From fd57132d060583c0871efd190c85c6c2f449fb68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Jaussoin?=
 <timothee.jaussoin@belledonne-communications.com>
Date: Thu, 25 Apr 2024 11:03:18 +0200
Subject: [PATCH] Fix FLEXIAPI-166 Reimplement the deprecated email validation
 URL

---
 CHANGELOG.md                                  |  1 +
 .../Account/AuthenticateController.php        | 23 +++++++++++++++++++
 flexiapi/routes/web.php                       |  3 +++
 3 files changed, 27 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8b6e273..48f6dbf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 v1.5
 ----
+- Fix FLEXIAPI-166 Reimplement the deprecated email validation URL
 - Fix FLEXIAPI-165 Remove for now text/vcard header constraint
 - Fix FLEXIAPI-164 Add vcards-storage endpoints
 - Fix FLEXIAPI-162 Drop the aliases table and migrate the data to the phone column
diff --git a/flexiapi/app/Http/Controllers/Account/AuthenticateController.php b/flexiapi/app/Http/Controllers/Account/AuthenticateController.php
index b77140a..ab91f35 100644
--- a/flexiapi/app/Http/Controllers/Account/AuthenticateController.php
+++ b/flexiapi/app/Http/Controllers/Account/AuthenticateController.php
@@ -74,6 +74,29 @@ class AuthenticateController extends Controller
         return redirect()->back()->withErrors(['authentication' => 'Wrong username or password']);
     }
 
+    /**
+     * Deprecated
+     */
+    public function validateEmail(Request $request, string $code)
+    {
+        $request->merge(['code' => $code]);
+        $request->validate(['code' => 'required|size:' . self::$emailCodeSize]);
+
+        $account = Account::where('confirmation_key', $code)->first();
+
+        if (!$account) {
+            return redirect()->route('account.login');
+        }
+
+        $account->confirmation_key = null;
+        $account->activated = true;
+        $account->save();
+
+        Auth::login($account);
+
+        return redirect()->route('dashboard');
+    }
+
     public function loginAuthToken(Request $request, ?string $token = null)
     {
         $authToken = null;
diff --git a/flexiapi/routes/web.php b/flexiapi/routes/web.php
index 0f1c5ee..02534be 100644
--- a/flexiapi/routes/web.php
+++ b/flexiapi/routes/web.php
@@ -50,6 +50,9 @@ Route::group(['middleware' => 'web_panel_enabled'], function () {
     Route::post('authenticate', 'Account\AuthenticateController@authenticate')->name('account.authenticate');
     Route::get('authenticate/qrcode/{token?}', 'Account\AuthenticateController@loginAuthToken')->name('account.authenticate.auth_token');
 
+    // Deprecated
+    Route::get('authenticate/email/{code}', 'Account\AuthenticateController@validateEmail')->name('account.authenticate.email_confirm');
+
     Route::prefix('creation_token')->controller(CreationRequestTokenController::class)->group(function () {
         Route::get('check/{token}', 'check')->name('account.creation_request_token.check');
         Route::post('validate', 'validateToken')->name('account.creation_request_token.validate');