Update AccountController

This commit is contained in:
Daniel Supernault 2019-06-05 00:30:32 -06:00
parent a10e30aefd
commit b41b724803
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7

View file

@ -65,21 +65,18 @@ class AccountController extends Controller
public function sendVerifyEmail(Request $request) public function sendVerifyEmail(Request $request)
{ {
$timeLimit = Carbon::now()->subDays(1)->toDateTimeString();
$recentAttempt = EmailVerification::whereUserId(Auth::id()) $recentAttempt = EmailVerification::whereUserId(Auth::id())
->where('created_at', '>', $timeLimit)->count(); ->whereDate('created_at', '>', now()->subHours(12))->count();
$exists = EmailVerification::whereUserId(Auth::id())->count();
if ($recentAttempt == 1 && $exists == 1) { if ($recentAttempt > 0) {
return redirect()->back()->with('error', 'A verification email has already been sent recently. Please check your email, or try again later.'); return redirect()->back()->with('error', 'A verification email has already been sent recently. Please check your email, or try again later.');
} elseif ($recentAttempt == 0 && $exists !== 0) { }
// Delete old verification and send new one.
EmailVerification::whereUserId(Auth::id())->delete(); EmailVerification::whereUserId(Auth::id())->delete();
}
$user = User::whereNull('email_verified_at')->find(Auth::id()); $user = User::whereNull('email_verified_at')->find(Auth::id());
$utoken = hash('sha512', $user->id); $utoken = str_random(40);
$rtoken = str_random(40); $rtoken = str_random(128);
$verify = new EmailVerification(); $verify = new EmailVerification();
$verify->user_id = $user->id; $verify->user_id = $user->id;
@ -99,12 +96,16 @@ class AccountController extends Controller
->where('random_token', $randomToken) ->where('random_token', $randomToken)
->firstOrFail(); ->firstOrFail();
if (Auth::id() === $verify->user_id) { if (Auth::id() === $verify->user_id &&
$verify->user_token === $userToken &&
$verify->random_token === $randomToken) {
$user = User::find(Auth::id()); $user = User::find(Auth::id());
$user->email_verified_at = Carbon::now(); $user->email_verified_at = Carbon::now();
$user->save(); $user->save();
return redirect('/'); return redirect('/');
} else {
abort(403);
} }
} }