firefly-iii/app/Http/Controllers/ProfileController.php

613 lines
21 KiB
PHP
Raw Normal View History

2016-05-20 01:57:45 -05:00
<?php
/**
* ProfileController.php
* Copyright (c) 2019 thegrumpydictator@gmail.com
*
* This file is part of Firefly III (https://github.com/firefly-iii).
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
2017-10-21 01:40:00 -05:00
*
* This program is distributed in the hope that it will be useful,
2017-10-21 01:40:00 -05:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
2017-10-21 01:40:00 -05:00
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
2017-03-24 05:07:38 -05:00
declare(strict_types=1);
2016-05-20 01:57:45 -05:00
namespace FireflyIII\Http\Controllers;
2015-02-25 14:19:06 -06:00
use Auth;
2018-04-02 08:17:03 -05:00
use DB;
use FireflyIII\Events\UserChangedEmail;
use FireflyIII\Exceptions\FireflyException;
2017-01-05 03:06:46 -06:00
use FireflyIII\Exceptions\ValidationException;
2017-12-19 12:25:50 -06:00
use FireflyIII\Http\Middleware\IsDemoUser;
use FireflyIII\Http\Middleware\IsSandStormUser;
use FireflyIII\Http\Requests\DeleteAccountFormRequest;
use FireflyIII\Http\Requests\EmailFormRequest;
2015-02-25 14:19:06 -06:00
use FireflyIII\Http\Requests\ProfileFormRequest;
2018-03-08 22:45:22 -06:00
use FireflyIII\Http\Requests\TokenFormRequest;
use FireflyIII\Models\Preference;
2016-12-12 08:24:47 -06:00
use FireflyIII\Repositories\User\UserRepositoryInterface;
2018-08-10 10:05:37 -05:00
use FireflyIII\Support\Http\Controllers\CreateStuff;
use FireflyIII\Support\Http\Controllers\RequestInformation;
2017-03-24 05:07:38 -05:00
use FireflyIII\User;
2018-03-08 22:45:22 -06:00
use Google2FA;
2015-02-25 14:19:06 -06:00
use Hash;
2017-11-25 01:54:52 -06:00
use Illuminate\Contracts\Auth\Guard;
2018-10-13 08:06:56 -05:00
use Illuminate\Http\Request;
2018-07-09 12:24:08 -05:00
use Illuminate\Support\Collection;
2018-04-02 08:17:03 -05:00
use Laravel\Passport\ClientRepository;
2016-12-12 08:24:47 -06:00
use Log;
use PragmaRX\Recovery\Recovery;
2015-02-25 14:19:06 -06:00
/**
2017-11-15 05:25:49 -06:00
* Class ProfileController.
2017-11-25 01:54:52 -06:00
*
* @method Guard guard()
2019-08-17 03:47:10 -05:00
*
2015-02-25 14:19:06 -06:00
*/
class ProfileController extends Controller
{
2018-08-10 10:05:37 -05:00
use RequestInformation, CreateStuff;
2018-08-09 12:44:36 -05:00
/**
* ProfileController constructor.
2019-07-21 10:15:06 -05:00
* @codeCoverageIgnore
*/
2016-01-08 11:29:47 -06:00
public function __construct()
{
2016-01-08 13:40:48 -06:00
parent::__construct();
2016-10-20 12:10:43 -05:00
2016-10-29 00:44:46 -05:00
$this->middleware(
2019-07-21 10:15:06 -05:00
static function ($request, $next) {
2018-07-15 02:38:49 -05:00
app('view')->share('title', (string)trans('firefly.profile'));
2017-12-16 12:46:36 -06:00
app('view')->share('mainTitleIcon', 'fa-user');
2016-10-29 00:44:46 -05:00
return $next($request);
}
);
2018-10-13 08:06:56 -05:00
2017-12-19 12:25:50 -06:00
$this->middleware(IsDemoUser::class)->except(['index']);
$this->middleware(IsSandStormUser::class)->except('index');
2016-01-08 11:29:47 -06:00
}
2015-02-25 14:19:06 -06:00
/**
2018-07-22 01:10:16 -05:00
* Change your email address.
*
2019-02-13 10:38:41 -06:00
* @param Request $request
*
2018-07-08 05:08:53 -05:00
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
2018-10-13 08:06:56 -05:00
public function changeEmail(Request $request)
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2019-08-02 22:08:35 -05:00
$request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)]));
2018-10-13 08:06:56 -05:00
return redirect(route('profile.index'));
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
$title = auth()->user()->email;
$email = auth()->user()->email;
2018-04-02 08:10:40 -05:00
$subTitle = (string)trans('firefly.change_your_email');
$subTitleIcon = 'fa-envelope';
return view('profile.change-email', compact('title', 'subTitle', 'subTitleIcon', 'email'));
}
2015-02-25 14:19:06 -06:00
/**
2018-07-22 01:10:16 -05:00
* Change your password.
