diff --git a/app/config/app.php b/app/config/app.php
index 59818febb..77a02eccd 100755
--- a/app/config/app.php
+++ b/app/config/app.php
@@ -110,7 +110,7 @@
'Illuminate\Workbench\WorkbenchServiceProvider',
/* Additional Providers */
- 'Zizaco\Confide\ConfideServiceProvider', // Confide Provider
+ 'Zizaco\Confide\ServiceProvider', // Confide Provider
'Zizaco\Entrust\EntrustServiceProvider', // Entrust Provider for roles
'Bllim\Datatables\DatatablesServiceProvider', // Datatables
@@ -186,7 +186,7 @@
'View' => 'Illuminate\Support\Facades\View',
/* Additional Aliases */
- 'Confide' => 'Zizaco\Confide\ConfideFacade', // Confide Alias
+ 'Confide' => 'Zizaco\Confide\Facade', // Confide Alias
'Entrust' => 'Zizaco\Entrust\EntrustFacade', // Entrust Alias
'String' => 'Andrew13\Helpers\String', // String
'Carbon' => 'Carbon\Carbon', // Carbon
diff --git a/app/config/packages/zizaco/confide/config.php b/app/config/packages/zizaco/confide/config.php
index 8a6fc611a..db3a613a9 100644
--- a/app/config/packages/zizaco/confide/config.php
+++ b/app/config/packages/zizaco/confide/config.php
@@ -47,10 +47,10 @@
|
|
*/
- 'login_form' => 'confide::login',
- 'signup_form' => 'confide::signup',
- 'forgot_password_form' => 'confide::forgot_password',
- 'reset_password_form' => 'confide::reset_password',
+ 'login_form' => 'site.partials.user.login',
+ 'signup_form' => 'site.partials.user.signup',
+ 'forgot_password_form' => 'site.partials.user.forgot_password',
+ 'reset_password_form' => 'site.partials.user.reset_password',
/*
|--------------------------------------------------------------------------
@@ -70,8 +70,8 @@
|
*/
- 'email_reset_password' => 'confide::emails.passwordreset', // with $user and $token.
- 'email_account_confirmation' => 'confide::emails.confirm', // with $user
+ 'email_reset_password' => 'emails.auth.passwordreset', // with $user and $token.
+ 'email_account_confirmation' => 'emails.auth.confirm', // with $user
/*
|--------------------------------------------------------------------------
diff --git a/app/controllers/admin/AdminUsersController.php b/app/controllers/admin/AdminUsersController.php
index 1b72ea3d0..fc14eacbd 100755
--- a/app/controllers/admin/AdminUsersController.php
+++ b/app/controllers/admin/AdminUsersController.php
@@ -96,7 +96,13 @@ public function postCreate()
// before saving. This field will be used in Ardent's
// auto validation.
$this->user->password_confirmation = Input::get( 'password_confirmation' );
- $this->user->confirmed = Input::get( 'confirm' );
+
+ // Generate a random confirmation code
+ $this->user->confirmation_code = md5(uniqid(mt_rand(), true));
+
+ if (Input::get('confirm')) {
+ $this->user->confirmed = Input::get('confirm');
+ }
// Permissions are currently tied to roles. Can't do this yet.
//$user->permissions = $user->roles()->preparePermissionsForSave(Input::get( 'permissions' ));
@@ -104,16 +110,30 @@ public function postCreate()
// Save if valid. Password field will be hashed before save
$this->user->save();
- if ( $this->user->id )
- {
+ if ( $this->user->id ) {
// Save roles. Handles updating.
