%PDF-
%PDF-
Mini Shell
Mini Shell
<?php
namespace App\Http\Controllers\Api\v1;
use App\Enums\UsertypeEnum;
use App\Http\Controllers\Controller;
use App\Http\Resources\FamilyIndividualCollection;
use App\Http\Resources\IndividualResource;
use App\Http\Resources\MinorResource;
use App\Http\Resources\RollCall;
use App\Http\Resources\RollCallCollection;
use App\Http\Resources\UserResource;
use App\Mail\PrincipalResetPasswordEmail;
use App\Models\Classroom;
use App\Models\Individual;
use App\Models\Minor;
use App\Traits\ApiUser;
use App\User;
use Illuminate\Auth\Passwords\PasswordBroker;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use App\Services\SmsService;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Mail;
use Laravel\Nova\Actions\Action;
use Symfony\Component\HttpKernel\Exception\HttpException;
class UserController extends Controller
{
use ApiUser;
/**
* @param Request $request
* @return UserResource
*/
public function getUserInfo(Request $request)
{
$user = $this->getLoggedUser();
return new UserResource($user);
}
/**
* changes user password
* @param Request $request
* @return \Illuminate\Contracts\Routing\ResponseFactory|Response
*/
public function changePassword(Request $request)
{
$user = $this->getLoggedUser();
$password = $request->input('password', false);
if(!$password){
throw new HttpException(Response::HTTP_BAD_REQUEST);
}
$user->password = bcrypt($password);
$user->active = true;
if(!$user->save()){
throw new HttpException(Response::HTTP_NOT_MODIFIED);
}
return response(Response::HTTP_OK);
}
/**
* @param Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function checkToken(Request $request)
{
$token = $request->input('token', false);
if(!$token){
throw new HttpException(Response::HTTP_BAD_REQUEST);
}
$user = User::where('remember_token', $token)->first();
if(!$user){
throw new HttpException(Response::HTTP_UNAUTHORIZED);
}
$first_access = !$user->active;
$data = [
"first_access" => $first_access
];
if($first_access){
$data["email"] = $user->email;
}
return response()->json($data, Response::HTTP_OK);
}
/**
* @param Request $request
* @return \Illuminate\Contracts\Routing\ResponseFactory|Response
*/
public function tokenChangePassword(Request $request)
{
$token = $request->input('token', false);
if(!$token){
throw new HttpException(Response::HTTP_BAD_REQUEST);
}
$user = User::where('remember_token', $token)->first();
if(!$user){
throw new HttpException(Response::HTTP_UNAUTHORIZED);
}
$password = $request->input('password', false);
$user->password = bcrypt($password);
$user->active = true;
if(!$user->save()){
throw new HttpException(Response::HTTP_NOT_MODIFIED);
}
return response(Response::HTTP_OK);
}
/**
* Reset user password
* set user active to 0 and send token
* @param Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function lostPassword(Request $request)
{
$data = $request->all();
$individual_user = User::where('email', $data['username'])->first();
if (!$individual_user) {
return response()->json(['error' => 'Utente non trovato'], Response::HTTP_BAD_REQUEST);
}
$individual = DB::table('individuals')->where('user_id', $individual_user->id)->first();
if (!$individual) {
return response()->json(['error' => 'Utente non trovato'], Response::HTTP_BAD_REQUEST);
}
$hash = Hash::make($individual->fiscal_code . time());
$token = str_replace(["$","#","%",".",",","@","/","\\"],rand(0,9), $hash);
$individual_user->remember_token = $token;
$individual_user->active = 0;
$individual_user->save();
if ($individual_user->usertype->role === UsertypeEnum::TEACHER) {
$url = env("WEBAPP_BASE_URL", "https://app-staging.camillo.online") . "/confirm?token=" . $token;
try {
Mail::to($individual->email)->send(new PrincipalResetPasswordEmail($url));
} catch (\Exception $exception) {
throw new HttpException(Response::HTTP_INTERNAL_SERVER_ERROR, $exception->getMessage());
}
}
else {
$url = env('WEBAPP_BASE_URL', "https://app-staging.camillo.online") . "/confirm?token=" . $token;
//send SMS
$sms = new SmsService($individual, "sms_lost_password", $url);
if (!$sms->send_invitation()) {
throw new HttpException(Response::HTTP_INTERNAL_SERVER_ERROR);
}
}
return response(Response::HTTP_CREATED);
}
/**
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function principalReset(Request $request)
{
$token = $request->input('token', false);
if (!$token) {
throw new HttpException(Response::HTTP_BAD_REQUEST);
}
$user = User::where('remember_token', $token)->first();
if (!$user) {
throw new HttpException(Response::HTTP_UNAUTHORIZED);
}
if ((!$user->active) && $user->usertype->role === UsertypeEnum::PRINCIPAL) {
$user->active = true;
$user->save();
}
$token = app(PasswordBroker::class)->getRepository()->create($user);
$user = auth()->user();
if($user){
Auth::logout();
}
return redirect("password/reset/$token");
}
//called from navbar
public function principalResetAction()
{
//retrieve current user and individual
$user = auth()->user();
$individual = $user->individual;
//generate token
$hash= Hash::make($individual->fiscal_code . time());
$token = str_replace(["$","#","%",".",",","@","/","\\"],rand(0,9), $hash);
//save token
$user->remember_token = $token;
$user->saveOrFail();
//prepare sms
$type = "password_reset";
$url = env('API_BASE_URL',"https://bo-staging.camillo.online") . "/principal/reset?token=" . $token;
//send SMS
$sms = new SmsService($individual, $type, $url);
if(!$sms->send_invitation()){
return response('OK', 200);
}
}
public function principalOwnReset()
{
Auth::logout();
return redirect('password/reset');
}
}
Zerion Mini Shell 1.0