2016-05-20 08:57:45 +02:00
|
|
|
<?php
|
2022-12-29 19:41:57 +01:00
|
|
|
|
2016-05-20 12:27:31 +02:00
|
|
|
/**
|
|
|
|
|
* ProfileController.php
|
2020-01-31 07:32:04 +01:00
|
|
|
* Copyright (c) 2019 james@firefly-iii.org
|
2016-05-20 12:27:31 +02:00
|
|
|
*
|
2019-10-02 06:37:26 +02:00
|
|
|
* This file is part of Firefly III (https://github.com/firefly-iii).
|
2016-10-05 06:52:15 +02:00
|
|
|
*
|
2019-10-02 06:37:26 +02:00
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
|
* License, or (at your option) any later version.
|
2017-10-21 08:40:00 +02:00
|
|
|
*
|
2019-10-02 06:37:26 +02:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
2017-10-21 08:40:00 +02:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2019-10-02 06:37:26 +02:00
|
|
|
* GNU Affero General Public License for more details.
|
2017-10-21 08:40:00 +02:00
|
|
|
*
|
2019-10-02 06:37:26 +02:00
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
2016-05-20 12:27:31 +02:00
|
|
|
*/
|
2017-03-24 11:07:38 +01:00
|
|
|
declare(strict_types=1);
|
2016-05-20 08:57:45 +02:00
|
|
|
|
|
|
|
|
namespace FireflyIII\Http\Controllers;
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
use FireflyIII\Events\UserChangedEmail;
|
|
|
|
|
use FireflyIII\Exceptions\FireflyException;
|
2017-01-05 10:06:46 +01:00
|
|
|
use FireflyIII\Exceptions\ValidationException;
|
2017-12-19 19:25:50 +01:00
|
|
|
use FireflyIII\Http\Middleware\IsDemoUser;
|
2015-04-22 07:54:56 +02:00
|
|
|
use FireflyIII\Http\Requests\DeleteAccountFormRequest;
|
2017-09-26 08:52:16 +02:00
|
|
|
use FireflyIII\Http\Requests\EmailFormRequest;
|
2015-02-25 21:19:06 +01:00
|
|
|
use FireflyIII\Http\Requests\ProfileFormRequest;
|
2017-09-26 08:52:16 +02:00
|
|
|
use FireflyIII\Models\Preference;
|
2016-12-12 15:24:47 +01:00
|
|
|
use FireflyIII\Repositories\User\UserRepositoryInterface;
|
2018-08-10 17:05:37 +02:00
|
|
|
use FireflyIII\Support\Http\Controllers\CreateStuff;
|
2017-03-24 11:07:38 +01:00
|
|
|
use FireflyIII\User;
|
2021-09-18 10:20:19 +02:00
|
|
|
use Illuminate\Auth\AuthenticationException;
|
2017-11-25 08:54:52 +01:00
|
|
|
use Illuminate\Contracts\Auth\Guard;
|
2021-05-24 08:54:58 +02:00
|
|
|
use Illuminate\Contracts\Foundation\Application;
|
2020-03-17 15:01:00 +01:00
|
|
|
use Illuminate\Contracts\View\Factory;
|
|
|
|
|
use Illuminate\Http\RedirectResponse;
|
2018-10-13 15:06:56 +02:00
|
|
|
use Illuminate\Http\Request;
|
2020-03-17 15:01:00 +01:00
|
|
|
use Illuminate\Routing\Redirector;
|
2018-07-09 19:24:08 +02:00
|
|
|
use Illuminate\Support\Collection;
|
2025-02-16 19:32:50 +01:00
|
|
|
use Illuminate\Support\Facades\DB;
|
2020-03-17 15:01:00 +01:00
|
|
|
use Illuminate\View\View;
|
2018-04-02 15:17:03 +02:00
|
|
|
use Laravel\Passport\ClientRepository;
|
2015-02-25 21:19:06 +01:00
|
|
|
|
|
|
|
|
/**
|
2017-11-15 12:25:49 +01:00
|
|
|
* Class ProfileController.