$this->user->saveRoles(Input::get( 'roles' ));
+ if (Config::get('confide::signup_email')) {
+ $user = $this->user;
+ Mail::queueOn(
+ Config::get('confide::email_queue'),
+ Config::get('confide::email_account_confirmation'),
+ compact('user'),
+ function ($message) use ($user) {
+ $message
+ ->to($user->email, $user->username)
+ ->subject(Lang::get('confide::confide.email.account_confirmation.subject'));
+ }
+ );
+ }
+
// Redirect to the new user page
- return Redirect::to('admin/users/' . $this->user->id . '/edit')->with('success', Lang::get('admin/users/messages.create.success'));
- }
- else
- {
+ return Redirect::to('admin/users/' . $this->user->id . '/edit')
+ ->with('success', Lang::get('admin/users/messages.create.success'));
+
+ } else {
+
// Get validation errors (see Ardent package)
$error = $this->user->errors()->all();
@@ -163,54 +183,42 @@ public function getEdit($user)
/**
* Update the specified resource in storage.
*
- * @param $user
+ * @param User $user
* @return Response
*/
public function postEdit($user)
{
- // Validate the inputs
- $validator = Validator::make(Input::all(), $user->getUpdateRules());
-
-
- if ($validator->passes())
- {
- $oldUser = clone $user;
- $user->username = Input::get( 'username' );
- $user->email = Input::get( 'email' );
- $user->confirmed = Input::get( 'confirm' );
-
- $password = Input::get( 'password' );
- $passwordConfirmation = Input::get( 'password_confirmation' );
-
- if(!empty($password)) {
- if($password === $passwordConfirmation) {
- $user->password = $password;
- // The password confirmation will be removed from model
- // before saving. This field will be used in Ardent's
- // auto validation.
- $user->password_confirmation = $passwordConfirmation;
- } else {
- // Redirect to the new user page
- return Redirect::to('admin/users/' . $user->id . '/edit')->with('error', Lang::get('admin/users/messages.password_does_not_match'));
- }
+ $oldUser = clone $user;
+ $user->username = Input::get( 'username' );
+ $user->email = Input::get( 'email' );
+ $user->confirmed = Input::get( 'confirm' );
+
+ $password = Input::get( 'password' );
+ $passwordConfirmation = Input::get( 'password_confirmation' );
+
+ if(!empty($password)) {
+ if($password === $passwordConfirmation) {
+ $user->password = $password;
+ // The password confirmation will be removed from model
+ // before saving. This field will be used in Ardent's
+ // auto validation.
+ $user->password_confirmation = $passwordConfirmation;
} else {
- unset($user->password);
- unset($user->password_confirmation);
+ // Redirect to the new user page
+ return Redirect::to('admin/users/' . $user->id . '/edit')->with('error', Lang::get('admin/users/messages.password_does_not_match'));
}
+ }
- if($user->confirmed == null) {
- $user->confirmed = $oldUser->confirmed;
- }
-
- $user->prepareRules($oldUser, $user);
-
- // Save if valid. Password field will be hashed before save
- $user->amend();
+ if($user->confirmed == null) {
+ $user->confirmed = $oldUser->confirmed;
+ }
+ if ($user->save()) {
// Save roles. Handles updating.
$user->saveRoles(Input::get( 'roles' ));
} else {
- return Redirect::to('admin/users/' . $user->id . '/edit')->with('error', Lang::get('admin/users/messages.edit.error'));
+ return Redirect::to('admin/users/' . $user->id . '/edit')
+ ->with('error', Lang::get('admin/users/messages.edit.error'));
}
// Get validation errors (see Ardent package)
diff --git a/app/controllers/user/UserController.php b/app/controllers/user/UserController.php
index ce8d41fdf..00d6fda51 100755
--- a/app/controllers/user/UserController.php
+++ b/app/controllers/user/UserController.php
@@ -8,14 +8,21 @@ class UserController extends BaseController {
*/
protected $user;
+ /**
+ * @var UserRepository
+ */
+ protected $userRepo;
+
/**
* Inject the models.
