public function handle(UserRepository $userRepo, HistoryLogger $logger)
{
$model = User::findOrFail($this->id);
$model->email = $this->email;
$model->name = $this->name;
$model->surname = $this->surname;
if ($this->group) {
if ($this->isBecomingNonAdmin($model) && $userRepo->isLastAdmin($model)) {
throw new HttpResponseException(new JsonResponse('You cannot change this user group.', 419));
}
$model->group = $this->group;
}
$logger->log('user', 'Updated user details.', $model->id);
if (!is_null($this->password)) {
$logger->log('user', 'Changed user password.', $model->id);
$model->password = Hash::make($this->password);
}
$model->save();
return $model;
}
/**
* Store a newly created resource in storage.
*
* @param HistoryLogger $logger
* @return Response
*/
public function store(HistoryLogger $logger)
{
$oldPassword = Input::get('old');
$newPassword = Input::get('new');
if (!Hash::check($oldPassword, Auth::user()->password)) {
return Response::make('Old password does not match.', 419);
}
if ($newPassword != Input::get('repeat')) {
return Response::make('New passwords do not match.', 419);
}
try {
$model = User::findOrFail(Auth::user()->id);
$model->password = Hash::make($newPassword);
$rsa = $model->rsaKey;
$rsa->private = (new PrivateKey($rsa->private))->unlock(md5($oldPassword))->lock($newPassword)->getKey();
$rsa->save();
$model->save();
$logger->log('auth', 'User changed password.', Auth::user()->id);
} catch (\RuntimeException $e) {
return Response::make('Incorrect old password for private key.', 419);
}
}