Cache::forget($loginFailsCacheKey);

                return json(trans('auth.login.success'), 0);
            } else {
                // Increase the counter
                Cache::put($loginFailsCacheKey, ++$loginFails, 3600);

                return json(trans('auth.validation.password'), 1, [
                    'login_fails' => $loginFails,
                ]);
            }
        }
    }

    public function logout()
    {
        if (Auth::check()) {
            Auth::logout();

            return json(trans('auth.logout.success'), 0);
        } else {
            return json(trans('auth.logout.fail'), 1);
        }
    }

    public function register()
    {
        if (option('user_can_register')) {
            return view('auth.register');
        } else {
            throw new PrettyPageException(trans('auth.register.close'), 7);
        }
    }

    public function handleRegister(Request $request)
    {
        if (! option('user_can_register')) {
            return json(trans('auth.register.close'), 7);
        }

        $rule = option('register_with_player_name') ?
            ['player_name' => 'required|player_name|min:'.option('player_name_length_min').'|max:'.option('player_name_length_max')] :
            ['nickname' => 'required|no_special_chars|max:255'];
        $data = $this->validate($request, array_merge([
            'email'    => 'required|email|unique:users',
            'password' => 'required|min:8|max:32',
            'captcha'  => 'required'.(app()->environment('testing') ? '' : '|captcha'),
        ], $rule));

        if (option('register_with_player_name')) {
            event(new Events\CheckPlayerExists($request->get('player_name')));

            if (Player::where('player_name', $request->get('player_name'))->first()) {
                return json(trans('user.player.add.repeated'), 2);
            }
        }

        // If amount of registered accounts of IP is more than allowed amounts,
        // then reject the register.
        if (User::where('ip', get_client_ip())->count() >= option('regs_per_ip')) {
            return json(trans('auth.register.max', ['regs' => option('regs_per_ip')]), 7);
        }

        $user = new User;
        $user->email = $data['email'];
        $user->nickname = $data[option('register_with_player_name') ? 'player_name' : 'nickname'];
        $user->score = option('user_initial_score');
        $user->avatar = 0;
        $user->password = User::getEncryptedPwdFromEvent($data['password'], $user)
            ?: app('cipher')->hash($data['password'], config('secure.salt'));
        $user->ip = get_client_ip();
        $user->permission = User::NORMAL;
        $user->register_at = get_datetime_string();
        $user->last_sign_at = get_datetime_string(time() - 86400);

        $user->save();

        event(new Events\UserRegistered($user));

        if (option('register_with_player_name')) {
            $player = new Player;
            $player->uid = $user->uid;
            $player->player_name = $request->get('player_name');
            $player->tid_skin = 0;
            $player->save();

            event(new Events\PlayerWasAdded($player));
        }

        Auth::login($user);

        return json([
            'errno' => 0,
            'msg' => trans('auth.register.success'),
        ]);
    }

    public function forgot()
    {
        if (config('mail.driver') != '') {
            return view('auth.forgot');
        } else {
            throw new PrettyPageException(trans('auth.forgot.disabled'), 8);
        }
    }

    public function handleForgot(Request $request, UserRepository $users)
    {
        $this->validate($request, [
            'captcha' => 'required'.(app()->environment('testing') ? '' : '|captcha'),
        ]);

        if (! config('mail.driver')) {
            return json(trans('auth.forgot.disabled'), 1);
        }

        $rateLimit = 180;
        $lastMailCacheKey = sha1('last_mail_'.get_client_ip());
        $remain = $rateLimit + Cache::get($lastMailCacheKey, 0) - time();

        // Rate limit
        if ($remain > 0) {
            return json([
                'errno' => 2,
                'msg' => trans('auth.forgot.frequent-mail'),
                'remain' => $remain,
            ]);
        }

        // Get user instance
        $user = $users->get($request->input('email'), 'email');

        if (! $user) {
            return json(trans('auth.forgot.unregistered'), 1);
        }

        $url = URL::temporarySignedRoute('auth.reset', now()->addHour(), ['uid' => $user->uid]);

        try {
            Mail::to($request->input('email'))->send(new ForgotPassword($url));
        } catch (\Exception $e) {
            report($e);

            return json(trans('auth.forgot.failed', ['msg' => $e->getMessage()]), 2);
        }