*
2019-02-13 10:38:41 -06:00
* @param Request $request
*
2018-07-08 05:08:53 -05:00
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
2015-02-25 14:19:06 -06:00
*/
2018-10-13 08:06:56 -05:00
public function changePassword(Request $request)
2015-02-25 14:19:06 -06:00
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2019-08-02 22:08:35 -05:00
$request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)]));
2018-10-13 08:06:56 -05:00
return redirect(route('profile.index'));
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
2016-10-29 00:44:46 -05:00
$title = auth()->user()->email;
2018-04-02 08:10:40 -05:00
$subTitle = (string)trans('firefly.change_your_password');
2016-10-29 00:44:46 -05:00
$subTitleIcon = 'fa-key';
return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon'));
2015-02-25 14:19:06 -06:00
}
2018-03-08 22:45:22 -06:00
/**
* View that generates a 2FA code for the user.
2018-03-10 15:38:20 -06:00
*
2018-07-08 05:08:53 -05:00
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
2018-03-08 22:45:22 -06:00
*/
public function code()
{
$domain = $this->getDomain();
2019-08-08 10:52:37 -05:00
$secret = null;
// generate secret if not in session
if (!session()->has('temp-mfa-secret')) {
// generate secret + store + flash
$secret = Google2FA::generateSecretKey();
session()->put('temp-mfa-secret', $secret);
session()->flash('two-factor-secret', $secret);
}
// re-use secret if in session
if (session()->has('temp-mfa-secret')) {
// get secret from session and flash
$secret = session()->get('temp-mfa-secret');
session()->flash('two-factor-secret', $secret);
}
2018-06-23 10:59:37 -05:00
2019-08-08 10:52:37 -05:00
// generate codes if not in session:
if (!session()->has('temp-mfa-codes')) {
// generate codes + store + flash:
$recovery = app(Recovery::class);
$recoveryCodes = $recovery->lowercase()->setCount(8)->setBlocks(2)->setChars(6)->toArray();
session()->put('temp-mfa-codes', $recoveryCodes);
session()->flash('two-factor-codes', $recoveryCodes);
}
// get codes from session if there already:
if (session()->has('temp-mfa-codes')) {
$recoveryCodes = session()->get('temp-mfa-codes');
session()->flash('two-factor-codes', $recoveryCodes);
}
2019-08-08 10:52:37 -05:00
$codes = implode("\r\n", $recoveryCodes);
2019-02-13 10:38:41 -06:00
$image = Google2FA::getQRCodeInline($domain, auth()->user()->email, $secret);
2018-03-08 22:45:22 -06:00
return view('profile.code', compact('image', 'secret','codes'));
2018-03-08 22:45:22 -06:00
}
/**
2018-07-22 01:10:16 -05:00
* Screen to confirm email change.
*
* @param UserRepositoryInterface $repository
* @param string $token
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
2017-12-22 11:32:43 -06:00
*
* @throws FireflyException
*/
public function confirmEmailChange(UserRepositoryInterface $repository, string $token)
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2018-10-13 08:06:56 -05:00
throw new FireflyException('Cannot confirm email change when authentication provider is not local.');
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
// find preference with this token value.
2018-07-09 12:24:08 -05:00
/** @var Collection $set */
$set = app('preferences')->findByName('email_change_confirm_token');
$user = null;
2019-07-21 10:15:06 -05:00
//Log::debug(sprintf('Found %d preferences', $set->count()));
/** @var Preference $preference */
foreach ($set as $preference) {
if ($preference->data === $token) {
2019-07-21 10:15:06 -05:00
//Log::debug('Found user');
$user = $preference->user;
}
}
// update user to clear blocked and blocked_code.
2017-11-15 05:25:49 -06:00
if (null === $user) {
2019-07-21 10:15:06 -05:00
//Log::debug('Found no user');
throw new FireflyException('Invalid token.');
}
2019-07-21 10:15:06 -05:00
//Log::debug('Will unblock user.');
$repository->unblockUser($user);
// return to login.
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.login_with_new_email'));
return redirect(route('login'));
}
/**
2018-07-22 01:10:16 -05:00
* Delete your account view.
