Update RegisterController

This commit is contained in:
Daniel Supernault 2021-12-29 00:38:08 -07:00
parent a259c6919f
commit e503a8da85
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
2 changed files with 18 additions and 1 deletions

View file

@ -44,6 +44,13 @@ class RegisterController extends Controller
$this->middleware('guest'); $this->middleware('guest');
} }
public function getRegisterToken()
{
return \Cache::remember('pf:register:rt', 900, function() {
return str_random(40);
});
}
/** /**
* Get a validator for an incoming registration request. * Get a validator for an incoming registration request.
* *
@ -110,8 +117,18 @@ class RegisterController extends Controller
}, },
]; ];
$rt = [
'required',
function ($attribute, $value, $fail) {
if($value !== $this->getRegisterToken()) {
return $fail('Something went wrong');
}
}
];
$rules = [ $rules = [
'agecheck' => 'required|accepted', 'agecheck' => 'required|accepted',
'rt' => $rt,
'name' => 'nullable|string|max:'.config('pixelfed.max_name_length'), 'name' => 'nullable|string|max:'.config('pixelfed.max_name_length'),
'username' => $usernameRules, 'username' => $usernameRules,
'email' => $emailRules, 'email' => $emailRules,

View file

@ -10,7 +10,7 @@
<div class="card-body"> <div class="card-body">
<form method="POST" action="{{ route('register') }}" class="px-md-3"> <form method="POST" action="{{ route('register') }}" class="px-md-3">
@csrf @csrf
<input type="hidden" name="rt" value="{{ (new \App\Http\Controllers\Auth\RegisterController())->getRegisterToken() }}">
<div class="form-group row"> <div class="form-group row">
<div class="col-md-12"> <div class="col-md-12">
<label class="small font-weight-bold text-lighter">Name</label> <label class="small font-weight-bold text-lighter">Name</label>