mirror of
https://github.com/anonaddy/anonaddy
synced 2026-05-09 08:33:05 +02:00
96 lines
3.0 KiB
PHP
96 lines
3.0 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\Username;
|
|
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\App;
|
|
use Illuminate\Support\Facades\Password;
|
|
|
|
class ForgotPasswordController extends Controller
|
|
{
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Password Reset Controller
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This controller is responsible for handling password reset emails and
|
|
| includes a trait which assists in sending these notifications from
|
|
| your application to your users. Feel free to explore this trait.
|
|
|
|
|
*/
|
|
|
|
use SendsPasswordResetEmails;
|
|
|
|
/**
|
|
* Create a new controller instance.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function __construct()
|
|
{
|
|
$this->middleware('guest');
|
|
$this->middleware('throttle:3,1')->only('sendResetLinkEmail');
|
|
}
|
|
|
|
/**
|
|
* Send a reset link to the given user.
|
|
*
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
|
|
*/
|
|
public function sendResetLinkEmail(Request $request)
|
|
{
|
|
$this->validateUsername($request);
|
|
|
|
// Find the user_id and use that for the credentials
|
|
$userId = Username::firstWhere('username', $request->username)?->user_id;
|
|
|
|
// We will send the password reset link to this user. Once we have attempted
|
|
// to send the link, we will examine the response then see the message we
|
|
// need to show to the user. Finally, we'll send out a proper response.
|
|
$response = $this->broker()->sendResetLink(
|
|
['id' => $userId]
|
|
);
|
|
|
|
return $response == Password::RESET_LINK_SENT
|
|
? $this->sendResetLinkResponse($request, $response)
|
|
: $this->sendResetLinkFailedResponse($request, $response);
|
|
}
|
|
|
|
/**
|
|
* Validate the email for the given request.
|
|
*
|
|
* @return void
|
|
*/
|
|
protected function validateUsername(Request $request)
|
|
{
|
|
// Validate captcha separately first to prevent username enumeration
|
|
if (! App::environment('testing')) {
|
|
$request->validate([
|
|
'captcha' => 'required|captcha',
|
|
], [
|
|
'captcha.captcha' => 'The text entered was incorrect, please try again.',
|
|
]);
|
|
}
|
|
|
|
$request->validate(['username' => 'required|regex:/^[a-zA-Z0-9]*$/|max:20'], [
|
|
'username.regex' => 'Your username can only contain letters and numbers, do not use your email.',
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Get the response for a failed password reset link.
|
|
*
|
|
* @param string $response
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
|
|
*/
|
|
protected function sendResetLinkFailedResponse(Request $request, $response)
|
|
{
|
|
return back()
|
|
->withInput($request->only('username'))
|
|
->withErrors(['username' => trans($response)]);
|
|
}
|
|
}
|