*
2019-02-13 10:38:41 -06:00
* @param Request $request
*
2018-07-08 05:08:53 -05:00
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
2018-10-13 08:06:56 -05:00
public function deleteAccount(Request $request)
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2019-08-02 22:08:35 -05:00
$request->session()->flash('warning', trans('firefly.delete_local_info_only', ['login_provider' => e($loginProvider)]));
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
2016-10-29 00:44:46 -05:00
$title = auth()->user()->email;
2018-04-02 08:10:40 -05:00
$subTitle = (string)trans('firefly.delete_account');
2016-10-29 00:44:46 -05:00
$subTitleIcon = 'fa-trash';
return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon'));
}
2018-03-10 15:38:20 -06:00
/**
2018-07-22 01:10:16 -05:00
* Delete 2FA routine.
*
2018-03-10 15:38:20 -06:00
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function deleteCode()
{
2019-08-04 00:09:51 -05:00
/** @var UserRepositoryInterface $repository */
$repository = app(UserRepositoryInterface::class);
/** @var User $user */
$user = auth()->user();
$repository->setMFACode($user, null);
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.pref_two_factor_auth_disabled'));
session()->flash('info', (string)trans('firefly.pref_two_factor_auth_remove_it'));
2018-03-10 15:38:20 -06:00
return redirect(route('profile.index'));
}
2018-03-08 22:45:22 -06:00
/**
2018-07-22 01:10:16 -05:00
* Enable 2FA screen.
*
2018-03-08 22:45:22 -06:00
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
2018-08-30 13:58:07 -05:00
public function enable2FA()
2018-03-08 22:45:22 -06:00
{
/** @var User $user */
$user = auth()->user();
$enabledMFA = null !== $user->mfa_secret;
2018-03-08 22:45:22 -06:00
// if we don't have a valid secret yet, redirect to the code page to get one.
if (!$enabledMFA) {
2018-03-08 22:45:22 -06:00
return redirect(route('profile.code'));
}
// If FF3 already has a secret, just set the two factor auth enabled to 1,
// and let the user continue with the existing secret.
session()->flash('info', (string)trans('firefly.2fa_already_enabled'));
2018-03-08 22:45:22 -06:00
return redirect(route('profile.index'));
}
/**
2018-07-22 01:10:16 -05:00
* Index for profile.
*
2018-07-08 05:08:53 -05:00
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
2015-05-03 02:19:14 -05:00
public function index()
2015-04-28 08:26:30 -05:00
{
2019-08-03 12:57:24 -05:00
/** @var User $user */
$user = auth()->user();
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
2018-04-02 08:17:03 -05:00
// check if client token thing exists (default one)
2019-08-03 12:57:24 -05:00
$count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
2018-04-02 08:26:33 -05:00
$this->createOAuthKeys();
2018-07-08 00:59:58 -05:00
if (0 === $count) {
2018-04-02 08:17:03 -05:00
/** @var ClientRepository $repository */
$repository = app(ClientRepository::class);
$repository->createPersonalAccessClient(null, config('app.name') . ' Personal Access Client', 'http://localhost');
}
$subTitle = $user->email;
$userId = $user->id;
$enabled2FA = null !== $user->mfa_secret;
2019-08-08 10:52:37 -05:00
$mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
2016-10-20 12:10:43 -05:00
// get access token or create one.
$accessToken = app('preferences')->get('access_token', null);
2017-11-15 05:25:49 -06:00
if (null === $accessToken) {
2018-07-09 12:24:08 -05:00
$token = $user->generateAccessToken();
$accessToken = app('preferences')->set('access_token', $token);
}
return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'loginProvider'));
}
/**
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function newBackupCodes()
{
// generate recovery codes:
$recovery = app(Recovery::class);
$recoveryCodes = $recovery->lowercase()
->setCount(8) // Generate 8 codes
->setBlocks(2) // Every code must have 7 blocks
->setChars(6) // Each block must have 16 chars
->toArray();
$codes = implode("\r\n", $recoveryCodes);
2019-08-08 10:52:37 -05:00
app('preferences')->set('mfa_recovery', $recoveryCodes);
app('preferences')->mark();
return view('profile.new-backup-codes', compact('codes'));
}
/**
2018-07-22 01:10:16 -05:00
* Submit the change email form.
*
* @param EmailFormRequest $request
* @param UserRepositoryInterface $repository
*
* @return $this|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository)
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2019-08-02 22:08:35 -05:00
$request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)]));
2018-10-13 08:06:56 -05:00
return redirect(route('profile.index'));
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
/** @var User $user */
$user = auth()->user();
$newEmail = $request->string('email');
$oldEmail = $user->email;
if ($newEmail === $user->email) {
2018-04-22 10:10:11 -05:00
session()->flash('error', (string)trans('firefly.email_not_changed'));
return redirect(route('profile.change-email'))->withInput();
}
$existing = $repository->findByEmail($newEmail);
2017-11-15 05:25:49 -06:00
if (null !== $existing) {
// force user logout.