|
2017-11-25 08:54:52 +01:00
|
|
|
*
|
|
|
|
|
* @method Guard guard()
|
2015-02-25 21:19:06 +01:00
|
|
|
*/
|
|
|
|
|
class ProfileController extends Controller
|
|
|
|
|
{
|
2021-04-06 17:00:16 +02:00
|
|
|
use CreateStuff;
|
2018-08-09 19:44:36 +02:00
|
|
|
|
2020-10-13 06:48:11 +02:00
|
|
|
protected bool $internalAuth;
|
2020-06-11 17:55:38 +02:00
|
|
|
|
2016-01-09 08:20:55 +01:00
|
|
|
/**
|
|
|
|
|
* ProfileController constructor.
|
|
|
|
|
*/
|
2016-01-08 18:29:47 +01:00
|
|
|
public function __construct()
|
|
|
|
|
{
|
2016-01-08 20:40:48 +01:00
|
|
|
parent::__construct();
|
2016-10-20 19:10:43 +02:00
|
|
|
|
2016-10-29 07:44:46 +02:00
|
|
|
$this->middleware(
|
2019-07-21 17:15:06 +02:00
|
|
|
static function ($request, $next) {
|
2024-12-22 08:43:12 +01:00
|
|
|
app('view')->share('title', (string) trans('firefly.profile'));
|
2017-12-16 19:46:36 +01:00
|
|
|
app('view')->share('mainTitleIcon', 'fa-user');
|
2016-10-29 07:44:46 +02:00
|
|
|
|
|
|
|
|
return $next($request);
|
|
|
|
|
}
|
|
|
|
|
);
|
2023-06-10 16:21:01 +02:00
|
|
|
$authGuard = config('firefly.authentication_guard');
|
|
|
|
|
$this->internalAuth = 'web' === $authGuard;
|
2023-10-29 06:33:43 +01:00
|
|
|
app('log')->debug(sprintf('ProfileController::__construct(). Authentication guard is "%s"', $authGuard));
|
2018-10-13 15:06:56 +02:00
|
|
|
|
2017-12-19 19:25:50 +01:00
|
|
|
$this->middleware(IsDemoUser::class)->except(['index']);
|
2016-01-08 18:29:47 +01:00
|
|
|
}
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Screen to confirm email change.
|
|
|
|
|
*
|
2020-08-14 09:59:56 +02:00
|
|
|
* @throws FireflyException
|
2017-09-26 08:52:16 +02:00
|
|
|
*/
|
2023-12-20 19:35:52 +01:00
|
|
|
public function confirmEmailChange(UserRepositoryInterface $repository, string $token): Redirector|RedirectResponse
|
2017-09-26 08:52:16 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
|
2018-10-13 15:06:56 +02:00
|
|
|
}
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
// find preference with this token value.
|
2018-07-09 19:24:08 +02:00
|
|
|
/** @var Collection $set */
|
2018-07-14 16:08:34 +02:00
|
|
|
$set = app('preferences')->findByName('email_change_confirm_token');
|
2017-09-26 08:52:16 +02:00
|
|
|
$user = null;
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/** @var Preference $preference */
|
|
|
|
|
foreach ($set as $preference) {
|
|
|
|
|
if ($preference->data === $token) {
|
|
|
|
|
$user = $preference->user;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// update user to clear blocked and blocked_code.
|
2017-11-15 12:25:49 +01:00
|
|
|
if (null === $user) {
|
2017-09-26 08:52:16 +02:00
|
|
|
throw new FireflyException('Invalid token.');
|
|
|
|
|
}
|
2017-12-17 14:06:14 +01:00
|
|
|
$repository->unblockUser($user);
|
2017-09-26 08:52:16 +02:00
|
|
|
|
2022-12-31 13:32:42 +01:00
|
|
|
// return to log in.
