. */ namespace App\Http\Controllers\Api; use Illuminate\Http\Request; use Illuminate\Validation\Rule; use Illuminate\Support\Facades\Mail; use Carbon\Carbon; use App\Http\Controllers\Controller; use App\Mail\ConfirmedRegistration; use App\Helpers\Utils; use App\Account; use App\Password; class AccountController extends Controller { public function show(Request $request) { return Account::where('id', $request->user()->id) ->without(['api_key', 'email_changed.new_email']) ->first(); } public function requestEmailUpdate(Request $request) { $request->validate([ 'email' => ['required', 'email', Rule::notIn([$request->user()->email])], ]); $request->user()->requestEmailUpdate($request->get('email')); } public function passwordUpdate(Request $request) { $request->validate([ 'algorithm' => 'required|in:SHA-256,MD5', 'password' => 'required', ]); $account = $request->user(); $account->activated = true; $account->save(); $algorithm = $request->get('algorithm'); if ($account->passwords()->count() > 0) { $request->validate(['old_password' => 'required']); foreach ($account->passwords as $password) { if (hash_equals( $password->password, Utils::bchash($account->username, $account->domain, $request->get('old_password'), $password->algorithm) )) { $account->updatePassword($request->get('password'), $algorithm); return response()->json(); } } return response()->json(['errors' => ['old_password' => 'Incorrect old password']], 422); } else { $account->updatePassword($request->get('password'), $algorithm); if (!empty($account->email)) { Mail::to($account)->send(new ConfirmedRegistration($account)); } } } }