mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change the routes

Browse source 
Implement email and password change + password when it's not set
This commit is contained in:
Timothée Jaussoin 2020-04-15 16:59:34 +02:00
parent e9e9d09b37
commit d73c952c76
11 changed files with 224 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
flexiapi/app/Http/Controllers/AccountController.php
View file

@ -18,6 +18,17 @@ class AccountController extends Controller
]);
}
public function login(Request $request)
{
return view('account.login');
}
public function logout(Request $request)
{
Auth::logout();
return redirect()->route('account.login');
}
public function authenticate(Request $request)
{
$request->validate([
@ -34,8 +45,8 @@ class AccountController extends Controller
// Try out the passwords
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
Utils::bchash($username, $domain, $request->get('password'), $password->algorithm)
$password->password,
Utils::bchash($username, $domain, $request->get('password'), $password->algorithm)
)) {
Auth::login($account);
return redirect()->route('account.index');

29
flexiapi/app/Http/Controllers/AccountEmailController.php Normal file
View file

@ -0,0 +1,29 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class AccountEmailController extends Controller
{
public function show(Request $request)
{
return view('account.email', [
'account' => $request->user()
]);
}
public function update(Request $request)
{
$request->validate([
'email' => 'required|email',
'email_confirm' => 'required|same:email'
]);
$account = $request->user();
$account->email = $request->get('email');
$account->save();
return redirect()->route('account.index');
}
}

62
flexiapi/app/Http/Controllers/AccountPasswordController.php Normal file
View file

@ -0,0 +1,62 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Account;
use App\Password;
use App\Helpers\Utils;
class AccountPasswordController extends Controller
{
public function show(Request $request)
{
return view('account.password', [
'account' => $request->user()
]);
}
public function update(Request $request)
{
$request->validate([
'password' => 'required|confirmed|min:6',
]);
$account = $request->user();
$algorithm = $request->has('password_sha256') ? 'SHA-256' : 'MD5';
if ($account->passwords()->count() > 0) {
$request->validate(['old_password' => 'required']);
foreach ($account->passwords as $password) {
// If one of the password stored equals the one entered
if (hash_equals(
$password->password,
Utils::bchash($account->username, $account->domain, $request->get('old_password'), $password->algorithm)
)) {
$this->updatePassword($account, $request->get('password'), $algorithm);
return redirect()->route('account.index');
}
}
return redirect()->back()->withErrors(['old_password' => 'Old password not correct']);
} else {
// No password yet
$this->updatePassword($account, $request->get('password'), $algorithm);
return redirect()->back();
}
}
private function updatePassword(Account $account, $newPassword, $algorithm)
{
$account->passwords()->delete();
$password = new Password;
$password->account_id = $account->id;
$password->password = Utils::bchash($account->username, $account->domain, $newPassword, $algorithm);
$password->algorithm = $algorithm;
$password->save();
}
}

22
flexiapi/app/Http/Controllers/HomeController.php
View file

@ -1,22 +0,0 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Account;
class HomeController extends Controller
{
public function index(Request $request)
{
return view('home');
}
public function logout(Request $request)
{
Auth::logout();
return redirect()->route('home');
}
}

2
flexiapi/app/Http/Middleware/Authenticate.php
View file

@ -15,7 +15,7 @@ class Authenticate extends Middleware
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('home');
return route('account.login');
}
}
}

26
flexiapi/resources/views/account/email.blade.php Normal file
View file

@ -0,0 +1,26 @@
@extends('layouts.account')
@section('content')
<h2>Change my account email address</h2>
@if (!empty($account->email))
<p>Currently: {{ $account->email }}</p>
@else
<p>No email yet</p>
@endif
{!! Form::open(['route' => 'account.email.update']) !!}
<div class="form-group">
{!! Form::label('email', 'New email') !!}
{!! Form::email('email', old('email'), ['class' => 'form-control', 'placeholder' => 'username@server.com', 'required']) !!}
</div>
<div class="form-group">
{!! Form::label('email_confirmation', 'Email confirmation') !!}
{!! Form::email('email_confirmation', old('email_confirm'), ['class' => 'form-control', 'placeholder' => 'username@server.com', 'required']) !!}
</div>
{!! Form::submit('Change', ['class' => 'btn btn-primary float-right']) !!}
{!! Form::close() !!}
@endsection

