/**
* Handle a POST request to login the User.
*
* @return Response
*
* @throws \RuntimeException
*/
public function store()
{
$input = Input::only('username', 'realname', 'email', 'password', 'password_confirmation');
// Verify the submitted reCAPTCHA
if (!ReCaptcha::check()) {
$status = __d('users', 'Invalid reCAPTCHA submitted.');
return Redirect::back()->withStatus($status, 'danger');
}
// Create a Validator instance.
$validator = $this->validate($input);
if ($validator->fails()) {
// Errors occurred on Validation.
$status = $validator->errors();
return Redirect::back()->withInput()->withStatus($status, 'danger');
}
// Encrypt the given Password.
$password = Hash::make($input['password']);
// Create the Activation code.
$email = $input['email'];
$token = $this->createNewToken($email);
// Retrieve the default 'user' Role.
$role = Role::where('slug', 'user')->first();
if ($role === null) {
throw new \RuntimeException('Default Role not found.');
}
// Create the User record.
$user = User::create(array('username' => $input['username'], 'realname' => $input['realname'], 'email' => $email, 'password' => $password, 'activation_code' => $token, 'role_id' => $role->getKey()));
// Send the associated Activation E-mail.
Mailer::send('Emails/Auth/Activate', array('token' => $token), function ($message) use($user) {
$subject = __d('users', 'Activate your Account!');
$message->to($user->email, $user->realname);
$message->subject($subject);
});
// Prepare the flash message.
$status = __d('users', 'Your Account has been created. We have sent you an E-mail to activate your Account.');
return Redirect::to('register/status')->withStatus($status);
}
/**
* Handle a POST request to reset a User's password.
*
* @return Response
*/
public function postReset()
{
// Verify the reCAPTCHA
if (!ReCaptcha::check()) {
$status = __d('users', 'Invalid reCAPTCHA submitted.');
return Redirect::back()->withStatus($status, 'danger');
}
$credentials = Input::only('email', 'password', 'password_confirmation', 'token');
// Add to Password Broker a custom validation.
Password::validator(function ($credentials) {
$pattern = "/(?=^.{8,}\$)((?=.*\\d)|(?=.*\\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*\$/";
return preg_match($pattern, $credentials['password']) === 1;
});
$response = Password::reset($credentials, function ($user, $password) {
$user->password = Hash::make($password);
$user->save();
});
// Parse the response.
switch ($response) {
case Password::INVALID_PASSWORD:
$status = __d('users', 'Passwords must be strong enough and match the confirmation.');
break;
case Password::INVALID_TOKEN:
$status = __d('users', 'This password reset token is invalid.');
break;
case Password::INVALID_USER:
$status = __d('users', 'We can\'t find a User with that e-mail address.');
break;
case Password::PASSWORD_RESET:
$status = __d('users', 'You have successfully reset your Password.');
return Redirect::to('login')->withStatus($status);
}
return Redirect::back()->withStatus($status, 'danger');
}