        Cache::put($lastMailCacheKey, time(), 3600);

        return json(trans('auth.forgot.success'), 0);
    }

    public function reset($uid, UserRepository $users)
    {
        return view('auth.reset')->with('user', $users->get($uid));
    }

    public function handleReset($uid, Request $request, UserRepository $users)
    {
        $validated = $this->validate($request, [
            'password' => 'required|min:8|max:32',
        ]);

        $users->get($uid)->changePassword($validated['password']);

        return json(trans('auth.reset.success'), 0);
    }

    public function verify(UserRepository $users, $uid)
    {
        if (! option('require_verification')) {
            throw new PrettyPageException(trans('user.verification.disabled'), 1);
        }

        $user = $users->get($uid);

        if (! $user || $user->verified) {
            throw new PrettyPageException(trans('auth.verify.invalid'), 1);
        }

        $user->verified = true;
        $user->save();

        return view('auth.verify');
    }
}
first commit of v3 2016-07-21 22:01:57 +08:00			`<?php`

initialize for laravel 2016-08-28 10:05:21 +08:00			`namespace App\Http\Controllers;`
first commit of v3 2016-07-21 22:01:57 +08:00
Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`use URL;`
first commit of v3 2016-07-21 22:01:57 +08:00			`use Mail;`
			`use View;`
Limit login attempts by IP address 2018-08-16 17:57:24 +08:00			`use Cache;`
initialize for laravel 2016-08-28 10:05:21 +08:00			`use Session;`
fix some minor issues for plugins 2016-11-17 17:32:12 +08:00			`use App\Events;`
use validator of laravel instead of Validate class 2016-09-04 15:35:12 +08:00			`use App\Models\User;`
Add a option for requiring player name when register 2018-08-17 17:03:38 +08:00			`use App\Models\Player;`
use mailable 2018-07-15 17:42:03 +08:00			`use App\Mail\ForgotPassword;`
use validator of laravel instead of Validate class 2016-09-04 15:35:12 +08:00			`use Illuminate\Http\Request;`
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`use Illuminate\Support\Facades\Auth;`
use validator of laravel instead of Validate class 2016-09-04 15:35:12 +08:00			`use App\Exceptions\PrettyPageException;`
refactor models 2016-10-23 11:41:52 +08:00			`use App\Services\Repositories\UserRepository;`
first commit of v3 2016-07-21 22:01:57 +08:00
use validator of laravel 2016-09-03 23:50:55 +08:00			`class AuthController extends Controller`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
refactor models 2016-10-23 11:41:52 +08:00			`public function handleLogin(Request $request, UserRepository $users)`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
use validator of laravel 2016-09-03 23:50:55 +08:00			`$this->validate($request, [`
fix minimal length of password 2016-10-02 20:30:27 +08:00			`'identification' => 'required',`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'password' => 'required\|min:6\|max:32',`
use validator of laravel 2016-09-03 23:50:55 +08:00			`]);`

fix minimal length of password 2016-10-02 20:30:27 +08:00			`$identification = $request->input('identification');`

Adjust code style due to my OCD 2018-02-16 17:31:04 +08:00			`// Guess type of identification`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`$authType = (validate($identification, 'email')) ? 'email' : 'username';`
use validator of laravel 2016-09-03 23:50:55 +08:00
Adjust code style due to my OCD 2018-02-16 17:31:04 +08:00			`event(new Events\UserTryToLogin($identification, $authType));`
working on data adaptation 2016-10-17 17:51:51 +08:00
refactor models 2016-10-23 11:41:52 +08:00			`// Get user instance from repository.`
			`// If the given identification is not registered yet,`
			`// it will return a null value.`
Adjust code style due to my OCD 2018-02-16 17:31:04 +08:00			`$user = $users->get($identification, $authType);`
first commit of v3 2016-07-21 22:01:57 +08:00
Limit login attempts by IP address 2018-08-16 17:57:24 +08:00			`// Require CAPTCHA if user fails to login more than 3 times`
Remove Utils class 2018-08-17 22:54:26 +08:00			`$loginFailsCacheKey = sha1('login_fails_'.get_client_ip());`
Limit login attempts by IP address 2018-08-16 17:57:24 +08:00			`$loginFails = (int) Cache::get($loginFailsCacheKey, 0);`

