]> BookStack Code Mirror - bookstack/blobdiff - app/Users/Controllers/UserAccountController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Users: Built out auth page for my-account section
[bookstack] / app / Users / Controllers / UserAccountController.php
diff --git a/app/Users/Controllers/UserAccountController.php b/app/Users/Controllers/UserAccountController.php
index 9152eb5e822d6f3708190049281d992646d8cb4b..3dd13b85141c0ed697f84ec29e2a3eb6aeda36fe 100644 (file)
--- a/app/Users/Controllers/UserAccountController.php
+++ b/app/Users/Controllers/UserAccountController.php
@@ -2,18 +2,25 @@
 
 namespace BookStack\Users\Controllers;
 
 
 namespace BookStack\Users\Controllers;
 
+use BookStack\Access\SocialAuthService;
 use BookStack\Http\Controller;
 use BookStack\Permissions\PermissionApplicator;
 use BookStack\Settings\UserNotificationPreferences;
 use BookStack\Settings\UserShortcutMap;
 use BookStack\Users\UserRepo;
 use BookStack\Http\Controller;
 use BookStack\Permissions\PermissionApplicator;
 use BookStack\Settings\UserNotificationPreferences;
 use BookStack\Settings\UserShortcutMap;
 use BookStack\Users\UserRepo;
+use Closure;
 use Illuminate\Http\Request;
 use Illuminate\Http\Request;
+use Illuminate\Validation\Rules\Password;
 
 class UserAccountController extends Controller
 {
     public function __construct(
 
 class UserAccountController extends Controller
 {
     public function __construct(
-        protected UserRepo $userRepo
+        protected UserRepo $userRepo,
     ) {
     ) {
+        $this->middleware(function (Request $request, Closure $next) {
+            $this->preventGuestAccess();
+            return $next($request);
+        });
     }
 
     /**
     }
 
     /**
@@ -21,8 +28,7 @@ class UserAccountController extends Controller
      */
     public function index()
     {
      */
     public function index()
     {
-        $guest = user()->isGuest();
-        $mfaMethods = $guest ? [] : user()->mfaValues->groupBy('method');
+        $mfaMethods = user()->mfaValues->groupBy('method');
 
         return view('users.account.index', [
             'mfaMethods' => $mfaMethods,
 
         return view('users.account.index', [
             'mfaMethods' => $mfaMethods,
@@ -40,6 +46,7 @@ class UserAccountController extends Controller
         $this->setPageTitle(trans('preferences.shortcuts_interface'));
 
         return view('users.account.shortcuts', [
         $this->setPageTitle(trans('preferences.shortcuts_interface'));
 
         return view('users.account.shortcuts', [
+            'category' => 'shortcuts',
             'shortcuts' => $shortcuts,
             'enabled' => $enabled,
         ]);
             'shortcuts' => $shortcuts,
             'enabled' => $enabled,
         ]);
@@ -68,7 +75,6 @@ class UserAccountController extends Controller
     public function showNotifications(PermissionApplicator $permissions)
     {
         $this->checkPermission('receive-notifications');
     public function showNotifications(PermissionApplicator $permissions)
     {
         $this->checkPermission('receive-notifications');
-        $this->preventGuestAccess();
 
         $preferences = (new UserNotificationPreferences(user()));
 
 
         $preferences = (new UserNotificationPreferences(user()));
 
@@ -79,6 +85,7 @@ class UserAccountController extends Controller
 
         $this->setPageTitle(trans('preferences.notifications'));
         return view('users.account.notifications', [
 
         $this->setPageTitle(trans('preferences.notifications'));
         return view('users.account.notifications', [
+            'category' => 'notifications',
             'preferences' => $preferences,
             'watches' => $watches,
         ]);
             'preferences' => $preferences,
             'watches' => $watches,
         ]);
@@ -90,7 +97,6 @@ class UserAccountController extends Controller
     public function updateNotifications(Request $request)
     {
         $this->checkPermission('receive-notifications');
     public function updateNotifications(Request $request)
     {
         $this->checkPermission('receive-notifications');
-        $this->preventGuestAccess();
         $data = $this->validate($request, [
            'preferences' => ['required', 'array'],
            'preferences.*' => ['required', 'string'],
         $data = $this->validate($request, [
            'preferences' => ['required', 'array'],
            'preferences.*' => ['required', 'string'],
@@ -102,4 +108,42 @@ class UserAccountController extends Controller
 
         return redirect('/my-account/notifications');
     }
 
         return redirect('/my-account/notifications');
     }
+
+    /**
+     * Show the view for the "Access & Security" account options.
+     */
+    public function showAuth(SocialAuthService $socialAuthService)
+    {
+        $mfaMethods = user()->mfaValues->groupBy('method');
+
+        $this->setPageTitle(trans('preferences.auth'));
+
+        return view('users.account.auth', [
+            'category' => 'auth',
+            'mfaMethods' => $mfaMethods,
+            'authMethod' => config('auth.method'),
+            'activeSocialDrivers' => $socialAuthService->getActiveDrivers(),
+        ]);
+    }
+
+    /**
+     * Handle the submission for the auth change password form.
+     */
+    public function updatePassword(Request $request)
+    {
+        if (config('auth.method') !== 'standard') {
+            $this->showPermissionError();
+        }
+
+        $validated = $this->validate($request, [
+            'password'         => ['required_with:password_confirm', Password::default()],
+            'password-confirm' => ['same:password', 'required_with:password'],
+        ]);
+
+        $this->userRepo->update(user(), $validated, false);
+
+        $this->showSuccessNotification(trans('preferences.auth_change_password_success'));
+
+        return redirect('/my-account/auth');
+    }
 }
 }
The core source code for the BookStack project.