public function setUp()
{
$this->manager = $this->getManager();
parent::setUp();
$this->user = $this->userRepository->create(new \App\User(['username' => $this->faker->userName, 'email' => $this->faker->safeEmail, 'password' => $this->faker->password()]));
$this->group = $this->groupRepository->create(new \App\Group(['name' => uniqid()]));
$this->role = $this->roleRepository->create(new \App\Role(['name' => uniqid(), 'filter' => 'A']));
$this->roleRevoke = $this->roleRepository->create(new \App\Role(['name' => uniqid(), 'filter' => 'R']));
$this->permissionFirst = $this->permissionRepository->create(new \App\Permission(['area' => uniqid(), 'permission' => uniqid(), 'description' => 'test']));
$this->permissionSecond = $this->permissionRepository->create(new \App\Permission(['area' => uniqid(), 'permission' => uniqid(), 'description' => 'test']));
$this->initiate();
}
public function register(Request $request)
{
$rules = $this->userRepository->getModel()->getRules();
$rules['password'] .= '|confirmed';
$validator = Validator::make($request->all(), $rules);
if ($validator->fails()) {
return redirect(route('auth.registerForm'))->withErrors($validator)->withInput();
}
$inputs = $request->all();
$user = new \App\User();
$user->username = $inputs['username'];
$user->password = \Hash::make($inputs['password']);
$user->email = $inputs['email'];
$user = $this->userRepository->create($user, false);
$this->dispatch(new AccountCreated($user));
$request->session()->flash('success', 'auth.account_created');
return redirect(route('auth.login', ['username' => $user->username]));
}
/**
* @param $firstName
* @param $lastName
* @param $email
* @return \Illuminate\Database\Eloquent\Model
*/
protected function createUser($firstName, $lastName, $email)
{
$user = new User();
// generate an ldap like name
$initialUsername = $username = strtolower(substr($firstName, 0, 1) . str_replace([' ', '-', ''], '', $lastName));
// handle name conflicts
$i = 1;
while ($this->repository->exists(['username' => $username])) {
$username = $initialUsername . $i;
$i++;
}
$user->username = $username;
$user->email = $email;
// fake random password
$user->password = Hash::make(str_random(30));
return $this->repository->create($user);
}
/**
* @param Request $request
*
* @return $this|\Illuminate\Http\RedirectResponse|\Laravel\Lumen\Http\Redirector
*/
public function changeLostPassword(Request $request)
{
$validator = Validator::make($request->all(), ['user_id' => 'required', 'token' => 'required', 'password' => $this->userRepository->getModel()->getRules()['password'] . '|confirmed']);
if ($validator->fails()) {
return redirect(route('auth.lostPasswordForm'))->withErrors($validator)->withInput();
}
$token = Input::get('token', false);
try {
$decryptToken = Crypt::decrypt($token);
// try to find the user with the user id and the decrypt token, this will check the token existence
$users = $this->userRepository->where(['id' => Input::get('user_id', false), 'lost_password_token' => $decryptToken]);
if ($users->count() !== 1) {
$request->session()->flash('error', 'auth.user_not_found');
return redirect(route('auth.lostPasswordForm', ['error' => true]));
}
$user = $users->first();
// use a constant for the time validity of the token
if (Carbon::now()->diffInHours($user->lost_password_token_created_at) > 2) {
$request->session()->flash('error', 'auth.token_expired');
return redirect(route('auth.lostPasswordForm'));
}
// remove token
$user->lost_password_token = null;
$user->lost_password_token_created_at = null;
// hash new password
$user->password = \Hash::make(Input::get('password'));
$this->userRepository->update($user);
} catch (ValidationException $e) {
$request->session()->flash('error', 'auth.user_error_update');
return redirect(route('auth.changeLostPasswordForm'));
} catch (DecryptException $e) {
$request->session()->flash('error', 'auth.token_not_valid');
return redirect(route('auth.lostPasswordForm'));
}
$request->session()->flash('success', 'auth.password_changed');
return redirect(route('auth.login'));
}