			`if ($loginFails > 3) {`
Fix validating captcha 2018-07-21 08:17:16 +08:00			`$this->validate($request, ['captcha' => 'required\|captcha']);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Adjust code style due to my OCD 2018-02-16 17:31:04 +08:00			`if (! $user) {`
add menu for switching languages 2016-09-15 09:20:02 +08:00			`return json(trans('auth.validation.user'), 2);`
first commit of v3 2016-07-21 22:01:57 +08:00			`} else {`
support hashing passwords with password_hash() 2017-01-08 12:49:32 +08:00			`if ($user->verifyPassword($request->input('password'))) {`
use validator of laravel 2016-09-03 23:50:55 +08:00			`Session::forget('login_fails');`
first commit of v3 2016-07-21 22:01:57 +08:00
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`Auth::login($user, $request->input('keep') == 'true');`
first commit of v3 2016-07-21 22:01:57 +08:00
fix some minor issues for plugins 2016-11-17 17:32:12 +08:00			`event(new Events\UserLoggedIn($user));`
working on data adaptation 2016-10-17 17:51:51 +08:00
Limit login attempts by IP address 2018-08-16 17:57:24 +08:00			`Cache::forget($loginFailsCacheKey);`
Redirect to last requested path after logging in 2017-06-28 20:42:51 +08:00
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`return json(trans('auth.login.success'), 0);`
first commit of v3 2016-07-21 22:01:57 +08:00			`} else {`
Limit login attempts by IP address 2018-08-16 17:57:24 +08:00			`// Increase the counter`
Laravel 5.8 (#5) 2019-02-27 23:44:50 +08:00			`Cache::put($loginFailsCacheKey, ++$loginFails, 3600);`
rewrite the constructor of User class 2016-08-16 13:27:06 +08:00
fix minimal length of password 2016-10-02 20:30:27 +08:00			`return json(trans('auth.validation.password'), 1, [`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'login_fails' => $loginFails,`
first commit of v3 2016-07-21 22:01:57 +08:00			`]);`
			`}`
			`}`
			`}`

Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`public function logout()`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`if (Auth::check()) {`
			`Auth::logout();`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`return json(trans('auth.logout.success'), 0);`
first commit of v3 2016-07-21 22:01:57 +08:00			`} else {`
fix translation of auth.logout.fail 2016-10-06 17:57:07 +08:00			`return json(trans('auth.logout.fail'), 1);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`
			`}`

			`public function register()`
			`{`
refactor models 2016-10-23 11:41:52 +08:00			`if (option('user_can_register')) {`
initialize for laravel 2016-08-28 10:05:21 +08:00			`return view('auth.register');`
show error page when register is not allowed 2016-07-27 18:31:59 +08:00			`} else {`
add menu for switching languages 2016-09-15 09:20:02 +08:00			`throw new PrettyPageException(trans('auth.register.close'), 7);`
show error page when register is not allowed 2016-07-27 18:31:59 +08:00			`}`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`public function handleRegister(Request $request)`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
Add a option for requiring player name when register 2018-08-17 17:03:38 +08:00			`if (! option('user_can_register')) {`
			`return json(trans('auth.register.close'), 7);`
			`}`

			`$rule = option('register_with_player_name') ?`
			`['player_name' => 'required\|player_name\|min:'.option('player_name_length_min').'\|max:'.option('player_name_length_max')] :`
			`['nickname' => 'required\|no_special_chars\|max:255'];`
			`$data = $this->validate($request, array_merge([`
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00			`'email' => 'required\|email\|unique:users',`
Adjust allowed maximum password length to 32 2018-02-24 16:05:07 +08:00			`'password' => 'required\|min:8\|max:32',`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'captcha' => 'required'.(app()->environment('testing') ? '' : '\|captcha'),`
Add a option for requiring player name when register 2018-08-17 17:03:38 +08:00			`], $rule));`
use validator of laravel 2016-09-03 23:50:55 +08:00
Add a option for requiring player name when register 2018-08-17 17:03:38 +08:00			`if (option('register_with_player_name')) {`
			`event(new Events\CheckPlayerExists($request->get('player_name')));`

