Files
monica/app/Http/Controllers/Auth/PasswordChangeController.php
T
2018-07-24 11:11:22 +02:00

156 lines
4.2 KiB
PHP

<?php
namespace App\Http\Controllers\Auth;
use App\Models\User\User;
use Illuminate\Support\Str;
use UnexpectedValueException;
use App\Http\Requests\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use App\Http\Requests\PasswordChangeRequest;
use Illuminate\Foundation\Auth\RedirectsUsers;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class PasswordChangeController extends Controller
{
use RedirectsUsers;
protected $redirectTo = '/settings/security';
/**
* Get useful parameters from request.
*
* @param \App\Http\Requests\PasswordChangeRequest $request
* @return array
*/
protected function credentials(PasswordChangeRequest $request)
{
return $request->only(
'password_current', 'password', 'password_confirmation'
);
}
/**
* Change user password.
*
* @param \App\Http\Requests\PasswordChangeRequest $request
*/
public function passwordChange(PasswordChangeRequest $request)
{
$credentials = $this->credentials($request);
$response = $this->validateAndPasswordChange($credentials);
return $response == 'passwords.changed'
? $this->sendChangedResponse($response)
: $this->sendChangedFailedResponse($response);
}
/**
* Validate a password change request and update password of the user.
*
* @param array $credentials
* @return string
*/
protected function validateAndPasswordChange($credentials)
{
$user = $this->validateChange($credentials);
if (! $user instanceof CanResetPasswordContract) {
return $user;
}
$this->setNewPassword($user, $credentials['password']);
return 'passwords.changed';
}
/**
* Validate a password change request with the given credentials.
*
* @param array $credentials
* @return \Illuminate\Contracts\Auth\CanResetPassword|string
*
* @throws \UnexpectedValueException
*/
protected function validateChange(array $credentials)
{
if (is_null($user = $this->getUser($credentials))) {
return 'passwords.invalid';
}
if (! Password::broker()->validateNewPassword($credentials)) {
return 'passwords.password';
}
if ($user && ! $user instanceof CanResetPasswordContract) {
throw new UnexpectedValueException('User must implement CanResetPassword interface.');
}
return $user;
}
/**
* Get the user with the given credentials.
*
* @param array $credentials
* @return \Illuminate\Contracts\Auth\CanResetPassword|null
*/
protected function getUser(array $credentials)
{
$user = Auth::user();
// Using current email from user, and current password sent with the request to authenticate the user
if (! Auth::attempt(['email' => $user->email, 'password' => $credentials['password_current']])) {
// authentication fails
return;
}
return $user;
}
/**
* Set the new password if all validation has passed.
*
* @param User $user
* @param string $password
* @return void
*/
protected function setNewPassword($user, $password)
{
$user->password = Hash::make($password);
$user->setRememberToken(Str::random(60));
$user->save();
Auth::guard()->login($user);
}
/**
* Get the response for a successful password change.
*
* @param string $response
* @return \Illuminate\Http\Response
*/
protected function sendChangedResponse($response)
{
return redirect($this->redirectPath())
->with('status', trans($response));
}
/**
* Get the response for a failed password change.
*
* @param string $response
* @return \Illuminate\Http\Response
*/
protected function sendChangedFailedResponse($response)
{
return redirect($this->redirectPath())
->withErrors(['password' => trans($response)]);
}
}