Working login form with password reset functionality.

2018-04-08 15:18:13 -05:00 · 2018-04-08 15:18:13 -05:00 · d63624f607
commit d63624f607
parent c3e462ab2f
21 changed files with 232 additions and 324 deletions
--- a/app/Http/Controllers/Auth/AbstractLoginController.php
+++ b/app/Http/Controllers/Auth/AbstractLoginController.php
@ -107,7 +107,7 @@ abstract class AbstractLoginController extends Controller
        ]);

        if ($request->route()->named('auth.checkpoint')) {
-            throw new DisplayException(trans('auth.checkpoint_failed'));
+            throw new DisplayException(trans('auth.two_factor.checkpoint_failed'));
        }

        throw new DisplayException(trans('auth.failed'));
--- a/app/Http/Controllers/Auth/LoginCheckpointController.php
+++ b/app/Http/Controllers/Auth/LoginCheckpointController.php
@ -18,7 +18,7 @@ class LoginCheckpointController extends AbstractLoginController
     *
     * @throws \Pterodactyl\Exceptions\DisplayException
     */
-    public function index(LoginCheckpointRequest $request): JsonResponse
+    public function __invoke(LoginCheckpointRequest $request): JsonResponse
    {
        try {
            $cache = $this->cache->pull($request->input('confirmation_token'), []);
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -22,6 +22,8 @@ class LoginController extends AbstractLoginController
        $username = $request->input('user');
        $useColumn = $this->getField($username);

+        sleep(1);
+
        if ($this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);
            $this->sendLockoutResponse($request);
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@ -2,8 +2,12 @@

 namespace Pterodactyl\Http\Controllers\Auth;

+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Password;
+use Pterodactyl\Exceptions\DisplayException;
 use Pterodactyl\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ResetsPasswords;
+use Pterodactyl\Http\Requests\Auth\ResetPasswordRequest;

 class ResetPasswordController extends Controller
 {
@ -17,16 +21,44 @@ class ResetPasswordController extends Controller
    public $redirectTo = '/';

    /**
-     * Return the rules used when validating password reset.
+     * Reset the given user's password.
     *
-     * @return array
+     * @param \Pterodactyl\Http\Requests\Auth\ResetPasswordRequest $request
+     * @return \Illuminate\Http\JsonResponse
+     *
+     * @throws \Pterodactyl\Exceptions\DisplayException
     */
-    protected function rules(): array
+    public function __invoke(ResetPasswordRequest $request): JsonResponse
    {
-        return [
-            'token' => 'required',
-            'email' => 'required|email',
-            'password' => 'required|confirmed|min:8',
-        ];
+        // Here we will attempt to reset the user's password. If it is successful we
+        // will update the password on an actual user model and persist it to the
+        // database. Otherwise we will parse the error and return the response.
+        $response = $this->broker()->reset(
+            $this->credentials($request), function ($user, $password) {
+                $this->resetPassword($user, $password);
+            }
+        );
+
+        // If the password was successfully reset, we will redirect the user back to
+        // the application's home authenticated view. If there is an error we can
+        // redirect them back to where they came from with their error message.
+        if ($response === Password::PASSWORD_RESET) {
+            return $this->sendResetResponse();
+        }
+
+        throw new DisplayException(trans($response));
+    }
+
+    /**
+     * Send a successful password reset response back to the callee.
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    protected function sendResetResponse(): JsonResponse
+    {
+        return response()->json([
+            'success' => true,
+            'redirect_to' => $this->redirectTo,
+        ]);
    }
 }
--- a/app/Http/Requests/Auth/ResetPasswordRequest.php
+++ b/app/Http/Requests/Auth/ResetPasswordRequest.php
@ -0,0 +1,28 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Auth;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ResetPasswordRequest extends FormRequest
+{
+    /**
+     * @return bool
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array
+     */
+    public function rules(): array
+    {
+        return [
+            'token' => 'required|string',
+            'email' => 'required|email',
+            'password' => 'required|string|confirmed|min:8',
+        ];
+    }
+}