diff --git a/app/Http/Controllers/Auth/RegisteredUserController.php b/app/Http/Controllers/Auth/RegisteredUserController.php
index d8d29eb5..a7e83289 100644
--- a/app/Http/Controllers/Auth/RegisteredUserController.php
+++ b/app/Http/Controllers/Auth/RegisteredUserController.php
@@ -37,7 +37,7 @@ public function store(Request $request)
$request->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
- 'password' => ['required', 'confirmed', Rules\Password::defaults()],
+ 'password' => ['required', 'confirmed', Rules\Password::defaults(), 'regex:/^[1-9a-zA-z]*[a-zA-Z]+[1-9a-zA-z]*$/','min:8'],
]);
$user = User::create([
diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index e0093a49..4399747f 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -2,6 +2,8 @@
namespace App\Http\Controllers;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Auth;
use App\Http\Requests\ProfileUpdateRequest;
class ProfileController extends Controller
@@ -16,6 +18,18 @@ public function update(ProfileUpdateRequest $request)
// Task: fill in the code here to update name and email
// Also, update the password if it is set
+ $user = Auth::user();
+
+ $user->name = $request->input('name');
+ $user->email = $request->input('email');
+
+ if ($request->input('password')) {
+ $new_password = bcrypt($request->input('password'));
+ $user->password = $new_password;
+ }
+
+ $user->save();
+
return redirect()->route('profile.show')->with('success', 'Profile updated.');
}
}
diff --git a/app/Models/User.php b/app/Models/User.php
index e23e0905..12a2354b 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -8,7 +8,7 @@
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
-class User extends Authenticatable
+class User extends Authenticatable implements MustVerifyEmail
{
use HasApiTokens, HasFactory, Notifiable;
diff --git a/resources/views/auth/profile.blade.php b/resources/views/auth/profile.blade.php
index 70e8a8e1..9c9047fe 100644
--- a/resources/views/auth/profile.blade.php
+++ b/resources/views/auth/profile.blade.php
@@ -29,7 +29,7 @@
class="block mt-1 w-full"
type="text"
name="name"
- value="???"
+ value="{{ old('name', auth()->user()->name) }}"
required />
@@ -40,7 +40,7 @@ class="block mt-1 w-full"
class="block mt-1 w-full"
type="email"
name="email"
- value="???"
+ value="{{ old('email', auth()->user()->email) }}"
required />
diff --git a/resources/views/layouts/navigation.blade.php b/resources/views/layouts/navigation.blade.php
index 785936e7..330ac3f6 100644
--- a/resources/views/layouts/navigation.blade.php
+++ b/resources/views/layouts/navigation.blade.php
@@ -15,10 +15,12 @@
{{ __('Users') }}
- {{-- Task: this "Profile" link should be visible only to logged-in users --}}
-
- {{ __('Profile') }}
-
+ @auth
+ {{-- Task: this "Profile" link should be visible only to logged-in users --}}
+
+ {{ __('Profile') }}
+
+ @endauth
diff --git a/routes/web.php b/routes/web.php
index 71d04297..40932636 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -13,24 +13,44 @@
|
*/
-Route::get('/', function () {
- return view('home');
-})->name('home');
-Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
-
-// Task: profile functionality should be available only for logged-in users
-Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
-Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
-
-// Task: this "/secretpage" URL should be visible only for those who VERIFIED their email
-// Add some middleware here, and change some code in app/Models/User.php to enable this
-Route::view('/secretpage', 'secretpage')
- ->name('secretpage');
-
-// Task: this "/verysecretpage" URL should ask user for verifying their password once again
-// You need to add some middleware here
-Route::view('/verysecretpage', 'verysecretpage')
- ->name('verysecretpage');
+Route::group(['middleware' => 'auth'], function () {
+ Route::get('/', function () {
+ return view('home');
+ })->name('home');
+
+ Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
+
+ // Task: profile functionality should be available only for logged-in users
+ Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
+ Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
+
+ // Task: this "/secretpage" URL should be visible only for those who VERIFIED their email
+ // Add some middleware here, and change some code in app/Models/User.php to enable this
+ Route::view('/secretpage', 'secretpage')
+ ->name('secretpage')
+ ->middleware('verified');
+
+ // Task: this "/verysecretpage" URL should ask user for verifying their password once again
+ // You need to add some middleware here
+ Route::view('/verysecretpage', 'verysecretpage')
+ ->name('verysecretpage')->middleware(['password.confirm']);;
+
+ Route::get('/confirm-password', function () {
+ return view('auth.confirm-password');
+ })->middleware('auth')->name('password.confirm');
+
+ Route::post('/confirm-password', function (Request $request) {
+ if (! Hash::check($request->password, $request->user()->password)) {
+ return back()->withErrors([
+ 'password' => ['The provided password does not match our records.']
+ ]);
+ }
+
+ $request->session()->passwordConfirmed();
+
+ return redirect()->intended();
+ })->middleware(['throttle:6,1']);
+});
require __DIR__.'/auth.php';