* @param User $user
+ * @param UserRepository $userRepo
*/
- public function __construct(User $user)
+ public function __construct(User $user, UserRepository $userRepo)
{
parent::__construct();
$this->user = $user;
+ $this->userRepo = $userRepo;
}
/**
@@ -38,102 +45,71 @@ public function getIndex()
*/
public function postIndex()
{
- $this->user->username = Input::get( 'username' );
- $this->user->email = Input::get( 'email' );
-
- $password = Input::get( 'password' );
- $passwordConfirmation = Input::get( 'password_confirmation' );
-
- if(!empty($password)) {
- if($password === $passwordConfirmation) {
- $this->user->password = $password;
- // The password confirmation will be removed from model
- // before saving. This field will be used in Ardent's
- // auto validation.
- $this->user->password_confirmation = $passwordConfirmation;
- } else {
- // Redirect to the new user page
- return Redirect::to('user/create')
- ->withInput(Input::except('password','password_confirmation'))
- ->with('error', Lang::get('admin/users/messages.password_does_not_match'));
+ $user = $this->userRepo->signup(Input::all());
+
+ if ($user->id) {
+ if (Config::get('confide::signup_email')) {
+ Mail::queueOn(
+ Config::get('confide::email_queue'),
+ Config::get('confide::email_account_confirmation'),
+ compact('user'),
+ function ($message) use ($user) {
+ $message
+ ->to($user->email, $user->username)
+ ->subject(Lang::get('confide::confide.email.account_confirmation.subject'));
+ }
+ );
}
- } else {
- unset($this->user->password);
- unset($this->user->password_confirmation);
- }
-
- // Save if valid. Password field will be hashed before save
- $this->user->save();
- if ( $this->user->id )
- {
- // Redirect with success message, You may replace "Lang::get(..." for your custom message.
return Redirect::to('user/login')
- ->with( 'success', Lang::get('user/user.user_account_created') );
- }
- else
- {
- // Get validation errors (see Ardent package)
- $error = $this->user->errors()->all();
+ ->with('success', Lang::get('user/user.user_account_created'));
+ } else {
+ $error = $user->errors()->all(':message');
return Redirect::to('user/create')
->withInput(Input::except('password'))
- ->with( 'error', $error );
+ ->with('error', $error);
}
+
}
/**
* Edits a user
- *
+ * @var User
+ * @return \Illuminate\Http\RedirectResponse
*/
- public function postEdit($user)
+ public function postEdit(User $user)
{
- // Validate the inputs
- $validator = Validator::make(Input::all(), $user->getUpdateRules());
+ $oldUser = clone $user;
+ $user->username = Input::get('username');
+ $user->email = Input::get('email');
- if ($validator->passes())
- {
- $oldUser = clone $user;
- $user->username = Input::get( 'username' );
- $user->email = Input::get( 'email' );
-
- $password = Input::get( 'password' );
- $passwordConfirmation = Input::get( 'password_confirmation' );
-
- if(!empty($password)) {
- if($password === $passwordConfirmation) {
- $user->password = $password;
- // The password confirmation will be removed from model
- // before saving. This field will be used in Ardent's
- // auto validation.
- $user->password_confirmation = $passwordConfirmation;
- } else {
- // Redirect to the new user page
- return Redirect::to('users')->with('error', Lang::get('admin/users/messages.password_does_not_match'));
- }
+ $password = Input::get('password');
+ $passwordConfirmation = Input::get('password_confirmation');
+
+ if (!empty($password)) {
+ if ($password != $passwordConfirmation) {
+ // Redirect to the new user page
+ $error = Lang::get('admin/users/messages.password_does_not_match');
+ return Redirect::to('user')
+ ->with('error', $error);
} else {
- unset($user->password);
- unset($user->password_confirmation);
+ $user->password = $password;
+ $user->password_confirmation = $passwordConfirmation;
}
-
- $user->prepareRules($oldUser, $user);
-
- // Save if valid. Password field will be hashed before save
- $user->amend();
}
- // Get validation errors (see Ardent package)
- $error = $user->errors()->all();
-
- if(empty($error)) {
+ if ($this->userRepo->save($user)) {
return Redirect::to('user')
->with( 'success', Lang::get('user/user.user_account_updated') );
} else {
+ $error = $user->errors()->all(':message');
return Redirect::to('user')
- ->withInput(Input::except('password','password_confirmation'))
- ->with( 'error', $error );
+ ->withInput(Input::except('password', 'password_confirmation'))
+ ->with('error', $error);
}
+
}
/**
@@ -166,27 +142,15 @@ public function getLogin()
*/
public function postLogin()
{
- $input = array(
- 'email' => Input::get( 'email' ), // May be the username too
- 'username' => Input::get( 'email' ), // May be the username too
- 'password' => Input::get( 'password' ),
- 'remember' => Input::get( 'remember' ),
- );
+ $repo = App::make('UserRepository');
+ $input = Input::all();
- // If you wish to only allow login from confirmed users, call logAttempt
- // with the second parameter as true.