Auth::guard()->logout();
$request->session()->invalidate();
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.email_changed'));
return redirect(route('index'));
}
// now actually update user:
$repository->changeEmail($user, $newEmail);
// call event.
$ipAddress = $request->ip();
event(new UserChangedEmail($user, $newEmail, $oldEmail, $ipAddress));
// force user logout.
Auth::guard()->logout();
$request->session()->invalidate();
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.email_changed'));
return redirect(route('index'));
}
2015-02-25 14:19:06 -06:00
/**
2018-07-22 01:10:16 -05:00
* Submit change password form.
*
2016-12-18 10:54:11 -06:00
* @param ProfileFormRequest $request
* @param UserRepositoryInterface $repository
2015-05-03 05:58:55 -05:00
*
2016-12-18 10:54:11 -06:00
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
2015-02-25 14:19:06 -06:00
*/
2016-12-18 10:54:11 -06:00
public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
2015-02-25 14:19:06 -06:00
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2019-08-02 22:08:35 -05:00
$request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)]));
2018-10-13 08:06:56 -05:00
return redirect(route('profile.index'));
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
2017-03-24 05:07:38 -05:00
// the request has already validated both new passwords must be equal.
$current = $request->get('current_password');
$new = $request->get('new_password');
2018-07-09 12:24:08 -05:00
/** @var User $user */
2018-07-13 08:50:42 -05:00
$user = auth()->user();
2017-01-05 03:06:46 -06:00
try {
2018-07-09 12:24:08 -05:00
$this->validatePassword($user, $current, $new);
2017-01-05 03:06:46 -06:00
} catch (ValidationException $e) {
2018-04-22 10:10:11 -05:00
session()->flash('error', $e->getMessage());
2015-02-25 14:19:06 -06:00
2015-07-06 09:27:21 -05:00
return redirect(route('profile.change-password'));
2015-02-25 14:19:06 -06:00
}
2018-07-09 12:24:08 -05:00
$repository->changePassword($user, $request->get('new_password'));
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.password_changed'));
2015-02-25 14:19:06 -06:00
return redirect(route('profile.index'));
2015-02-25 14:19:06 -06:00
}
2018-07-09 12:24:08 -05:00
/** @noinspection PhpUnusedParameterInspection */
2018-03-10 15:38:20 -06:00
/**
2018-07-22 01:10:16 -05:00
* Submit 2FA for the first time.
*
2018-03-10 15:38:20 -06:00
* @param TokenFormRequest $request
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function postCode(TokenFormRequest $request)
{
/** @var User $user */
$user = auth()->user();
/** @var UserRepositoryInterface $repository */
$repository = app(UserRepositoryInterface::class);
/** @var string $secret */
$secret = session()->get('two-factor-secret');
$repository->setMFACode($user, $secret);
2018-03-10 15:38:20 -06:00
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.saved_preferences'));
2018-07-08 05:08:53 -05:00
app('preferences')->mark();
2018-08-06 12:14:30 -05:00
2019-08-08 10:52:37 -05:00
// also save the code so replay attack is prevented.
$mfaCode = $request->get('code');
$this->addToMFAHistory($mfaCode);
// save backup codes in preferences:
app('preferences')->set('mfa_recovery', session()->get('temp-mfa-codes'));
2019-08-04 00:09:51 -05:00
// make sure MFA is logged out.
2019-08-04 04:12:24 -05:00
if ('testing' !== config('app.env')) {
Google2FA::logout();
}
2019-08-04 00:09:51 -05:00
2019-08-08 10:52:37 -05:00
// drop all info from session:
session()->forget(['temp-mfa-secret', 'two-factor-secret', 'temp-mfa-codes', 'two-factor-codes']);
2018-03-10 15:38:20 -06:00
return redirect(route('profile.index'));
}
2015-05-03 02:19:14 -05:00
/**
2018-07-22 01:10:16 -05:00
* Submit delete account.
