From abb2803fbfab9e106a0338ba877a399d9f6aa5e3 Mon Sep 17 00:00:00 2001 From: soufiane Date: Mon, 19 Jun 2023 17:14:29 +0200 Subject: [PATCH] =?utf8?q?wait=20#6033=20@5:00=20Fix=20envoie=20d'email,?= =?utf8?q?=20et=20suppression=20du=20token=20une=20fois=20le=20mot=20de=20?= =?utf8?q?passe=20modifi=C3=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- app/Http/Controllers/AjaxController.php | 6 +- .../CustomResetPasswordNotification.php | 32 ++++++++ .../Client/ForgotPasswordController.php | 48 ++++++++++++ .../Client/ResetPasswordController.php | 63 ++++++++++++++++ app/Http/Controllers/ClientChangePassword.php | 29 -------- app/Http/Controllers/ClientController.php | 27 ------- app/Http/Controllers/ClientForgotPassword.php | 73 ------------------- app/Models/AuthClient.php | 5 +- app/User.php | 1 - resources/styles/common/global.styl | 7 ++ .../views/pages/forgot_password.blade.php | 2 +- routes/web.php | 9 ++- 12 files changed, 161 insertions(+), 141 deletions(-) create mode 100644 app/Http/Controllers/Client/CustomResetPasswordNotification.php create mode 100644 app/Http/Controllers/Client/ForgotPasswordController.php create mode 100644 app/Http/Controllers/Client/ResetPasswordController.php delete mode 100644 app/Http/Controllers/ClientChangePassword.php delete mode 100644 app/Http/Controllers/ClientController.php delete mode 100644 app/Http/Controllers/ClientForgotPassword.php diff --git a/app/Http/Controllers/AjaxController.php b/app/Http/Controllers/AjaxController.php index 7c8fd36..39b9a1d 100644 --- a/app/Http/Controllers/AjaxController.php +++ b/app/Http/Controllers/AjaxController.php @@ -645,12 +645,10 @@ class AjaxController extends CubistFrontController 'text' => 'required|max:255' ]); $id = $request->input('id'); - $text = $request->input('text'); + $newName = $request->input('text'); $cart = Panier::find($id); - - $cart->name = $text; - + $cart->name = $newName; $cart->save(); } diff --git a/app/Http/Controllers/Client/CustomResetPasswordNotification.php b/app/Http/Controllers/Client/CustomResetPasswordNotification.php new file mode 100644 index 0000000..626765b --- /dev/null +++ b/app/Http/Controllers/Client/CustomResetPasswordNotification.php @@ -0,0 +1,32 @@ +email = $email; + $this->token = $token; + } + + public function via($notifiable) + { + return ['mail']; + } + + public function toMail($notifiable) + { + return (new MailMessage()) + ->subject(trans('backpack::base.password_reset.subject')) + ->greeting(trans('backpack::base.password_reset.greeting')) + ->line([ + trans('backpack::base.password_reset.line_1'), + trans('backpack::base.password_reset.line_2'), + ]) + ->action(trans('backpack::base.password_reset.button'), route('password.reset').'?token='.$this->token.'&email='.urlencode($this->email)) + ->line(trans('backpack::base.password_reset.notice')); + } +} diff --git a/app/Http/Controllers/Client/ForgotPasswordController.php b/app/Http/Controllers/Client/ForgotPasswordController.php new file mode 100644 index 0000000..5930aee --- /dev/null +++ b/app/Http/Controllers/Client/ForgotPasswordController.php @@ -0,0 +1,48 @@ +validate(['email' => 'required|email']); + + $email = $request->input('email'); + $client = AuthClient::where('email', $email)->first(); + $broker = Password::broker(); + $token = $broker->createToken($client); + + if(!$client) + return back()->withErrors(['error' => 'error']); + + $status = DB::table('password_resets')->insert([ + 'email' => $email, + 'token' => $token, + 'created_at' => Carbon::now() + ]); + + $client->sendPasswordResetNotification($token); + return $this->sendResetLinkResponse($status); + } + + protected function sendResetLinkResponse($response): RedirectResponse + { + $message = __("Vous allez recevoir un e-mail vous permettant de réinitialiser votre mot de passe"); + return $response + ? back()->with(['status' => __($response), 'message' => $message]) + : back()->withErrors(['email' => __($response)]); + } +} diff --git a/app/Http/Controllers/Client/ResetPasswordController.php b/app/Http/Controllers/Client/ResetPasswordController.php new file mode 100644 index 0000000..da3a5ad --- /dev/null +++ b/app/Http/Controllers/Client/ResetPasswordController.php @@ -0,0 +1,63 @@ +findOneById(157)->getEntity(); + $email = $request->get('email'); + $token = $request->get('token'); + + $this->data['page'] = $page->getPageData(); + $this->data['title'] = 'Changer votre mot de passe'; + $this->data['token'] = $token; + $this->data['email'] = $email; + + $path = "changer-votre-mot-de-passe"; + $nav = Menu::getNavigation(); + $item = $nav->findItemWithURL($path,true); + $this->data['item'] = $item; + + return view('pages.change_password', $this->data); + } + + public function resetPassword(Request $request) { + $request['email'] = str_replace('%40', '@', $request->email); + $request->validate([ + 'token' => 'required', + 'email' => 'required|email', + 'password' => 'required|min:8|confirmed', + ]); + + $newPassword = $request->password; + $email = $request->email; + $token = $request->token; + + // Validate the token + $actualToken = DB::table('password_resets')->where('email', $email)->first(); + $tokenIsValid = Hash::check($token, $actualToken->token); + if (!$tokenIsValid) return back()->withErrors(['error' => 'error']); + + // Validate email + $client = Client::where('email', $email)->first(); + if (!$client) return redirect()->back()->withErrors(['email' => __('Email non trouvé')]); + + //Hash and update the new password + $client->password = Hash::make($newPassword); + $client->update(); + + //Delete the token + $deleted = DB::table('password_resets')->where('email', $email)->delete(); + + return redirect('/se-connecter'); + } +} diff --git a/app/Http/Controllers/ClientChangePassword.php b/app/Http/Controllers/ClientChangePassword.php deleted file mode 100644 index d387af6..0000000 --- a/app/Http/Controllers/ClientChangePassword.php +++ /dev/null @@ -1,29 +0,0 @@ -findOneById(157)->getEntity(); - $email = $request->get('email'); - $token = $request->get('token'); - - $this->data['page'] = $page->getPageData(); - $this->data['title'] = 'Changer votre mot de passe'; - $this->data['token'] = $token; - $this->data['email'] = $email; - - $path = "changer-votre-mot-de-passe"; - $nav = Menu::getNavigation(); - $item = $nav->findItemWithURL($path,true); - $this->data['item'] = $item; - - return view('pages.change_password', $this->data); - } -} diff --git a/app/Http/Controllers/ClientController.php b/app/Http/Controllers/ClientController.php deleted file mode 100644 index f89ab8f..0000000 --- a/app/Http/Controllers/ClientController.php +++ /dev/null @@ -1,27 +0,0 @@ -logout(); - - $request->session()->invalidate(); - - $request->session()->regenerateToken(); - - return redirect('/se-connecter'); - } -} diff --git a/app/Http/Controllers/ClientForgotPassword.php b/app/Http/Controllers/ClientForgotPassword.php deleted file mode 100644 index 5fd2e79..0000000 --- a/app/Http/Controllers/ClientForgotPassword.php +++ /dev/null @@ -1,73 +0,0 @@ -validate(['email' => 'required|email']); - - $status = Password::sendResetLink( - $request->only('email') - ); - - $message = __("Vous allez recevoir un e-mail vous permettant de réinitialiser votre mot de passe"); - return $status === Password::RESET_LINK_SENT - ? back()->with(['status' => __($status), 'message' => $message]) - : back()->withErrors(['email' => __($status)]); - } - - public function reset(Request $request) { - $request['email'] = str_replace('%40', '@', $request->email); - $request->validate([ - 'token' => 'required', - 'email' => 'required|email', - 'password' => 'required|min:8|confirmed', - ]); - - $password = $request->password; - $email = $request->email; - - $actualToken = DB::table('password_resets')->where('email', $request->email)->first(); - $tokenIsValid = Hash::check($request->token, $actualToken->token); - - // Validate the token - if (!$tokenIsValid) - return back()->withErrors(['error' => 'error']); - - $client = Client::where('email', $email)->first(); - if (!$client) return redirect()->back()->withErrors(['email' => 'Email non trouvé']); - - //Hash and update the new password - $client->password = Hash::make($password); - $client->update(); - - return redirect('/se-connecter'); - } -} diff --git a/app/Models/AuthClient.php b/app/Models/AuthClient.php index ea00189..e457608 100644 --- a/app/Models/AuthClient.php +++ b/app/Models/AuthClient.php @@ -2,11 +2,12 @@ namespace App\Models; use Backpack\Base\app\Notifications\ResetPasswordNotification as ResetPasswordNotification; +use Cubist\Backpack\Facades\App; use Illuminate\Auth\Passwords\CanResetPassword; use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; - +use App\Http\Controllers\Client\CustomResetPasswordNotification; class AuthClient extends Authenticatable implements CanResetPasswordContract { @@ -36,6 +37,6 @@ class AuthClient extends Authenticatable implements CanResetPasswordContract public function sendPasswordResetNotification($token) { - $this->notify((new ResetPasswordNotification($token))->locale('fr')); + $this->notify((new CustomResetPasswordNotification($this->email, $token))->locale(App::getLocale())); } } diff --git a/app/User.php b/app/User.php index f631dea..d56e2e9 100644 --- a/app/User.php +++ b/app/User.php @@ -37,5 +37,4 @@ class User extends Authenticatable { $this->notify((new ResetPasswordNotification($token))->locale(App::getLocale())); } - } diff --git a/resources/styles/common/global.styl b/resources/styles/common/global.styl index c9187e8..8c0b13e 100644 --- a/resources/styles/common/global.styl +++ b/resources/styles/common/global.styl @@ -68,3 +68,10 @@ $overlap-amount = 10vw [v-cloak] visibility: hidden display: none + +/* Change the white to any color */ +input:-webkit-autofill, +input:-webkit-autofill:hover, +input:-webkit-autofill:focus, +input:-webkit-autofill:active + -webkit-box-shadow: 0 0 0 30px white inset !important diff --git a/resources/views/pages/forgot_password.blade.php b/resources/views/pages/forgot_password.blade.php index 31ab776..157c825 100644 --- a/resources/views/pages/forgot_password.blade.php +++ b/resources/views/pages/forgot_password.blade.php @@ -8,7 +8,7 @@

Mot de passe oublié

-
@csrf diff --git a/routes/web.php b/routes/web.php index 731f3d4..f0c3b44 100644 --- a/routes/web.php +++ b/routes/web.php @@ -1,15 +1,16 @@ name('password.email'); +Route::get('/deconnexion', 'Client\ClientController@logout'); + +Route::post('/forgot-password', 'Client\ForgotPasswordController@sendResetLink')->name('password.email'); Route::get('{page}', 'PageController@catchall')->where([ 'page' => '\b(changer-votre-mot-de-passe)\b' ])->name("password.reset")->middleware('client'); -Route::get('changer-votre-mot-de-passe', 'ClientChangePassword@view')->name("password.reset")->middleware('client'); +Route::get('/changer-votre-mot-de-passe', 'Client\ResetPasswordController@view')->name("password.reset")->middleware('client'); -Route::post('/reset-password', 'ClientForgotPassword@reset')->name('password.update'); +Route::post('/reset-password', 'Client\ResetPasswordController@resetPassword')->name('password.update'); //add specific name to be simple to add active class //add middleware to secure this specific page -- 2.39.5