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.login_with_new_email'));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
return redirect(route('login'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-22 07:54:56 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Delete your account view.
|
2015-04-22 07:54:56 +02:00
|
|
|
*/
|
2023-12-20 19:35:52 +01:00
|
|
|
public function deleteAccount(Request $request): RedirectResponse|View
|
2015-04-22 07:54:56 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
|
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
2018-10-13 15:06:56 +02:00
|
|
|
}
|
2016-10-29 07:44:46 +02:00
|
|
|
$title = auth()->user()->email;
|
2024-12-22 08:43:12 +01:00
|
|
|
$subTitle = (string) trans('firefly.delete_account');
|
2016-10-29 07:44:46 +02:00
|
|
|
$subTitleIcon = 'fa-trash';
|
|
|
|
|
|
2022-01-29 14:11:12 +01:00
|
|
|
return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon'));
|
2015-04-22 07:54:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Index for profile.
|
|
|
|
|
*
|
2021-05-24 08:54:58 +02:00
|
|
|
* @throws FireflyException
|
2015-04-22 07:54:56 +02:00
|
|
|
*/
|
2023-12-20 19:35:52 +01:00
|
|
|
public function index(): Factory|View
|
2015-04-28 15:26:30 +02:00
|
|
|
{
|
2019-08-03 19:57:24 +02:00
|
|
|
/** @var User $user */
|
2023-06-10 16:21:01 +02:00
|
|
|
$user = auth()->user();
|
|
|
|
|
$isInternalAuth = $this->internalAuth;
|
2025-02-16 19:32:50 +01:00
|
|
|
$count = DB::table('oauth_clients')->where('personal_access_client', true)->whereNull('user_id')->count();
|
2023-06-10 16:21:01 +02:00
|
|
|
$subTitle = $user->email;
|
|
|
|
|
$userId = $user->id;
|
|
|
|
|
$enabled2FA = null !== $user->mfa_secret;
|
2023-11-28 04:45:07 +01:00
|
|
|
$recoveryData = app('preferences')->get('mfa_recovery', [])->data;
|
|
|
|
|
if (!is_array($recoveryData)) {
|
|
|
|
|
$recoveryData = [];
|
|
|
|
|
}
|
|
|
|
|
$mfaBackupCount = count($recoveryData);
|
2018-04-02 15:26:33 +02:00
|
|
|
$this->createOAuthKeys();
|
|
|
|
|
|
2018-07-08 07:59:58 +02:00
|
|
|
if (0 === $count) {
|
2018-04-02 15:17:03 +02:00
|
|
|
/** @var ClientRepository $repository */
|
|
|
|
|
$repository = app(ClientRepository::class);
|
2023-12-20 19:35:52 +01:00
|
|
|
$repository->createPersonalAccessClient(null, config('app.name').' Personal Access Client', 'http://localhost');
|
2018-04-02 15:17:03 +02:00
|
|
|
}
|
2016-10-20 19:10:43 +02:00
|
|
|
|
2024-01-01 14:43:56 +01:00
|
|
|
$accessToken = app('preferences')->get('access_token');
|
2017-11-15 12:25:49 +01:00
|
|
|
if (null === $accessToken) {
|
2018-07-09 19:24:08 +02:00
|
|
|
$token = $user->generateAccessToken();
|
2018-07-14 16:08:34 +02:00
|
|
|
$accessToken = app('preferences')->set('access_token', $token);
|
2017-09-14 18:27:22 +02:00
|
|
|
}
|
|
|
|
|
|
2022-01-29 14:11:12 +01:00
|
|
|
return view(
|
2022-10-30 14:24:19 +01:00
|
|
|
'profile.index',
|
2023-06-10 16:21:01 +02:00
|
|
|
compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth')
|
2021-04-06 17:00:16 +02:00
|
|
|
);
|
2019-08-04 07:21:11 +02:00
|
|
|
}
|
|
|
|
|
|
2023-12-20 19:35:52 +01:00
|
|
|
public function logoutOtherSessions(): Factory|RedirectResponse|View
|
2021-09-18 10:26:12 +02:00
|
|
|
{
|
|
|
|
|
if (!$this->internalAuth) {
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('info', (string) trans('firefly.external_auth_disabled'));
|
2021-09-18 10:26:12 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-29 14:11:12 +01:00
|
|
|
return view('profile.logout-other-sessions');
|
2021-09-18 10:26:12 +02:00
|
|
|
}
|
|
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Submit the change email form.
