2021-10-01 13:40:37 +02:00
|
|
|
<?php
|
|
|
|
|
2022-03-15 14:47:07 +01:00
|
|
|
namespace App\Http\Controllers\Auth;
|
2021-10-01 13:40:37 +02:00
|
|
|
|
2022-03-28 13:45:19 +02:00
|
|
|
use App\Models\User;
|
|
|
|
use App\Services\TwoFAccountService;
|
2022-03-15 14:47:07 +01:00
|
|
|
use App\Http\Requests\UserUpdateRequest;
|
2022-03-28 13:45:19 +02:00
|
|
|
use App\Http\Requests\UserDeleteRequest;
|
2021-11-07 21:57:22 +01:00
|
|
|
use App\Api\v1\Resources\UserResource;
|
2021-10-01 13:40:37 +02:00
|
|
|
use App\Http\Controllers\Controller;
|
|
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
use Illuminate\Support\Facades\Hash;
|
2022-03-28 13:45:19 +02:00
|
|
|
use Illuminate\Support\Facades\DB;
|
|
|
|
use Illuminate\Support\Facades\Artisan;
|
2022-03-24 14:58:30 +01:00
|
|
|
use App\Exceptions\UnsupportedWithReverseProxyException;
|
2022-03-28 13:45:19 +02:00
|
|
|
use Exception;
|
2021-10-01 13:40:37 +02:00
|
|
|
|
|
|
|
class UserController extends Controller
|
|
|
|
{
|
2022-03-28 13:45:19 +02:00
|
|
|
/**
|
|
|
|
* The TwoFAccount Service instance.
|
|
|
|
*/
|
|
|
|
protected $twofaccountService;
|
|
|
|
|
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
/**
|
|
|
|
* Create a new controller instance.
|
2022-03-28 13:45:19 +02:00
|
|
|
*
|
|
|
|
* @param \App\Services\TwoFAccountService $twofaccountService
|
|
|
|
* @return void
|
2022-03-24 14:58:30 +01:00
|
|
|
*/
|
2022-03-28 13:45:19 +02:00
|
|
|
public function __construct(TwoFAccountService $twofaccountService)
|
2022-03-24 14:58:30 +01:00
|
|
|
{
|
2022-03-28 13:45:19 +02:00
|
|
|
$this->twofaccountService = $twofaccountService;
|
2022-03-24 14:58:30 +01:00
|
|
|
$authGuard = config('auth.defaults.guard');
|
|
|
|
|
|
|
|
if ($authGuard === 'reverse-proxy-guard') {
|
|
|
|
throw new UnsupportedWithReverseProxyException();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-01 13:40:37 +02:00
|
|
|
/**
|
|
|
|
* Update the user's profile information.
|
|
|
|
*
|
2022-03-28 13:45:19 +02:00
|
|
|
* @param \App\Http\Requests\UserUpdateRequest $request
|
2021-11-26 11:18:58 +01:00
|
|
|
* @return \App\Api\v1\Resources\UserResource
|
2021-10-01 13:40:37 +02:00
|
|
|
*/
|
|
|
|
public function update(UserUpdateRequest $request)
|
|
|
|
{
|
|
|
|
$user = $request->user();
|
|
|
|
$validated = $request->validated();
|
|
|
|
|
|
|
|
if (!Hash::check( $request->password, Auth::user()->password) ) {
|
|
|
|
return response()->json(['message' => __('errors.wrong_current_password')], 400);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!config('2fauth.config.isDemoApp') ) {
|
|
|
|
tap($user)->update([
|
|
|
|
'name' => $validated['name'],
|
|
|
|
'email' => $validated['email'],
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
return new UserResource($user);
|
|
|
|
}
|
2022-03-28 13:45:19 +02:00
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete the user's account.
|
|
|
|
*
|
|
|
|
* @param \App\Http\Requests\UserDeleteRequest $request
|
|
|
|
* @return \Illuminate\Http\JsonResponse
|
|
|
|
*/
|
|
|
|
public function delete(UserDeleteRequest $request)
|
|
|
|
{
|
|
|
|
$validated = $request->validated();
|
|
|
|
|
|
|
|
if (!Hash::check( $validated['password'], Auth::user()->password) ) {
|
|
|
|
return response()->json(['message' => __('errors.wrong_current_password')], 400);
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
DB::transaction(function () {
|
|
|
|
DB::table('twofaccounts')->delete();
|
|
|
|
DB::table('groups')->delete();
|
|
|
|
DB::table('options')->delete();
|
|
|
|
DB::table('web_authn_credentials')->delete();
|
|
|
|
DB::table('web_authn_recoveries')->delete();
|
|
|
|
DB::table('oauth_access_tokens')->delete();
|
|
|
|
DB::table('oauth_auth_codes')->delete();
|
|
|
|
DB::table('oauth_clients')->delete();
|
|
|
|
DB::table('oauth_personal_access_clients')->delete();
|
|
|
|
DB::table('oauth_refresh_tokens')->delete();
|
|
|
|
DB::table('password_resets')->delete();
|
|
|
|
DB::table('users')->delete();
|
|
|
|
});
|
|
|
|
|
|
|
|
Artisan::call('passport:install --force');
|
|
|
|
Artisan::call('config:clear');
|
|
|
|
}
|
|
|
|
catch (\Throwable $e) {
|
|
|
|
return response()->json(['message' => __('errors.user_deletion_failed')], 400);
|
|
|
|
}
|
|
|
|
|
|
|
|
return response()->json(null, 204);
|
|
|
|
}
|
2021-10-01 13:40:37 +02:00
|
|
|
}
|