Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

fix: password reset / invitation link requests

Browse Source
This commit is contained in:
Andras Bacsai 2023-12-13 15:22:37 +01:00
parent 1ff1664b6c
commit 02c8b9f471
7 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/Http/Controllers/Controller.php
View File

@ -39,7 +39,7 @@ class Controller extends BaseController
} else {
$team = $user->teams()->first();
}
if (is_null(data_get($user, 'email_verified_at'))){
if (is_null(data_get($user, 'email_verified_at'))) {
$user->email_verified_at = now();
$user->save();
}
@ -137,16 +137,28 @@ class Controller extends BaseController
public function acceptInvitation()
{
try {
$invitation = TeamInvitation::whereUuid(request()->route('uuid'))->firstOrFail();
$resetPassword = request()->query('reset-password');
$invitationUuid = request()->route('uuid');
$invitation = TeamInvitation::whereUuid($invitationUuid)->firstOrFail();
$user = User::whereEmail($invitation->email)->firstOrFail();
if (auth()->user()->id !== $user->id) {
abort(401);
}
$invitationValid = $invitation->isValid();
if ($invitationValid) {
if ($resetPassword) {
$user->update([
'password' => Hash::make($invitationUuid),
'force_password_reset' => true
]);
}
if ($user->teams()->where('team_id', $invitation->team->id)->exists()) {
$invitation->delete();
return redirect()->route('team.index');
}
$user->teams()->attach($invitation->team->id, ['role' => $invitation->role]);
refreshSession($invitation->team);
$invitation->delete();
if (auth()->user()?->id !== $user->id) {
return redirect()->route('login');
}
refreshSession($invitation->team);
return redirect()->route('team.index');
} else {
abort(401);

2
app/Http/Middleware/CheckForcePasswordReset.php
View File

@ -24,7 +24,7 @@ class CheckForcePasswordReset
}
$force_password_reset = auth()->user()->force_password_reset;
if ($force_password_reset) {
if ($request->routeIs('auth.force-password-reset') || $request->path() === 'livewire/message/force-password-reset') {
if ($request->routeIs('auth.force-password-reset') || $request->path() === 'force-password-reset' || $request->path() === 'livewire/update' || $request->path() === 'logout') {
return $next($request);
}
return redirect()->route('auth.force-password-reset');

3
app/Http/Middleware/DecideWhatToDoWithUser.php
View File

@ -11,6 +11,9 @@ class DecideWhatToDoWithUser
{
public function handle(Request $request, Closure $next): Response
{
if(auth()?->user()?->currentTeam()){
refreshSession(auth()->user()->currentTeam());
}
if (!auth()->user() || !isCloud() || isInstanceAdmin()) {
if (!isCloud() && showBoarding() && !in_array($request->path(), allowedPathsForBoardingAccounts())) {
return redirect('boarding');

10
bootstrap/helpers/subscriptions.php
View File

@ -128,11 +128,6 @@ function allowedPathsForUnsubscribedAccounts()
'logout',
'waitlist',
'force-password-reset',
// 'livewire/message/force-password-reset',
// 'livewire/message/check-license',
// 'livewire/message/switch-team',
// 'livewire/message/subscription.pricing-plans',
// 'livewire/message/help',
'livewire/update'
];
}
@ -141,8 +136,6 @@ function allowedPathsForBoardingAccounts()
return [
...allowedPathsForUnsubscribedAccounts(),
'boarding',
// 'livewire/message/boarding.index',
// 'livewire/message/activity-monitor',
'livewire/update'
];
}
@ -151,9 +144,6 @@ function allowedPathsForInvalidAccounts() {
'logout',
'verify',
'force-password-reset',
// 'livewire/message/force-password-reset',
// 'livewire/message/verify-email',
// 'livewire/message/help',
'livewire/update'
];
}

4
resources/views/auth/reset-password.blade.php
View File

@ -1,13 +1,13 @@
<x-layout-simple>
<div class="min-h-screen hero">
<div>
<div class="flex flex-col items-center pb-8">
<div class="flex flex-col items-center ">
<a href="{{ route('dashboard') }}">
<div class="text-5xl font-bold tracking-tight text-center text-white">Coolify</div>
</a>
</div>
<div class="flex items-center justify-center pb-4 text-center">
<h2>{{ __('auth.reset_password') }}</h2>
{{ __('auth.reset_password') }}
</div>
<div>
<form action="/reset-password" method="POST" class="flex flex-col gap-2">

1
resources/views/layouts/simple.blade.php
View File

@ -1,6 +1,7 @@
@extends('layouts.base')
@section('body')
@parent
<x-navbar-subscription />
<main>
{{ $slot }}
</main>

4
resources/views/livewire/force-password-reset.blade.php
View File

@ -1,12 +1,12 @@
<div class="min-h-screen hero">
<div class="w-96 min-w-fit">
<div class="flex flex-col items-center pb-8">
<div class="flex flex-col items-center">
<a href="{{ route('dashboard') }}">
<div class="text-5xl font-bold tracking-tight text-center text-white">Coolify</div>
</a>
</div>
<div class="flex items-center justify-center pb-4 text-center">
<h2>Set your initial password</h2>
Set your initial password
</div>
<form class="flex flex-col gap-2" wire:submit='submit'>
<x-forms.input id="email" type="email" placeholder="Email" readonly label="Email" />