- // logAttempt will check if the 'email' perhaps is the username.
- // Check that the user is confirmed.
- if ( Confide::logAttempt( $input, true ) )
- {
+ if ($this->userRepo->login($input)) {
return Redirect::intended('/');
- }
- else
- {
- // Check if there was too many login attempts
- if ( Confide::isThrottled( $input ) ) {
+ } else {
+ if ($this->userRepo->isThrottled($input)) {
$err_msg = Lang::get('confide::confide.alerts.too_many_attempts');
- } elseif ( $this->user->checkUserExists( $input ) && ! $this->user->isConfirmed( $input ) ) {
+ } elseif ($this->userRepo->existsButNotConfirmed($input)) {
$err_msg = Lang::get('confide::confide.alerts.not_confirmed');
} else {
$err_msg = Lang::get('confide::confide.alerts.wrong_credentials');
@@ -194,16 +158,18 @@ public function postLogin()
return Redirect::to('user/login')
->withInput(Input::except('password'))
- ->with( 'error', $err_msg );
+ ->with('error', $err_msg);
}
+
}
/**
* Attempt to confirm account with code
*
- * @param string $code
+ * @param string $code
+ * @return \Illuminate\Http\RedirectResponse
*/
- public function getConfirm( $code )
+ public function getConfirm($code)
{
if ( Confide::confirm( $code ) )
{
@@ -230,18 +196,17 @@ public function getForgot()
* Attempt to reset password with given email
*
*/
- public function postForgot()
+ public function postForgotPassword()
{
- if( Confide::forgotPassword( Input::get( 'email' ) ) )
- {
- return Redirect::to('user/login')
- ->with( 'notice', Lang::get('confide::confide.alerts.password_forgot') );
- }
- else
- {
+ if (Confide::forgotPassword(Input::get('email'))) {
+ $notice_msg = Lang::get('confide::confide.alerts.password_forgot');
return Redirect::to('user/forgot')
+ ->with('notice', $notice_msg);
+ } else {
+ $error_msg = Lang::get('confide::confide.alerts.wrong_password_forgot');
+ return Redirect::to('user/login')
->withInput()
- ->with( 'error', Lang::get('confide::confide.alerts.wrong_password_forgot') );
+ ->with('error', $error_msg);
}
}
@@ -263,24 +228,25 @@ public function getReset( $token )
*/
public function postReset()
{
+
$input = array(
- 'token'=>Input::get( 'token' ),
- 'password'=>Input::get( 'password' ),
- 'password_confirmation'=>Input::get( 'password_confirmation' ),
+ 'token' =>Input::get('token'),
+ 'password' =>Input::get('password'),
+ 'password_confirmation' =>Input::get('password_confirmation'),
);
// By passing an array with the token, password and confirmation
- if( Confide::resetPassword( $input ) )
- {
+ if ($this->userRepo->resetPassword($input)) {
+ $notice_msg = Lang::get('confide::confide.alerts.password_reset');
return Redirect::to('user/login')
- ->with( 'notice', Lang::get('confide::confide.alerts.password_reset') );
- }
- else
- {
- return Redirect::to('user/reset/'.$input['token'])
+ ->with('notice', $notice_msg);
+ } else {
+ $error_msg = Lang::get('confide::confide.alerts.wrong_password_reset');
+ return Redirect::to('user/reset', array('token'=>$input['token']))
->withInput()
- ->with( 'error', Lang::get('confide::confide.alerts.wrong_password_reset') );
+ ->with('error', $error_msg);
}
+
}
/**
diff --git a/app/models/User.php b/app/models/User.php
index d13004b15..7c4af0474 100755
--- a/app/models/User.php
+++ b/app/models/User.php
@@ -1,15 +1,12 @@
where('username', '=', $username)->first();
}
+ /**
+ * Find the user and check whether they are confirmed
+ *
+ * @param array $identity an array with identities to check (eg. ['username' => 'test'])
+ * @return boolean
+ */
+ public function isConfirmed($identity) {
+ $user = Confide::getUserByEmailOrUsername($identity);
+ return ($user && $user->confirmed);
+ }
+
/**
* Get the date the user was created.
