2016-05-20 08:57:45 +02:00
|
|
|
<?php
|
2016-05-20 12:27:31 +02:00
|
|
|
/**
|
|
|
|
|
* ProfileController.php
|
|
|
|
|
* Copyright (C) 2016 thegrumpydictator@gmail.com
|
|
|
|
|
*
|
2016-10-05 06:52:15 +02:00
|
|
|
* This software may be modified and distributed under the terms of the
|
|
|
|
|
* Creative Commons Attribution-ShareAlike 4.0 International License.
|
|
|
|
|
*
|
|
|
|
|
* See the LICENSE file for details.
|
2016-05-20 12:27:31 +02:00
|
|
|
*/
|
|
|
|
|
|
2017-03-24 11:07:38 +01:00
|
|
|
declare(strict_types=1);
|
2016-05-20 08:57:45 +02:00
|
|
|
|
|
|
|
|
namespace FireflyIII\Http\Controllers;
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2017-01-05 10:06:46 +01:00
|
|
|
use FireflyIII\Exceptions\ValidationException;
|
2017-03-24 11:07:38 +01:00
|
|
|
use FireflyIII\Http\Middleware\IsLimitedUser;
|
2015-04-22 07:54:56 +02:00
|
|
|
use FireflyIII\Http\Requests\DeleteAccountFormRequest;
|
2015-02-25 21:19:06 +01:00
|
|
|
use FireflyIII\Http\Requests\ProfileFormRequest;
|
2016-12-12 15:24:47 +01:00
|
|
|
use FireflyIII\Repositories\User\UserRepositoryInterface;
|
2017-03-24 11:07:38 +01:00
|
|
|
use FireflyIII\User;
|
2015-02-25 21:19:06 +01:00
|
|
|
use Hash;
|
2016-12-12 15:24:47 +01:00
|
|
|
use Log;
|
2015-02-25 21:19:06 +01:00
|
|
|
use Session;
|
2016-08-26 09:30:52 +02:00
|
|
|
use View;
|
2015-02-25 21:19:06 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class ProfileController
|
|
|
|
|
*
|
|
|
|
|
* @package FireflyIII\Http\Controllers
|
|
|
|
|
*/
|
|
|
|
|
class ProfileController extends Controller
|
|
|
|
|
{
|
2016-01-09 08:20:55 +01:00
|
|
|
/**
|
|
|
|
|
* ProfileController constructor.
|
|
|
|
|
*/
|
2016-01-08 18:29:47 +01:00
|
|
|
public function __construct()
|
|
|
|
|
{
|
2016-01-08 20:40:48 +01:00
|
|
|
parent::__construct();
|
2016-10-20 19:10:43 +02:00
|
|
|
|
2016-10-29 07:44:46 +02:00
|
|
|
|
|
|
|
|
$this->middleware(
|
|
|
|
|
function ($request, $next) {
|
|
|
|
|
View::share('title', trans('firefly.profile'));
|
|
|
|
|
View::share('mainTitleIcon', 'fa-user');
|
|
|
|
|
|
|
|
|
|
return $next($request);
|
|
|
|
|
}
|
|
|
|
|
);
|
2017-03-24 11:07:38 +01:00
|
|
|
$this->middleware(IsLimitedUser::class);
|
|
|
|
|
|
2016-01-08 18:29:47 +01:00
|
|
|
}
|
2015-02-25 21:19:06 +01:00
|
|
|
|
|
|
|
|
/**
|
2016-08-26 09:30:52 +02:00
|
|
|
* @return View
|
2015-02-25 21:19:06 +01:00
|
|
|
*/
|
|
|
|
|
public function changePassword()
|
|
|
|
|
{
|
2016-10-29 07:44:46 +02:00
|
|
|
$title = auth()->user()->email;
|
|
|
|
|
$subTitle = strval(trans('firefly.change_your_password'));
|
|
|
|
|
$subTitleIcon = 'fa-key';
|
|
|
|
|
|
|
|
|
|
return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
|
|
|
|
|
2015-04-22 07:54:56 +02:00
|
|
|
/**
|
2016-08-26 09:30:52 +02:00
|
|
|
* @return View
|
2015-04-22 07:54:56 +02:00
|
|
|
*/
|
|
|
|
|
public function deleteAccount()
|
|
|
|
|
{
|
2016-10-29 07:44:46 +02:00
|
|
|
$title = auth()->user()->email;
|
|
|
|
|
$subTitle = strval(trans('firefly.delete_account'));
|
|
|
|
|
$subTitleIcon = 'fa-trash';
|
|
|
|
|
|
|
|
|
|
return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon'));
|
2015-04-22 07:54:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2016-08-26 09:30:52 +02:00
|
|
|
* @return View
|
2015-04-22 07:54:56 +02:00
|
|
|
*
|
|
|
|
|
*/
|
2015-05-03 09:19:14 +02:00
|
|
|
public function index()
|
2015-04-28 15:26:30 +02:00
|
|
|
{
|
2016-10-20 19:10:43 +02:00
|
|
|
$subTitle = auth()->user()->email;
|
|
|
|
|
$userId = auth()->user()->id;
|
|
|
|
|
|
|
|
|
|
return view('profile.index', compact('subTitle', 'userId'));
|
2015-04-22 07:54:56 +02:00
|
|
|
}
|
|
|
|
|
|
2015-02-25 21:19:06 +01:00
|
|
|
/**
|
2016-12-18 17:54:11 +01:00
|
|
|
* @param ProfileFormRequest $request
|
|
|
|
|
* @param UserRepositoryInterface $repository
|
2015-05-03 12:58:55 +02:00
|
|
|
*
|
2016-12-18 17:54:11 +01:00
|
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
2015-02-25 21:19:06 +01:00
|
|
|
*/
|
2016-12-18 17:54:11 +01:00
|
|
|
public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
|
2015-02-25 21:19:06 +01:00
|
|
|
{
|
2017-03-24 11:07:38 +01:00
|
|
|
// the request has already validated both new passwords must be equal.