25
flexiapi/resources/views/account/index.blade.php
View file

@ -1,5 +1,28 @@
@extends('layouts.account')
@section('content')
{{ $account->identifier }}
<div class="list-group">
<a href="{{ route('account.email') }}" class="list-group-item list-group-item-action">
<div class="d-flex w-100 justify-content-between">
<h5 class="mb-1">Change my current account email</h5>
</div>
@if (!empty($account->email))
<p class="mb-1">{{ $account->email }}</p>
@else
<p class="mb-1">No email yet</p>
@endif
</a>
<a href="{{ route('account.password') }}" class="list-group-item list-group-item-action">
<div class="d-flex w-100 justify-content-between">
<h5 class="mb-1">Change my password</h5>
</div>
@if ($account->passwords()->where('algorithm', 'SHA-256')->exists())
<p class="mb-1">SHA-256 password configured</p>
@else
<p class="mb-1">MD5 password only</p>
@endif
</a>
</div>
@endsection

26
flexiapi/resources/views/account/login.blade.php Normal file
View file

@ -0,0 +1,26 @@
@extends('layouts.main')
@section('content')
@if (Auth::check())
<div class="alert alert-primary" role="alert">
<a class="float-right" href="{{ route('logout') }}">Logout</a>
You are already authenticated
</div>
@else
<div class="card mt-3">
<div class="card-body">
{!! Form::open(['route' => 'account.authenticate']) !!}
<div class="form-group">
{!! Form::label('username', 'Username') !!}
{!! Form::text('username', old('username'), ['class' => 'form-control', 'placeholder' => 'username@sip.linphone.org', 'required']) !!}
</div>
<div class="form-group">
{!! Form::label('password', 'Password') !!}
{!! Form::password('password', ['class' => 'form-control', 'placeholder' => 'myPassword', 'required']) !!}
</div>
{!! Form::submit('Authenticate', ['class' => 'btn btn-primary']) !!}
{!! Form::close() !!}
</div>
</div>
@endif
@endsection

30
flexiapi/resources/views/account/password.blade.php Normal file
View file

@ -0,0 +1,30 @@
@extends('layouts.account')
@section('content')
<h2>Change my account password</h2>
{!! Form::open(['route' => 'account.password.update']) !!}
@if ($account->passwords()->count() > 0)
<div class="form-group">
{!! Form::label('old_password', 'Old password') !!}
{!! Form::password('old_password', ['class' => 'form-control', 'required']) !!}
</div>
@endif
<div class="form-group">
{!! Form::label('password', 'New password') !!}
{!! Form::password('password', ['class' => 'form-control', 'required']) !!}
</div>
<div class="form-group">
{!! Form::label('password_confirmation', 'Password confirmation') !!}
{!! Form::password('password_confirmation', ['class' => 'form-control', 'required']) !!}
</div>
<div class="form-check">
{!! Form::checkbox('password_sha256', 'checked', $account->passwords()->where('algorithm', 'SHA-256')->exists(), ['class' => 'form-check-input']) !!}
{!! Form::label('password_sha256', 'Use a SHA-256 encrypted password. This stronger password might not work with some old SIP clients.', ['class' => 'form-check-label']) !!}
</div>
{!! Form::submit('Change', ['class' => 'btn btn-primary float-right']) !!}
{!! Form::close() !!}
@endsection

9
flexiapi/resources/views/layouts/account.blade.php
View file

@ -1,19 +1,16 @@
@extends('layouts.base')
@section('body')
<nav class="navbar navbar-expand-lg navbar-light bg-light">
<nav class="navbar navbar-expand navbar-light bg-light">
<div class="collapse navbar-collapse" >
<ul class="navbar-nav mr-auto">
<li class="nav-item active">
<a class="nav-link" href="/">FlexiAPI</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ route('account.index') }}">My Account</a>
<a class="nav-link" href="{{ route('account.index') }}">FlexiAPI</a>
</li>
</ul>
<ul class="navbar-nav">
<li class="nav-item active">
<a class="nav-link" href="{{ route('logout') }}">Logout</a>
<a class="nav-link" href="{{ route('account.logout') }}">Logout</a>
</li>
</ul>
</div>

14
flexiapi/routes/web.php
View file

@ -17,11 +17,17 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
Route::get('/', 'HomeController@index')->name('home');
Route::get('logout', 'HomeController@logout')->name('logout');
//Route::get('/', 'HomeController@index')->name('home');
Route::post('account/authenticate', 'AccountController@authenticate')->name('account.authenticate');
Route::get('login', 'AccountController@login')->name('account.login');
Route::post('authenticate', 'AccountController@authenticate')->name('account.authenticate');
Route::group(['middleware' => 'auth'], function () {
Route::get('account', 'AccountController@index')->name('account.index');
Route::get('/', 'AccountController@index')->name('account.index');
Route::get('logout', 'AccountController@logout')->name('account.logout');
Route::get('email', 'AccountEmailController@show')->name('account.email');
Route::post('email', 'AccountEmailController@update')->name('account.email.update');
Route::get('password', 'AccountPasswordController@show')->name('account.password');
Route::post('password', 'AccountPasswordController@update')->name('account.password.update');
});