Auth changes

app/Http/Controllers/Auth/RegisteredUserController.php

@@ -37,7 +37,7 @@ public function store(Request $request)
         $request->validate([
             'name' => ['required', 'string', 'max:255'],
             'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
-            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+            'password' => ['required', 'confirmed', Rules\Password::defaults(), 'regex:/^[1-9a-zA-z]*[a-zA-Z]+[1-9a-zA-z]*$/','min:8'],
         ]);
 
         $user = User::create([

app/Http/Controllers/ProfileController.php

@@ -2,6 +2,8 @@
 
 namespace App\Http\Controllers;
 
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Auth;
 use App\Http\Requests\ProfileUpdateRequest;
 
 class ProfileController extends Controller
@@ -16,6 +18,18 @@ public function update(ProfileUpdateRequest $request)
         // Task: fill in the code here to update name and email
         // Also, update the password if it is set
 
+        $user = Auth::user();
+
+        $user->name = $request->input('name');
+        $user->email = $request->input('email');
+
+        if ($request->input('password')) {
+            $new_password = bcrypt($request->input('password'));
+            $user->password = $new_password;
+        }
+
+        $user->save();
+
         return redirect()->route('profile.show')->with('success', 'Profile updated.');
     }
 }

app/Models/User.php

@@ -8,7 +8,7 @@
 use Illuminate\Notifications\Notifiable;
 use Laravel\Sanctum\HasApiTokens;
 
-class User extends Authenticatable
+class User extends Authenticatable implements MustVerifyEmail
 {
     use HasApiTokens, HasFactory, Notifiable;
 

resources/views/auth/profile.blade.php

@@ -29,7 +29,7 @@
                                      class="block mt-1 w-full"
                                      type="text"
                                      name="name"
-                                     value="???"
+                                     value="{{ old('name', auth()->user()->name) }}"
                                      required />
                         </div>
 
@@ -40,7 +40,7 @@ class="block mt-1 w-full"
                                      class="block mt-1 w-full"
                                      type="email"
                                      name="email"
-                                     value="???"
+                                     value="{{ old('email', auth()->user()->email) }}"
                                      required />
                         </div>
 

resources/views/layouts/navigation.blade.php

@@ -15,10 +15,12 @@
                     <x-nav-link :href="route('users.index')" :active="request()->routeIs('users.index')">
                         {{ __('Users') }}
                     </x-nav-link>
-                    {{-- Task: this "Profile" link should be visible only to logged-in users --}}
-                    <x-nav-link href="/profile" :active="request()->routeIs('profile.show')">
-                        {{ __('Profile') }}
-                    </x-nav-link>
+                    @auth
+                        {{-- Task: this "Profile" link should be visible only to logged-in users --}}
+                        <x-nav-link href="/profile" :active="request()->routeIs('profile.show')">
+                            {{ __('Profile') }}
+                        </x-nav-link>
+                    @endauth
                 </div>
             </div>
 

routes/web.php

@@ -13,24 +13,44 @@
 |
 */
 
-Route::get('/', function () {
-    return view('home');
-})->name('home');
 
-Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
-
-// Task: profile functionality should be available only for logged-in users
-Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
-Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
-
-// Task: this "/secretpage" URL should be visible only for those who VERIFIED their email
-// Add some middleware here, and change some code in app/Models/User.php to enable this
-Route::view('/secretpage', 'secretpage')
-    ->name('secretpage');
-
-// Task: this "/verysecretpage" URL should ask user for verifying their password once again
-// You need to add some middleware here
-Route::view('/verysecretpage', 'verysecretpage')
-    ->name('verysecretpage');
+Route::group(['middleware' => 'auth'], function () {
+    Route::get('/', function () {
+        return view('home');
+    })->name('home');
+
+    Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
+
+    // Task: profile functionality should be available only for logged-in users
+    Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
+    Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
+
+    // Task: this "/secretpage" URL should be visible only for those who VERIFIED their email
+    // Add some middleware here, and change some code in app/Models/User.php to enable this
+    Route::view('/secretpage', 'secretpage')
+        ->name('secretpage')
+        ->middleware('verified');
+
+    // Task: this "/verysecretpage" URL should ask user for verifying their password once again
+    // You need to add some middleware here
+    Route::view('/verysecretpage', 'verysecretpage')
+        ->name('verysecretpage')->middleware(['password.confirm']);;
+
+    Route::get('/confirm-password', function () {
+        return view('auth.confirm-password');
+    })->middleware('auth')->name('password.confirm');
+
+    Route::post('/confirm-password', function (Request $request) {
+        if (! Hash::check($request->password, $request->user()->password)) {
+            return back()->withErrors([
+                'password' => ['The provided password does not match our records.']
+            ]);
+        }
+
+        $request->session()->passwordConfirmed();
+
+        return redirect()->intended();
+    })->middleware(['throttle:6,1']);
+});
 
 require __DIR__.'/auth.php';