|
2017-09-26 08:52:16 +02:00
|
|
|
*/
|
2023-12-20 19:35:52 +01:00
|
|
|
public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository): Factory|Redirector|RedirectResponse
|
2017-09-26 08:52:16 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
2018-10-13 15:06:56 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/** @var User $user */
|
|
|
|
|
$user = auth()->user();
|
2022-05-02 19:35:35 +02:00
|
|
|
$newEmail = $request->convertString('email');
|
2017-09-26 08:52:16 +02:00
|
|
|
$oldEmail = $user->email;
|
|
|
|
|
if ($newEmail === $user->email) {
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('error', (string) trans('firefly.email_not_changed'));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.change-email'))->withInput();
|
|
|
|
|
}
|
|
|
|
|
$existing = $repository->findByEmail($newEmail);
|
2017-11-15 12:25:49 +01:00
|
|
|
if (null !== $existing) {
|
2017-09-26 08:52:16 +02:00
|
|
|
// force user logout.
|
2023-12-20 19:35:52 +01:00
|
|
|
\Auth::guard()->logout(); // @phpstan-ignore-line (does not recognize function)
|
2017-09-26 08:52:16 +02:00
|
|
|
$request->session()->invalidate();
|
|
|
|
|
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.email_changed'));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
return redirect(route('index'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// now actually update user:
|
|
|
|
|
$repository->changeEmail($user, $newEmail);
|
|
|
|
|
|
2022-03-29 12:45:48 +02:00
|
|
|
event(new UserChangedEmail($user, $newEmail, $oldEmail));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
// force user logout.
|
2023-12-20 19:35:52 +01:00
|
|
|
\Auth::guard()->logout(); // @phpstan-ignore-line (does not recognize function)
|
2017-09-26 08:52:16 +02:00
|
|
|
$request->session()->invalidate();
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.email_changed'));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
return redirect(route('index'));
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-21 12:34:58 +02:00
|
|
|
/**
|
|
|
|
|
* Change your email address.
|
|
|
|
|
*/
|
2023-12-20 19:35:52 +01:00
|
|
|
public function changeEmail(Request $request): Factory|RedirectResponse|View
|
2023-06-21 12:34:58 +02:00
|
|
|
{
|
|
|
|
|
if (!$this->internalAuth) {
|
|
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
|
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$title = auth()->user()->email;
|
|
|
|
|
$email = auth()->user()->email;
|
2024-12-22 08:43:12 +01:00
|
|
|
$subTitle = (string) trans('firefly.change_your_email');
|
2023-06-21 12:34:58 +02:00
|
|
|
$subTitleIcon = 'fa-envelope';
|
|
|
|
|
|
|
|
|
|
return view('profile.change-email', compact('title', 'subTitle', 'subTitleIcon', 'email'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-25 21:19:06 +01:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Submit change password form.
|
|
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Redirector|RedirectResponse
|
2015-02-25 21:19:06 +01:00
|
|
|
*/
|
2016-12-18 17:54:11 +01:00
|
|
|
public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
|
2015-02-25 21:19:06 +01:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
2018-10-13 15:06:56 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-24 11:07:38 +01:00
|
|
|
// the request has already validated both new passwords must be equal.
