Exemplo n.º 1
0
 /**
  * Confirms email and token then updates user email address status.
  *
  * @return Response
  */
 public function getEmailConfirmation($email, $token)
 {
     $emailChg = UserEmailChange::where('email', '=', $email)->where('token', '=', $token)->where('confirmed', '=', false)->orderBy('created_at', 'desc')->first();
     if ($emailChg instanceof UserEmailChange) {
         $limitDateTime = new \DateTime();
         $limitDateTime->sub(new \DateInterval('P7D'));
         $user = Auth::check() ? Auth::user() : User::find($emailChg->user_id);
         // If $user->email == $emailChg->email, it's the first time.
         // No need to check expiry date then
         if ($user->email == $emailChg->email or $emailChg->created_at >= $limitDateTime) {
             // Update user email, if changed since registration
             if ($user->email != $emailChg->email) {
                 $user->email = $emailChg->email;
                 $user->save();
             }
             // Update email status
             $emailChg->confirmed = true;
             $emailChg->save();
             $this->setFlashMessage('success', 'Your email is verified. You may now login if you didn\'t already.');
         } else {
             $this->setFlashMessage('danger', 'Your request is no longer valid. Please contact us or submit a new one.');
         }
     } else {
         // redirect
         $this->setFlashMessage('danger', 'We could not confirm your email address. Please try again.');
     }
     // Simple hack not to loose flash messages between redirects.
     // Authentication is already a built-in trait so no need to rewrite or
     // create a closure in route definition
     if (Auth::check()) {
         // If logged, get redirected to landing page
         return redirect()->route('home');
     } else {
         // If not, gets redirected to signin page
         return redirect()->route('signin_get');
     }
 }
 /**
  * Test user account email update validation
  *
  * @return void
  */
 public function testUserAccountEmailUpdate()
 {
     $curPw = 'Sampl3P4ssword';
     $user = factory(User::class)->create(['password' => bcrypt($curPw)]);
     $emailChg = factory(UserEmailChange::class)->create(['user_id' => $user->id, 'email' => $user->email, 'confirmed' => true]);
     $newEmail = '*****@*****.**';
     $this->actingAs($user)->visit(route('user::update_email_get'))->type($curPw, 'current_password')->type($newEmail, 'email')->type($newEmail, 'email_confirmation')->press('Update email')->see('Email address updated.')->seePageIs(route('home'));
     $newEmailChg = UserEmailChange::where('email', '=', $newEmail)->where('confirmed', '=', false)->orderBy('created_at', 'desc')->first();
     $this->assertTrue($newEmailChg instanceof UserEmailChange);
     // Test email confirmation expiry date (a week, 7 days)
     $expiredDate = $newEmailChg->created_at;
     $expiredDate->sub(new \DateInterval('P8D'));
     $newEmailChg->created_at = $expiredDate;
     $newEmailChg->save();
     $getParams = ['email' => $newEmailChg->email, 'token' => $newEmailChg->token];
     $this->visit(route('user::email_confirmation_get', $getParams))->seePageIs(route('home'))->see('Your request is no longer valid');
     // Test email confirmation
     $validDate = $newEmailChg->created_at;
     $validDate->add(new \DateInterval('P1D'));
     $newEmailChg->created_at = $validDate;
     $newEmailChg->save();
     $this->visit(route('user::email_confirmation_get', $getParams))->seePageIs(route('home'))->see('Your email is verified');
     $this->seeInDatabase('users_email_change', ['id' => $newEmailChg->id, 'email' => $newEmail, 'confirmed' => true]);
 }