*
@@ -91,7 +99,7 @@ public static function checkAuthAndRedirect($redirect, $ifValid=false)
public function currentUser()
{
- return (new Confide(new ConfideEloquentRepository()))->user();
+ return Confide::user();
}
/**
diff --git a/app/models/UserRepository.php b/app/models/UserRepository.php
new file mode 100644
index 000000000..090557756
--- /dev/null
+++ b/app/models/UserRepository.php
@@ -0,0 +1,137 @@
+first();
+ }
+
+ /**
+ * Signup a new account with the given parameters
+ *
+ * @param array $input Array containing 'username', 'email' and 'password'.
+ *
+ * @return User User object that may or may not be saved successfully. Check the id to make sure.
+ */
+ public function signup($input)
+ {
+ $user = new User;
+
+ $user->username = array_get($input, 'username');
+ $user->email = array_get($input, 'email');
+ $user->password = array_get($input, 'password');
+
+ // The password confirmation will be removed from model
+ // before saving. This field will be used in Ardent's
+ // auto validation.
+ $user->password_confirmation = array_get($input, 'password_confirmation');
+
+ // Generate a random confirmation code
+ $user->confirmation_code = md5(uniqid(mt_rand(), true));
+
+ // Save if valid. Password field will be hashed before save
+ $this->save($user);
+
+ return $user;
+ }
+
+ /**
+ * Attempts to login with the given credentials.
+ *
+ * @param array $input Array containing the credentials (email/username and password)
+ *
+ * @return boolean Success?
+ */
+ public function login($input)
+ {
+ if (! isset($input['password'])) {
+ $input['password'] = null;
+ }
+
+ return Confide::logAttempt($input, Config::get('confide::signup_confirm'));
+ }
+
+ /**
+ * Checks if the credentials has been throttled by too
+ * much failed login attempts
+ *
+ * @param array $credentials Array containing the credentials (email/username and password)
+ *
+ * @return boolean Is throttled
+ */
+ public function isThrottled($input)
+ {
+ return Confide::isThrottled($input);
+ }
+
+ /**
+ * Checks if the given credentials correponds to a user that exists but
+ * is not confirmed
+ *
+ * @param array $credentials Array containing the credentials (email/username and password)
+ *
+ * @return boolean Exists and is not confirmed?
+ */
+ public function existsButNotConfirmed($input)
+ {
+ $user = Confide::getUserByEmailOrUsername($input);
+
+ if ($user) {
+ $correctPassword = Hash::check(
+ isset($input['password']) ? $input['password'] : false,
+ $user->password
+ );
+
+ return (! $user->confirmed && $correctPassword);
+ }
+ }
+
+ /**
+ * Resets a password of a user. The $input['token'] will tell which user.
+ *
+ * @param array $input Array containing 'token', 'password' and 'password_confirmation' keys.
