add request class to validate user input

wave/src/Http/Controllers/SettingsController.php

@@ -10,6 +10,7 @@
 use Illuminate\Support\Str;
 use TCG\Voyager\Http\Controllers\Controller;
 use Wave\ApiKey;
+use Wave\Http\Requests\ProfileUpdateRequest;
 use Wave\KeyValue;
 
 class SettingsController extends Controller
@@ -21,25 +22,14 @@ public function index($section = ''){
         return view('theme::settings.index', compact('section'));
     }
 
-    public function profilePut(Request $request){
-        $request->validate([
-            'name' => 'required|string',
-            'email' => 'sometimes|required|email|unique:users,email,' . Auth::user()->id,
-            'username' => 'sometimes|required|unique:users,username,' . Auth::user()->id,
-            'avatar' => 'nullable|base64image'
-        ],
-        [
-            'avatar.base64image' => 'The avatar must be a valid image.'
-        ]);
-
-        $authed_user = auth()->user();
+    public function profilePut(ProfileUpdateRequest $request){
+        $currentUser = auth()->user();
 
-        $authed_user->name = $request->name;
-        $authed_user->email = $request->email;
-        if($request->avatar){
-           $authed_user->avatar = $this->saveAvatar($request->avatar, $authed_user->username);
-        }
-        $authed_user->save();
+        $currentUser->fill([
+            'name' => $request->name,
+            'email' => $request->email,
+            'avatar' => $request->avatar ?? $currentUser->avatar
+        ])->save();
 
         foreach(config('wave.profile_fields') as $key){
             if(isset($request->{$key})){
@@ -53,17 +43,17 @@ public function profilePut(Request $request){
                 $row = (object)['field' => $key, 'type' => $request->{$type}, 'details' => ''];
                 $value = $this->getContentBasedOnType($request, 'themes', $row);
 
-                if(!is_null($authed_user->keyValue($key))){
-                    $keyValue = KeyValue::where('keyvalue_id', '=', $authed_user->id)->where('keyvalue_type', '=', 'users')->where('key', '=', $key)->first();
+                if(!is_null($currentUser->keyValue($key))){
+                    $keyValue = KeyValue::where('keyvalue_id', '=', $currentUser->id)->where('keyvalue_type', '=', 'users')->where('key', '=', $key)->first();
                     $keyValue->value = $value;
                     $keyValue->type = $request->{$type};
                     $keyValue->save();
                 } else {
-                    KeyValue::create(['type' => $request->{$type}, 'keyvalue_id' => $authed_user->id, 'keyvalue_type' => 'users', 'key' => $key, 'value' => $value]);
+                    KeyValue::create(['type' => $request->{$type}, 'keyvalue_id' => $currentUser->id, 'keyvalue_type' => 'users', 'key' => $key, 'value' => $value]);
                 }
             } else {
-                if(!is_null($authed_user->keyValue($key))){
-                    $keyValue = KeyValue::where('keyvalue_id', '=', $authed_user->id)->where('keyvalue_type', '=', 'users')->where('key', '=', $key)->first();
+                if(!is_null($currentUser->keyValue($key))){
+                    $keyValue = KeyValue::where('keyvalue_id', '=', $currentUser->id)->where('keyvalue_type', '=', 'users')->where('key', '=', $key)->first();
                     $keyValue->delete();
                 }
             }

wave/src/Http/Requests/ProfileUpdateRequest.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace Wave\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Auth;
+
+class ProfileUpdateRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get custom messages for validator errors.
+     *
+     * @return array
+     */
+    public function messages()
+    {
+        return [
+            'avatar.base64image' => 'The avatar must be a valid image.'
+        ];
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, mixed>
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required|string',
+            'email' => 'sometimes|required|email|unique:users,email,' . Auth::user()->id,
+            'username' => 'sometimes|required|unique:users,username,' . Auth::user()->id,
+            'avatar' => 'nullable|base64image'
+        ];
+    }
+}