*
2016-12-12 08:24:47 -06:00
* @param UserRepositoryInterface $repository
2015-05-03 05:58:55 -05:00
* @param DeleteAccountFormRequest $request
2015-05-03 02:19:14 -05:00
*
2016-12-12 08:24:47 -06:00
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
2015-05-03 02:19:14 -05:00
*/
2016-12-12 08:24:47 -06:00
public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
2015-05-03 02:19:14 -05:00
{
2016-09-16 05:15:58 -05:00
if (!Hash::check($request->get('password'), auth()->user()->password)) {
2018-04-22 10:10:11 -05:00
session()->flash('error', (string)trans('firefly.invalid_password'));
2015-05-03 02:19:14 -05:00
2015-07-06 09:27:21 -05:00
return redirect(route('profile.delete-account'));
2015-02-25 14:19:06 -06:00
}
2018-07-09 12:24:08 -05:00
/** @var User $user */
2016-12-12 08:24:47 -06:00
$user = auth()->user();
Log::info(sprintf('User #%d has opted to delete their account', auth()->user()->id));
// make repository delete user:
auth()->logout();
2018-04-22 10:12:22 -05:00
session()->flush();
2016-12-12 08:24:47 -06:00
$repository->destroy($user);
2015-07-06 09:27:21 -05:00
return redirect(route('index'));
2015-02-25 14:19:06 -06:00
}
2015-05-03 02:19:14 -05:00
/**
2018-07-22 01:10:16 -05:00
* Regenerate access token.
2018-08-06 12:14:30 -05:00
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
2017-11-15 03:52:29 -06:00
public function regenerate()
{
2018-07-09 12:24:08 -05:00
/** @var User $user */
2018-07-13 08:50:42 -05:00
$user = auth()->user();
2018-07-09 12:24:08 -05:00
$token = $user->generateAccessToken();
app('preferences')->set('access_token', $token);
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.token_regenerated'));
return redirect(route('profile.index'));
}
/**
2018-07-22 01:10:16 -05:00
* Undo change of user email address.
*
2017-12-17 07:30:53 -06:00
* @param UserRepositoryInterface $repository
* @param string $token
* @param string $hash
*
2017-11-17 22:46:19 -06:00
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
2017-11-18 09:30:45 -06:00
*
* @throws FireflyException
*/
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
{
2018-10-13 08:06:56 -05:00
$loginProvider = config('firefly.login_provider');
if ('eloquent' !== $loginProvider) {
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreStart
2018-10-13 08:06:56 -05:00
throw new FireflyException('Cannot confirm email change when authentication provider is not local.');
2018-12-12 13:30:25 -06:00
// @codeCoverageIgnoreEnd
2018-10-13 08:06:56 -05:00
}
// find preference with this token value.
$set = app('preferences')->findByName('email_change_undo_token');
$user = null;
/** @var Preference $preference */
foreach ($set as $preference) {
if ($preference->data === $token) {
$user = $preference->user;
}
}
2017-11-15 05:25:49 -06:00
if (null === $user) {
throw new FireflyException('Invalid token.');
}
2018-07-20 07:34:56 -05:00
// found user.which email address to return to?
$set = app('preferences')->beginsWith($user, 'previous_email_');
/** @var string $match */
$match = null;
foreach ($set as $entry) {
$hashed = hash('sha256', $entry->data);
if ($hashed === $hash) {
$match = $entry->data;
break;
}
}
2017-11-15 05:25:49 -06:00
if (null === $match) {
throw new FireflyException('Invalid token.');
}
// change user back
// now actually update user:
$repository->changeEmail($user, $match);
$repository->unblockUser($user);
// return to login.
2018-04-22 10:10:11 -05:00
session()->flash('success', (string)trans('firefly.login_with_old_email'));
return redirect(route('login'));
}
2019-08-08 10:52:37 -05:00
/**
* TODO duplicate code.
*
* @param string $mfaCode
*/
private function addToMFAHistory(string $mfaCode): void
{
/** @var array $mfaHistory */
$mfaHistory = app('preferences')->get('mfa_history', [])->data;
$entry = [
'time' => time(),
'code' => $mfaCode,
];
$mfaHistory[] = $entry;
app('preferences')->set('mfa_history', $mfaHistory);
$this->filterMFAHistory();
}
2018-04-02 08:26:33 -05:00
2019-08-08 10:52:37 -05:00
/**
* Remove old entries from the preferences array.
*/
private function filterMFAHistory(): void
{
/** @var array $mfaHistory */
$mfaHistory = app('preferences')->get('mfa_history', [])->data;
$newHistory = [];
$now = time();
foreach ($mfaHistory as $entry) {
$time = $entry['time'];
$code = $entry['code'];
if ($now - $time <= 300) {
$newHistory[] = [
'time' => $time,
'code' => $code,
];
}
}
app('preferences')->set('mfa_history', $newHistory);
}
2015-02-25 14:19:06 -06:00
}