|
|
|
|
|
$current = $request->get('current_password');
|
|
|
|
|
$new = $request->get('new_password');
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2018-07-09 19:24:08 +02:00
|
|
|
/** @var User $user */
|
2024-01-01 14:43:56 +01:00
|
|
|
$user = auth()->user();
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-01-05 10:06:46 +01:00
|
|
|
try {
|
2018-07-09 19:24:08 +02:00
|
|
|
$this->validatePassword($user, $current, $new);
|
2017-01-05 10:06:46 +01:00
|
|
|
} catch (ValidationException $e) {
|
2018-04-22 17:10:11 +02:00
|
|
|
session()->flash('error', $e->getMessage());
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('profile.change-password'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
|
|
|
|
|
2018-07-09 19:24:08 +02:00
|
|
|
$repository->changePassword($user, $request->get('new_password'));
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.password_changed'));
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2016-12-05 21:58:23 +01:00
|
|
|
return redirect(route('profile.index'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
|
|
|
|
|
2023-06-21 12:34:58 +02:00
|
|
|
/**
|
|
|
|
|
* Change your password.
|
|
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Factory|Redirector|RedirectResponse|View
|
2023-06-21 12:34:58 +02:00
|
|
|
*/
|
|
|
|
|
public function changePassword(Request $request)
|
|
|
|
|
{
|
|
|
|
|
if (!$this->internalAuth) {
|
|
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
|
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$title = auth()->user()->email;
|
2024-12-22 08:43:12 +01:00
|
|
|
$subTitle = (string) trans('firefly.change_your_password');
|
2023-06-21 12:34:58 +02:00
|
|
|
$subTitleIcon = 'fa-key';
|
|
|
|
|
|
|
|
|
|
return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-03 09:19:14 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Submit delete account.
|
|
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Redirector|RedirectResponse
|
2015-05-03 09:19:14 +02:00
|
|
|
*/
|
2016-12-12 15:24:47 +01:00
|
|
|
public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
|
2015-05-03 09:19:14 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
|
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-20 19:35:52 +01:00
|
|
|
if (!\Hash::check($request->get('password'), auth()->user()->password)) {
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('error', (string) trans('firefly.invalid_password'));
|
2015-05-03 09:19:14 +02:00
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('profile.delete-account'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2018-07-09 19:24:08 +02:00
|
|
|
/** @var User $user */
|
2016-12-12 15:24:47 +01:00
|
|
|
$user = auth()->user();
|
2023-10-29 06:31:27 +01:00
|
|
|
app('log')->info(sprintf('User #%d has opted to delete their account', auth()->user()->id));
|
2016-12-12 15:24:47 +01:00
|
|
|
// make repository delete user:
|
|
|
|
|
auth()->logout();
|
2018-04-22 17:12:22 +02:00
|
|
|
session()->flush();
|
2016-12-12 15:24:47 +01:00
|
|
|
$repository->destroy($user);
|
|
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('index'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
2015-05-03 09:19:14 +02:00
|
|
|
|
2021-09-18 10:26:12 +02:00
|
|
|
/**
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Application|Redirector|RedirectResponse
|
2021-09-18 10:26:12 +02:00
|
|
|
*
|
|
|
|
|
* @throws AuthenticationException
|
|
|
|
|
*/
|
|
|
|
|
public function postLogoutOtherSessions(Request $request)
|
|
|
|
|
{
|
|
|
|
|
if (!$this->internalAuth) {
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('info', (string) trans('firefly.external_auth_disabled'));
|
2021-09-18 10:26:12 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
$creds = [
|
|
|
|
|
'email' => auth()->user()->email,
|
|
|
|
|
'password' => $request->get('password'),
|
|
|
|
|
];
|
2023-12-20 19:35:52 +01:00
|
|
|
if (\Auth::once($creds)) {
|
|
|
|
|
\Auth::logoutOtherDevices($request->get('password'));
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('info', (string) trans('firefly.other_sessions_logged_out'));
|
2021-09-18 10:26:12 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('error', (string) trans('auth.failed'));
|
2021-09-18 10:26:12 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-14 18:27:22 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Regenerate access token.