			`if (Player::where('player_name', $request->get('player_name'))->first()) {`
			`return json(trans('user.player.add.repeated'), 2);`
			`}`
refactor models 2016-10-23 11:41:52 +08:00			`}`

			`// If amount of registered accounts of IP is more than allowed amounts,`
Remove Utils class 2018-08-17 22:54:26 +08:00			`// then reject the register.`
			`if (User::where('ip', get_client_ip())->count() >= option('regs_per_ip')) {`
			`return json(trans('auth.register.max', ['regs' => option('regs_per_ip')]), 7);`
			`}`
Add a option for requiring player name when register 2018-08-17 17:03:38 +08:00
Remove Utils class 2018-08-17 22:54:26 +08:00			`$user = new User;`
			`$user->email = $data['email'];`
			`$user->nickname = $data[option('register_with_player_name') ? 'player_name' : 'nickname'];`
			`$user->score = option('user_initial_score');`
			`$user->avatar = 0;`
			`$user->password = User::getEncryptedPwdFromEvent($data['password'], $user)`
			`?: app('cipher')->hash($data['password'], config('secure.salt'));`
			`$user->ip = get_client_ip();`
			`$user->permission = User::NORMAL;`
			`$user->register_at = get_datetime_string();`
			`$user->last_sign_at = get_datetime_string(time() - 86400);`
Use Laravel's auth system and use another captcha generator 2018-07-20 14:42:43 +08:00
Remove Utils class 2018-08-17 22:54:26 +08:00			`$user->save();`
refactor models 2016-10-23 11:41:52 +08:00
Remove Utils class 2018-08-17 22:54:26 +08:00			`event(new Events\UserRegistered($user));`

			`if (option('register_with_player_name')) {`
			`$player = new Player;`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`$player->uid = $user->uid;`
			`$player->player_name = $request->get('player_name');`
			`$player->tid_skin = 0;`
Remove Utils class 2018-08-17 22:54:26 +08:00			`$player->save();`

			`event(new Events\PlayerWasAdded($player));`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`
Remove Utils class 2018-08-17 22:54:26 +08:00
			`Auth::login($user);`

			`return json([`
			`'errno' => 0,`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'msg' => trans('auth.register.success'),`
Remove Utils class 2018-08-17 22:54:26 +08:00			`]);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

			`public function forgot()`
			`{`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`if (config('mail.driver') != '') {`
initialize for laravel 2016-08-28 10:05:21 +08:00			`return view('auth.forgot');`
notify if password resetting is disabled 2016-08-06 19:12:39 +08:00			`} else {`
Support email verification 2018-08-17 12:32:44 +08:00			`throw new PrettyPageException(trans('auth.forgot.disabled'), 8);`
notify if password resetting is disabled 2016-08-06 19:12:39 +08:00			`}`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

refactor models 2016-10-23 11:41:52 +08:00			`public function handleForgot(Request $request, UserRepository $users)`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
Fix validating captcha 2018-08-12 16:00:21 +08:00			`$this->validate($request, [`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'captcha' => 'required'.(app()->environment('testing') ? '' : '\|captcha'),`
Fix validating captcha 2018-08-12 16:00:21 +08:00			`]);`
first commit of v3 2016-07-21 22:01:57 +08:00
Support email verification 2018-08-17 12:32:44 +08:00			`if (! config('mail.driver')) {`
			`return json(trans('auth.forgot.disabled'), 1);`
			`}`
notify if password resetting is disabled 2016-08-06 19:12:39 +08:00
Enhance rate limit for sending password reset email 2018-08-17 16:07:24 +08:00			`$rateLimit = 180;`
Remove Utils class 2018-08-17 22:54:26 +08:00			`$lastMailCacheKey = sha1('last_mail_'.get_client_ip());`
Enhance rate limit for sending password reset email 2018-08-17 16:07:24 +08:00			`$remain = $rateLimit + Cache::get($lastMailCacheKey, 0) - time();`

