Commit 5d142e17 authored by ZeMKI's avatar ZeMKI
Browse files

Bugfix and optimization

* now you set a password_reset token on user creation. Password cannot be entered manually anymore.
* Email is sent from the server!
parent b67d3a70
......@@ -3,10 +3,10 @@
namespace App\Console\Commands;
use App\Mail\VerificationEmail;
use \App\Permission;
use \App\Role;
use \App\Study;
use \App\User;
use App\Permission;
use App\Role;
use App\User;
use Helper;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Mail;
......@@ -46,31 +46,28 @@ class CreateUserCommand extends Command
{
$email = $this->ask('Enter email');
$password = $this->secret('Enter password');
$this->info('2 -> Supervisor');
$this->info('3 -> Researcher');
$role = $this->choice('User role?', [2, 3]);
if ($this->store($role, $email, $password, $user))
{
if ($this->store($role, $email, $user)) {
Mail::to($email)->send(new VerificationEmail($user));
return true;
}
else
} else
return false;
}
public function store($roleId, $email, $password, &$user)
public function store($roleId, $email, &$user)
{
$role = Role::where('id', $roleId)->first();
$user = new User();
$user->email = $email;
$user->password = bcrypt($password);
$user->password = bcrypt(Helper::random_str(40));
$user->password_token = Helper::random_str(30);
$user->save();
$user->attachRole($role);
$createStudyPermission = Permission::where('name', 'create-studies')
......
......@@ -3,20 +3,20 @@
namespace App\Http\Controllers;
use App\Mail\RegisterSupervisor;
use App\Mail\VerificationEmail;
use App\Permission;
use App\Role;
use App\Study;
use App\User;
use Auth;
use DB;
use Helper;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Http\Request;
use Auth;
use DB;
use Helper;
use App\User;
use App\Role;
use App\Permission;
use App\Study;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Mail;
use App\Mail\VerificationEmail;
class UserController extends Controller
{
......@@ -227,7 +227,6 @@ class UserController extends Controller
}
/**
* Remove the specified resource from storage.
*
......@@ -331,13 +330,13 @@ class UserController extends Controller
public function newpassword(Request $request)
{
if ($request->input('token') === "") {
$data['error'] = "wrong request, contact the administrator";
$data['error'] = "wrong request, contact the administrator.";
$data['user'] = "";
return view('errors.resetpassword');
}
$user = User::where('password_token', '=', $request->input('token'))->first();
if (!$user) {
$data['error'] = "This token is not valid, please contact the administrator";
$data['error'] = "Something went wrong, please contact the administrator.";
return view('errors.resetpassword');
}
......
@extends('auth.layouts.app')
@section('content')
<div class="bg-img"> </div>
<div class="container ">
<div class="columns is-centered">
<div class="bg-img"></div>
<div class="container ">
<div class="columns is-centered">
<div class="column is-half">
<div class="box" style="top:50%;left: 50%">
<form method="POST" action="{{ url('newpassword') }}">
@csrf
<input type="hidden" id="token" name="token" value="{{ $user->password_token }}" />
<div class="field">
<label for="email" class="label">{{ __('E-Mail Address') }}</label>
<div class="control">
<input id="email" disabled type="email" value="{{$user->email}}" class="input {{ $errors->has('email') ? ' is-invalid' : '' }}" name="email" value="{{ old('email') }}" required autofocus>
</div>
</div>
<div class="column is-half">
<div class="box" style="top:50%;left: 50%">
<form method="POST" action="{{ url('newpassword') }}">
@csrf
<input type="hidden" id="token" name="token" value="{{ $user->password_token }}"/>
<div class="field">
<label for="email" class="label">{{ __('E-Mail Address') }}</label>
<div class="control">
<input id="email" disabled type="email" value="{{$user->email}}"
class="input {{ $errors->has('email') ? ' is-invalid' : '' }}" name="email"
value="{{ old('email') }}" required autofocus>
</div>
</div>
<div class="field">
<label for="password" class="label">New Password</label>
<p class="control has-icon-left">
<input id="password" type="password" class="input {{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" required>
<span class="icon is-small is-left">
<div class="field">
<label for="password" class="label">New Password</label>
<p class="control has-icon-left">
<input id="password" type="password"
class="input {{ $errors->has('password') ? ' is-invalid' : '' }}" name="password"
required>
<span class="icon is-small is-left">
<i class="fas fa-lock"></i>
</span>
</p>
</div>
@if ($errors->has('password'))
<div class="notification is-danger is-small">
<strong>{{ $errors->first('password') }}</strong>
</p>
</div>
@if ($errors->has('password'))
<div class="notification is-danger is-small">
<strong>{{ $errors->first('password') }}</strong>
</div>
@endif
<div class="field">
<p class="control">
<button class="button is-dark">
Set Password
</button>
</p>
</div>
</form>
</div>
</div>
</div>
@endif
<div class="field">
<p class="control">
<button class="button is-dark">
Set Password
</button>
</p>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
......@@ -2,12 +2,6 @@
PLEASE SET A PASSWORD AND ENTER MESORT
DO IT!
SET TOKEN FOR RESET PASSWORD
ROUTE ALWAYS CHECK IF THAT TOKEN IS CORRECT
EMPTY THAT AFTER PWD IS RESETTED
@component('mail::button', ['url' => url('setpassword')."?token=".$user->password_token])
Confirm account and set password
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment