public function postResetKey(Request $request) { do { $newKey = str_random(Helpers::API_KEY_LENGTH); } while (User::whereApikey($newKey)->first()); $user = $request->user(); $user->fill(['apikey' => $newKey])->save(); flash()->success(trans('messages.api_key_changed', ['api_key' => $newKey]))->important(); $passwordRoute = route('account.password.email'); Mail::queue(['text' => 'emails.user.api_key_reset'], compact('user', 'passwordRoute'), function (Message $message) use($user) { $message->subject('API Key Reset'); $message->to($user->email); }); return redirect()->route('account'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle(Request $request, Closure $next) { if (!$request->has('key')) { return response()->json(['missing_api_key'], StatusCode::UNAUTHORIZED); } $apiKey = $request->input('key'); $user = User::whereApikey($apiKey)->first(); if (!$user) { return response()->json(['invalid_api_key'], StatusCode::UNAUTHORIZED); } if (config('upste.require_email_verification') && !$user->confirmed) { return response()->json(['email_not_confirmed'], StatusCode::UNAUTHORIZED); } if (config('upste.require_user_approval') && !$user->enabled) { return response()->json(['account_not_approved'], StatusCode::UNAUTHORIZED); } if ($user->banned) { return response()->json(['user_banned'], StatusCode::UNAUTHORIZED); } Auth::onceUsingId($user->id); return $next($request); }
/** * Create a new account instance after a valid registration. * * @param array $data * @return User */ protected function create(array $data) { do { $apiKey = str_random(Helpers::API_KEY_LENGTH); } while (User::whereApikey($apiKey)->first()); do { $confirmationCode = str_random(32); } while (User::whereConfirmationCode($confirmationCode)->first()); $firstUser = DB::table('users')->count() == 0; $confirmed = $firstUser || !config('upste.require_email_verification'); $enabled = $firstUser || !config('upste.require_user_approval'); $user = User::create(['name' => $data['name'], 'email' => $data['email'], 'apikey' => $apiKey, 'password' => Hash::make($data['password'], ['rounds' => config('upste.password_hash_rounds')]), 'confirmed' => $confirmed, 'confirmation_code' => $confirmed ? null : $confirmationCode, 'admin' => $firstUser, 'enabled' => $enabled]); UserPreferences::create(['user_id' => $user->id]); return $user; }