			`// Rate limit`
			`if ($remain > 0) {`
			`return json([`
			`'errno' => 2,`
			`'msg' => trans('auth.forgot.frequent-mail'),`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`'remain' => $remain,`
Enhance rate limit for sending password reset email 2018-08-17 16:07:24 +08:00			`]);`
			`}`
first commit of v3 2016-07-21 22:01:57 +08:00
Adjust code style due to my OCD 2018-02-16 17:31:04 +08:00			`// Get user instance`
refactor models 2016-10-23 11:41:52 +08:00			`$user = $users->get($request->input('email'), 'email');`
first commit of v3 2016-07-21 22:01:57 +08:00
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`if (! $user) {`
add menu for switching languages 2016-09-15 09:20:02 +08:00			`return json(trans('auth.forgot.unregistered'), 1);`
Apply fixes from StyleCI (#11) This pull request applies code style fixes from an analysis carried out by [StyleCI](https://github.styleci.io). --- For more information, click [here](https://github.styleci.io/analyses/8wKwbZ). 2019-03-02 22:58:37 +08:00			`}`
first commit of v3 2016-07-21 22:01:57 +08:00
Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`$url = URL::temporarySignedRoute('auth.reset', now()->addHour(), ['uid' => $user->uid]);`
first commit of v3 2016-07-21 22:01:57 +08:00
use Mail of laravel 2016-09-04 16:15:11 +08:00			`try {`
Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`Mail::to($request->input('email'))->send(new ForgotPassword($url));`
log the exceptions thrown by email service in detail 2018-07-15 18:15:55 +08:00			`} catch (\Exception $e) {`
Use helper function `report` 2018-07-22 11:36:00 +08:00			`report($e);`
log the exceptions thrown by email service in detail 2018-07-15 18:15:55 +08:00
Update mail template of password reset 2018-08-16 18:10:09 +08:00			`return json(trans('auth.forgot.failed', ['msg' => $e->getMessage()]), 2);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Laravel 5.8 (#5) 2019-02-27 23:44:50 +08:00			`Cache::put($lastMailCacheKey, time(), 3600);`
use Mail of laravel 2016-09-04 16:15:11 +08:00
Update mail template of password reset 2018-08-16 18:10:09 +08:00			`return json(trans('auth.forgot.success'), 0);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`public function reset($uid, UserRepository $users)`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`return view('auth.reset')->with('user', $users->get($uid));`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`public function handleReset($uid, Request $request, UserRepository $users)`
first commit of v3 2016-07-21 22:01:57 +08:00			`{`
Use signed URL to simplify resetting password 2018-07-18 11:04:34 +08:00			`$validated = $this->validate($request, [`
Adjust allowed maximum password length to 32 2018-02-24 16:05:07 +08:00			`'password' => 'required\|min:8\|max:32',`
use validator of laravel 2016-09-03 23:50:55 +08:00			`]);`
first commit of v3 2016-07-21 22:01:57 +08:00
Rename method on `User` model 2018-07-19 10:31:44 +08:00			`$users->get($uid)->changePassword($validated['password']);`
add log for password resetting 2016-11-07 22:34:34 +08:00
add menu for switching languages 2016-09-15 09:20:02 +08:00			`return json(trans('auth.reset.success'), 0);`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`

Support email verification 2018-08-17 12:32:44 +08:00			`public function verify(UserRepository $users, $uid)`
refactor models 2016-10-23 11:41:52 +08:00			`{`
Support email verification 2018-08-17 12:32:44 +08:00			`if (! option('require_verification')) {`
			`throw new PrettyPageException(trans('user.verification.disabled'), 1);`
			`}`

			`$user = $users->get($uid);`

			`if (! $user \|\| $user->verified) {`
			`throw new PrettyPageException(trans('auth.verify.invalid'), 1);`
			`}`

			`$user->verified = true;`
			`$user->save();`

			`return view('auth.verify');`
refactor models 2016-10-23 11:41:52 +08:00			`}`
first commit of v3 2016-07-21 22:01:57 +08:00			`}`