+ *
+ * @return boolean Success
+ */
+ public function resetPassword($input)
+ {
+ $result = false;
+ $user = Confide::userByResetPasswordToken($input['token']);
+
+ if ($user) {
+ $user->password = $input['password'];
+ $user->password_confirmation = $input['password_confirmation'];
+ $result = $this->save($user);
+ }
+
+ // If result is positive, destroy token
+ if ($result) {
+ Confide::destroyForgotPasswordToken($input['token']);
+ }
+
+ return $result;
+ }
+
+ /**
+ * Simply saves the given instance
+ *
+ * @param User $instance
+ *
+ * @return boolean Success
+ */
+ public function save(User $instance)
+ {
+ return $instance->save();
+ }
+}
diff --git a/app/views/emails/auth/confirm.blade.php b/app/views/emails/auth/confirm.blade.php
new file mode 100644
index 000000000..bbea8dd68
--- /dev/null
+++ b/app/views/emails/auth/confirm.blade.php
@@ -0,0 +1,10 @@
+{{ Lang::get('confide::confide.email.account_confirmation.subject') }}
+
+{{ Lang::get('confide::confide.email.account_confirmation.greetings', array('name' => $user['username'])) }},
+
+{{ Lang::get('confide::confide.email.account_confirmation.body') }}
+
+ {{{ URL::to("user/confirm/{$user['confirmation_code']}") }}}
+
+
+{{ Lang::get('confide::confide.email.account_confirmation.farewell') }}
diff --git a/app/views/emails/auth/passwordreset.blade.php b/app/views/emails/auth/passwordreset.blade.php
new file mode 100644
index 000000000..f5764ceb9
--- /dev/null
+++ b/app/views/emails/auth/passwordreset.blade.php
@@ -0,0 +1,10 @@
+{{ Lang::get('confide::confide.email.password_reset.subject') }}
+
+{{ Lang::get('confide::confide.email.password_reset.greetings', array( 'name' => $user['username'])) }},
+
+{{ Lang::get('confide::confide.email.password_reset.body') }}
+
+ {{ URL::to('user/reset/'.$token) }}
+
+
+{{ Lang::get('confide::confide.email.password_reset.farewell') }}
diff --git a/app/views/site/partials/user/forgot_password.blade.php b/app/views/site/partials/user/forgot_password.blade.php
new file mode 100644
index 000000000..995119a13
--- /dev/null
+++ b/app/views/site/partials/user/forgot_password.blade.php
@@ -0,0 +1,21 @@
+
diff --git a/app/views/site/partials/user/login.blade.php b/app/views/site/partials/user/login.blade.php
new file mode 100644
index 000000000..ee838f287
--- /dev/null
+++ b/app/views/site/partials/user/login.blade.php
@@ -0,0 +1,45 @@
+
diff --git a/app/views/site/partials/user/reset_password.blade.php b/app/views/site/partials/user/reset_password.blade.php
new file mode 100644
index 000000000..c5357daab
--- /dev/null
+++ b/app/views/site/partials/user/reset_password.blade.php
@@ -0,0 +1,25 @@
+
diff --git a/app/views/site/partials/user/signup.blade.php b/app/views/site/partials/user/signup.blade.php
new file mode 100644
index 000000000..84cb8084f
--- /dev/null
+++ b/app/views/site/partials/user/signup.blade.php
@@ -0,0 +1,38 @@
+
diff --git a/app/views/site/user/login.blade.php b/app/views/site/user/login.blade.php
index d78b7c9f0..090931158 100755
--- a/app/views/site/user/login.blade.php
+++ b/app/views/site/user/login.blade.php
@@ -11,50 +11,5 @@
-
-
+{{ Confide::makeLoginForm()->render() }}
@stop
diff --git a/composer.json b/composer.json
index 6a1e4b9fc..85cbc8d79 100755
--- a/composer.json
+++ b/composer.json
@@ -11,8 +11,8 @@
],
"require": {
"laravel/framework": "~4.2",
- "zizaco/confide": "~3.2",
- "zizaco/entrust": "~1.2",
+ "zizaco/confide": "~4.0",
+ "zizaco/entrust": "1.2.*",
"bllim/datatables": "~1.3"
},
"require-dev": {