Update Settings, fix regression

This commit is contained in:
Daniel Supernault 2019-06-16 21:48:58 -06:00
parent aa192d342d
commit 38fa09df05
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
3 changed files with 48 additions and 25 deletions

View file

@ -38,14 +38,12 @@ trait HomeSettings
'name' => 'required|string|max:'.config('pixelfed.max_name_length'), 'name' => 'required|string|max:'.config('pixelfed.max_name_length'),
'bio' => 'nullable|string|max:'.config('pixelfed.max_bio_length'), 'bio' => 'nullable|string|max:'.config('pixelfed.max_bio_length'),
'website' => 'nullable|url', 'website' => 'nullable|url',
'email' => 'nullable|email',
]); ]);
$changes = false; $changes = false;
$name = strip_tags(Purify::clean($request->input('name'))); $name = strip_tags(Purify::clean($request->input('name')));
$bio = $request->filled('bio') ? strip_tags(Purify::clean($request->input('bio'))) : null; $bio = $request->filled('bio') ? strip_tags(Purify::clean($request->input('bio'))) : null;
$website = $request->input('website'); $website = $request->input('website');
$email = $request->input('email');
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;
$layout = $request->input('profile_layout'); $layout = $request->input('profile_layout');
@ -55,28 +53,6 @@ trait HomeSettings
$validate = config('pixelfed.enforce_email_verification'); $validate = config('pixelfed.enforce_email_verification');
if ($user->email != $email) {
$changes = true;
$user->email = $email;
if ($validate) {
$user->email_verified_at = null;
// Prevent old verifications from working
EmailVerification::whereUserId($user->id)->delete();
}
$log = new AccountLog();
$log->user_id = $user->id;
$log->item_id = $user->id;
$log->item_type = 'App\User';
$log->action = 'account.edit.email';
$log->message = 'Email changed';
$log->link = null;
$log->ip_address = $request->ip();
$log->user_agent = $request->userAgent();
$log->save();
}
// Only allow email to be updated if not yet verified // Only allow email to be updated if not yet verified
if (!$validate || !$changes && $user->email_verified_at) { if (!$validate || !$changes && $user->email_verified_at) {
if ($profile->name != $name) { if ($profile->name != $name) {
@ -158,6 +134,52 @@ trait HomeSettings
return view('settings.email'); return view('settings.email');
} }
public function emailUpdate(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
]);
$changes = false;
$email = $request->input('email');
$user = Auth::user();
$profile = $user->profile;
$validate = config('pixelfed.enforce_email_verification');
if ($user->email != $email) {
$changes = true;
$user->email = $email;
if ($validate) {
$user->email_verified_at = null;
// Prevent old verifications from working
EmailVerification::whereUserId($user->id)->delete();
}
$log = new AccountLog();
$log->user_id = $user->id;
$log->item_id = $user->id;
$log->item_type = 'App\User';
$log->action = 'account.edit.email';
$log->message = 'Email changed';
$log->link = null;
$log->ip_address = $request->ip();
$log->user_agent = $request->userAgent();
$log->save();
}
if ($changes === true) {
Cache::forget('user:account:id:'.$user->id);
$user->save();
$profile->save();
return redirect('/settings/home')->with('status', 'Email successfully updated!');
} else {
return redirect('/settings/email');
}
}
public function avatar() public function avatar()
{ {
return view('settings.avatar'); return view('settings.avatar');

View file

@ -6,7 +6,7 @@
<h3 class="font-weight-bold">Email Settings</h3> <h3 class="font-weight-bold">Email Settings</h3>
</div> </div>
<hr> <hr>
<form method="post" action="{{route('settings')}}"> <form method="post" action="{{route('settings.email')}}">
@csrf @csrf
<input type="hidden" class="form-control" name="name" value="{{Auth::user()->profile->name}}"> <input type="hidden" class="form-control" name="name" value="{{Auth::user()->profile->name}}">
<input type="hidden" class="form-control" name="username" value="{{Auth::user()->profile->username}}"> <input type="hidden" class="form-control" name="username" value="{{Auth::user()->profile->username}}">

View file

@ -175,6 +175,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
Route::get('password', 'SettingsController@password')->name('settings.password')->middleware('dangerzone'); Route::get('password', 'SettingsController@password')->name('settings.password')->middleware('dangerzone');
Route::post('password', 'SettingsController@passwordUpdate')->middleware('dangerzone'); Route::post('password', 'SettingsController@passwordUpdate')->middleware('dangerzone');
Route::get('email', 'SettingsController@email')->name('settings.email'); Route::get('email', 'SettingsController@email')->name('settings.email');
Route::post('email', 'SettingsController@emailUpdate');
Route::get('notifications', 'SettingsController@notifications')->name('settings.notifications'); Route::get('notifications', 'SettingsController@notifications')->name('settings.notifications');
Route::get('privacy', 'SettingsController@privacy')->name('settings.privacy'); Route::get('privacy', 'SettingsController@privacy')->name('settings.privacy');
Route::post('privacy', 'SettingsController@privacyStore'); Route::post('privacy', 'SettingsController@privacyStore');