|
|
|
|
|
$current = $request->get('current_password');
|
|
|
|
|
$new = $request->get('new_password');
|
2017-01-05 10:06:46 +01:00
|
|
|
|
|
|
|
|
try {
|
2017-03-24 11:07:38 +01:00
|
|
|
$this->validatePassword(auth()->user(), $current, $new);
|
2017-01-05 10:06:46 +01:00
|
|
|
} catch (ValidationException $e) {
|
|
|
|
|
Session::flash('error', $e->getMessage());
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('profile.change-password'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
|
|
|
|
|
2016-12-18 17:54:11 +01:00
|
|
|
$repository->changePassword(auth()->user(), $request->get('new_password'));
|
2016-03-20 11:38:01 +01:00
|
|
|
Session::flash('success', strval(trans('firefly.password_changed')));
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2016-12-05 21:58:23 +01:00
|
|
|
return redirect(route('profile.index'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
|
|
|
|
|
2015-05-03 09:19:14 +02:00
|
|
|
/**
|
2016-12-12 15:24:47 +01:00
|
|
|
* @param UserRepositoryInterface $repository
|
2015-05-03 12:58:55 +02:00
|
|
|
* @param DeleteAccountFormRequest $request
|
2015-05-03 09:19:14 +02:00
|
|
|
*
|
2016-12-12 15:24:47 +01:00
|
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
2015-05-03 09:19:14 +02:00
|
|
|
*/
|
2016-12-12 15:24:47 +01:00
|
|
|
public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
|
2015-05-03 09:19:14 +02:00
|
|
|
{
|
2016-09-16 12:15:58 +02:00
|
|
|
if (!Hash::check($request->get('password'), auth()->user()->password)) {
|
2016-03-20 11:38:01 +01:00
|
|
|
Session::flash('error', strval(trans('firefly.invalid_password')));
|
2015-05-03 09:19:14 +02:00
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('profile.delete-account'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
2016-12-12 15:24:47 +01:00
|
|
|
$user = auth()->user();
|
|
|
|
|
Log::info(sprintf('User #%d has opted to delete their account', auth()->user()->id));
|
|
|
|
|
// make repository delete user:
|
|
|
|
|
auth()->logout();
|
2015-05-03 09:19:14 +02:00
|
|
|
Session::flush();
|
2016-12-12 15:24:47 +01:00
|
|
|
$repository->destroy($user);
|
|
|
|
|
|
2015-05-25 07:26:19 +02:00
|
|
|
Session::flash('gaEventCategory', 'user');
|
|
|
|
|
Session::flash('gaEventAction', 'delete-account');
|
2015-02-25 21:19:06 +01:00
|
|
|
|
2015-07-26 07:39:04 +02:00
|
|
|
|
2015-07-06 16:27:21 +02:00
|
|
|
return redirect(route('index'));
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
2015-05-03 09:19:14 +02:00
|
|
|
|
2017-04-09 07:44:22 +02:00
|
|
|
|
2016-01-24 15:58:16 +01:00
|
|
|
/**
|
2017-03-24 11:07:38 +01:00
|
|
|
* @param User $user
|
|
|
|
|
* @param string $current
|
2017-01-05 10:06:46 +01:00
|
|
|
* @param string $new
|
2016-01-24 15:58:16 +01:00
|
|
|
*
|
2017-01-05 10:06:46 +01:00
|
|
|
* @return bool
|
|
|
|
|
* @throws ValidationException
|
2016-01-24 15:58:16 +01:00
|
|
|
*/
|
2017-03-24 11:07:38 +01:00
|
|
|
protected function validatePassword(User $user, string $current, string $new): bool
|
2016-01-24 15:58:16 +01:00
|
|
|
{
|
2017-04-09 07:44:22 +02:00
|
|
|
if (!Hash::check($current, $user->password)) {
|
2017-03-24 11:07:38 +01:00
|
|
|
throw new ValidationException(strval(trans('firefly.invalid_current_password')));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($current === $new) {
|
2017-01-05 10:06:46 +01:00
|
|
|
throw new ValidationException(strval(trans('firefly.should_change')));
|
2016-01-24 15:58:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-03 09:19:14 +02:00
|
|
|
|
2015-02-25 21:19:06 +01:00
|
|
|
}
|