|
2018-08-06 19:14:30 +02:00
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Redirector|RedirectResponse
|
2021-05-24 08:54:58 +02:00
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @throws \Exception
|
2017-09-14 18:27:22 +02:00
|
|
|
*/
|
2020-06-11 17:55:38 +02:00
|
|
|
public function regenerate(Request $request)
|
2017-09-14 18:27:22 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
|
|
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-09 19:24:08 +02:00
|
|
|
/** @var User $user */
|
2018-07-13 15:50:42 +02:00
|
|
|
$user = auth()->user();
|
2018-07-09 19:24:08 +02:00
|
|
|
$token = $user->generateAccessToken();
|
2018-07-14 16:08:34 +02:00
|
|
|
app('preferences')->set('access_token', $token);
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.token_regenerated'));
|
2017-09-14 18:27:22 +02:00
|
|
|
|
|
|
|
|
return redirect(route('profile.index'));
|
|
|
|
|
}
|
2017-04-09 07:44:22 +02:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/**
|
2018-07-22 08:10:16 +02:00
|
|
|
* Undo change of user email address.
|
|
|
|
|
*
|
2023-12-20 19:35:52 +01:00
|
|
|
* @return Redirector|RedirectResponse
|
2020-03-17 15:01:00 +01:00
|
|
|
*
|
2020-08-14 09:59:56 +02:00
|
|
|
* @throws FireflyException
|
2017-09-26 08:52:16 +02:00
|
|
|
*/
|
2017-12-17 14:06:14 +01:00
|
|
|
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
|
2017-09-26 08:52:16 +02:00
|
|
|
{
|
2023-06-10 16:21:01 +02:00
|
|
|
if (!$this->internalAuth) {
|
2020-06-11 17:55:38 +02:00
|
|
|
throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
|
2018-10-13 15:06:56 +02:00
|
|
|
}
|
|
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
// find preference with this token value.
|
2024-01-01 14:43:56 +01:00
|
|
|
$set = app('preferences')->findByName('email_change_undo_token');
|
|
|
|
|
$user = null;
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
/** @var Preference $preference */
|
|
|
|
|
foreach ($set as $preference) {
|
|
|
|
|
if ($preference->data === $token) {
|
|
|
|
|
$user = $preference->user;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-11-15 12:25:49 +01:00
|
|
|
if (null === $user) {
|
2017-09-26 08:52:16 +02:00
|
|
|
throw new FireflyException('Invalid token.');
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-20 14:34:56 +02:00
|
|
|
// found user.which email address to return to?
|
2024-01-01 14:43:56 +01:00
|
|
|
$set = app('preferences')->beginsWith($user, 'previous_email_');
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-12-17 14:06:14 +01:00
|
|
|
/** @var string $match */
|
2017-09-26 08:52:16 +02:00
|
|
|
$match = null;
|
|
|
|
|
foreach ($set as $entry) {
|
2024-12-22 08:43:12 +01:00
|
|
|
$hashed = hash('sha256', sprintf('%s%s', (string) config('app.key'), $entry->data));
|
2017-09-26 08:52:16 +02:00
|
|
|
if ($hashed === $hash) {
|
|
|
|
|
$match = $entry->data;
|
2023-12-20 19:35:52 +01:00
|
|
|
|
2017-09-26 08:52:16 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-11-15 12:25:49 +01:00
|
|
|
if (null === $match) {
|
2017-09-26 08:52:16 +02:00
|
|
|
throw new FireflyException('Invalid token.');
|
|
|
|
|
}
|
|
|
|
|
// change user back
|
2017-12-17 14:06:14 +01:00
|
|
|
// now actually update user:
|
|
|
|
|
$repository->changeEmail($user, $match);
|
|
|
|
|
$repository->unblockUser($user);
|
2017-09-26 08:52:16 +02:00
|
|
|
|
2024-10-08 07:21:23 +02:00
|
|
|
// return to login page.
|
2024-12-22 08:43:12 +01:00
|
|
|
session()->flash('success', (string) trans('firefly.login_with_old_email'));
|
2017-09-26 08:52:16 +02:00
|
|
|
|
|
|
|
|
return redirect(route('login'));
|
|
|
|
|
}
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
