From 8f99c79c80bca012b9dd3ea7e3328862c7a979da Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:29:46 +0300 Subject: [PATCH 1/8] Update web.php --- routes/web.php | 56 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 18 deletions(-) diff --git a/routes/web.php b/routes/web.php index 71d04297..08008816 100644 --- a/routes/web.php +++ b/routes/web.php @@ -13,24 +13,44 @@ | */ -Route::get('/', function () { - return view('home'); -})->name('home'); -Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index'); - -// Task: profile functionality should be available only for logged-in users -Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show'); -Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update'); - -// Task: this "/secretpage" URL should be visible only for those who VERIFIED their email -// Add some middleware here, and change some code in app/Models/User.php to enable this -Route::view('/secretpage', 'secretpage') - ->name('secretpage'); - -// Task: this "/verysecretpage" URL should ask user for verifying their password once again -// You need to add some middleware here -Route::view('/verysecretpage', 'verysecretpage') - ->name('verysecretpage'); +Route::group(['middleware' => 'auth'], function () { + Route::get('/', function () { + return view('home'); + })->name('home'); + + Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index'); + + // Task: profile functionality should be available only for logged-in users + Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show'); + Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update'); + + // Task: this "/secretpage" URL should be visible only for those who VERIFIED their email + // Add some middleware here, and change some code in app/Models/User.php to enable this + Route::view('/secretpage', 'secretpage') + ->name('secretpage') + ->middleware('verified'); + + // Task: this "/verysecretpage" URL should ask user for verifying their password once again + // You need to add some middleware here + Route::view('/verysecretpage', 'verysecretpage') + ->name('verysecretpage')->middleware(['password.confirm']);; + + Route::get('/confirm-password', function () { + return view('auth.confirm-password'); + })->middleware('auth')->name('password.confirm'); + + Route::post('/confirm-password', function (Request $request) { + if (! Hash::check($request->password, $request->user()->password)) { + return back()->withErrors([ + 'password' => ['The provided password does not match our records.'] + ]); + } + + $request->session()->passwordConfirmed(); + + return redirect()->intended(); + })->middleware(['auth', 'throttle:6,1']); +}); require __DIR__.'/auth.php'; From 08580e61f8fb69c87e641f6ff4034118502b2fd7 Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:30:26 +0300 Subject: [PATCH 2/8] Update navigation.blade.php --- resources/views/layouts/navigation.blade.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/resources/views/layouts/navigation.blade.php b/resources/views/layouts/navigation.blade.php index 785936e7..330ac3f6 100644 --- a/resources/views/layouts/navigation.blade.php +++ b/resources/views/layouts/navigation.blade.php @@ -15,10 +15,12 @@ {{ __('Users') }} - {{-- Task: this "Profile" link should be visible only to logged-in users --}} - - {{ __('Profile') }} - + @auth + {{-- Task: this "Profile" link should be visible only to logged-in users --}} + + {{ __('Profile') }} + + @endauth From 68f4359597c8627ee77e652fa4d5c97cc7f15631 Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:30:56 +0300 Subject: [PATCH 3/8] Update profile.blade.php --- resources/views/auth/profile.blade.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/views/auth/profile.blade.php b/resources/views/auth/profile.blade.php index 70e8a8e1..c16e6902 100644 --- a/resources/views/auth/profile.blade.php +++ b/resources/views/auth/profile.blade.php @@ -29,7 +29,7 @@ class="block mt-1 w-full" type="text" name="name" - value="???" + value="{{ auth()->user()->name }}" required /> @@ -40,7 +40,7 @@ class="block mt-1 w-full" class="block mt-1 w-full" type="email" name="email" - value="???" + value="{{ auth()->user()->email }}" required /> From 53b7b93d51bce1ca51e40f301d3d9b16550379e7 Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:31:34 +0300 Subject: [PATCH 4/8] Update ProfileController.php --- app/Http/Controllers/ProfileController.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index e0093a49..4399747f 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -2,6 +2,8 @@ namespace App\Http\Controllers; +use Illuminate\Support\Facades\Log; +use Illuminate\Support\Facades\Auth; use App\Http\Requests\ProfileUpdateRequest; class ProfileController extends Controller @@ -16,6 +18,18 @@ public function update(ProfileUpdateRequest $request) // Task: fill in the code here to update name and email // Also, update the password if it is set + $user = Auth::user(); + + $user->name = $request->input('name'); + $user->email = $request->input('email'); + + if ($request->input('password')) { + $new_password = bcrypt($request->input('password')); + $user->password = $new_password; + } + + $user->save(); + return redirect()->route('profile.show')->with('success', 'Profile updated.'); } } From 0cd5f689dcc6b899dcfba69e05968a7d8922b308 Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:32:02 +0300 Subject: [PATCH 5/8] Update RegisteredUserController.php --- app/Http/Controllers/Auth/RegisteredUserController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Auth/RegisteredUserController.php b/app/Http/Controllers/Auth/RegisteredUserController.php index d8d29eb5..a7e83289 100644 --- a/app/Http/Controllers/Auth/RegisteredUserController.php +++ b/app/Http/Controllers/Auth/RegisteredUserController.php @@ -37,7 +37,7 @@ public function store(Request $request) $request->validate([ 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], - 'password' => ['required', 'confirmed', Rules\Password::defaults()], + 'password' => ['required', 'confirmed', Rules\Password::defaults(), 'regex:/^[1-9a-zA-z]*[a-zA-Z]+[1-9a-zA-z]*$/','min:8'], ]); $user = User::create([ From a457d6325bb9b37c40efabc49280e1cccbaf9d3f Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:32:41 +0300 Subject: [PATCH 6/8] Update User.php --- app/Models/User.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Models/User.php b/app/Models/User.php index e23e0905..12a2354b 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -8,7 +8,7 @@ use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; -class User extends Authenticatable +class User extends Authenticatable implements MustVerifyEmail { use HasApiTokens, HasFactory, Notifiable; From d9652fc248e2db4f43bfec51ea08a01f01a9faac Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:33:47 +0300 Subject: [PATCH 7/8] Update web.php --- routes/web.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routes/web.php b/routes/web.php index 08008816..40932636 100644 --- a/routes/web.php +++ b/routes/web.php @@ -50,7 +50,7 @@ $request->session()->passwordConfirmed(); return redirect()->intended(); - })->middleware(['auth', 'throttle:6,1']); + })->middleware(['throttle:6,1']); }); require __DIR__.'/auth.php'; From 40aa1c32478ce3c684f2625df183f2d7c4030295 Mon Sep 17 00:00:00 2001 From: Dimitris Papathanasiou Date: Tue, 3 Sep 2024 09:44:05 +0300 Subject: [PATCH 8/8] Further Updated profile.blade.php --- resources/views/auth/profile.blade.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/views/auth/profile.blade.php b/resources/views/auth/profile.blade.php index c16e6902..9c9047fe 100644 --- a/resources/views/auth/profile.blade.php +++ b/resources/views/auth/profile.blade.php @@ -29,7 +29,7 @@ class="block mt-1 w-full" type="text" name="name" - value="{{ auth()->user()->name }}" + value="{{ old('name', auth()->user()->name) }}" required /> @@ -40,7 +40,7 @@ class="block mt-1 w-full" class="block mt-1 w-full" type="email" name="email" - value="{{ auth()->user()->email }}" + value="{{ old('email', auth()->user()->email) }}" required />