5 gadi atpakaļ · 6ba4ba6a51
--- a/app/Http/Controllers/Auth/VerificationController.php
+++ b/app/Http/Controllers/Auth/VerificationController.php
@@ -3,6 +3,8 @@
 
				 namespace App\Http\Controllers\Auth;
			
 
				 
			
 
				 use App\Http\Controllers\Controller;
			
 
				+use App\Recipient;
			
 
				+use App\User;
			
 
				 use Illuminate\Auth\Access\AuthorizationException;
			
 
				 use Illuminate\Auth\Events\Verified;
			
 
				 use Illuminate\Foundation\Auth\VerifiesEmails;
			
@@ -37,10 +39,10 @@ class VerificationController extends Controller
 
				      */
			
 
				     public function __construct()
			
 
				     {
			
 
				-        $this->middleware('auth');
			
 
				+        $this->middleware('auth')->except('verify');
			
 
				         $this->middleware('signed')->only('verify');
			
 
				         $this->middleware('throttle:1,1')->only('resend');
			
 
				-        $this->middleware('throttle:60,1')->only('verify');
			
 
				+        $this->middleware('throttle:6,1')->only('verify');
			
 
				     }
			
 
				 
			
 
				     /**
			
@@ -52,30 +54,36 @@ class VerificationController extends Controller
 
				      */
			
 
				     public function verify(Request $request)
			
 
				     {
			
 
				-        if ($recipient = $request->user()->recipients()->find($request->route('id'))) {
			
 
				-            if ($recipient->hasVerifiedEmail()) {
			
 
				-                return redirect($this->redirectPath());
			
 
				-            }
			
 
				+        $verifiable = User::find($request->route('id')) ?? Recipient::find($request->route('id'));
			
 
				 
			
 
				-            $recipient->markEmailAsVerified();
			
 
				+        if (is_null($verifiable)) {
			
 
				+            throw new AuthorizationException;
			
 
				+        }
			
 
				 
			
 
				-            return redirect(route('recipients.index'))
			
 
				-                ->with('verified', true)
			
 
				-                ->with(['status' => 'Recipient Email Address Verified Successfully']);
			
 
				-        } else {
			
 
				-            if ($request->route('id') != $request->user()->getKey()) {
			
 
				-                throw new AuthorizationException;
			
 
				-            }
			
 
				+        if (! hash_equals((string) $request->route('id'), (string) $verifiable->getKey())) {
			
 
				+            throw new AuthorizationException;
			
 
				+        }
			
 
				 
			
 
				-            if ($request->user()->hasVerifiedEmail()) {
			
 
				-                return redirect($this->redirectPath());
			
 
				-            }
			
 
				+        if (! hash_equals((string) $request->route('hash'), sha1($verifiable->getEmailForVerification()))) {
			
 
				+            throw new AuthorizationException;
			
 
				+        }
			
 
				 
			
 
				-            if ($request->user()->markEmailAsVerified()) {
			
 
				-                event(new Verified($request->user()));
			
 
				-            }
			
 
				+        if ($verifiable->hasVerifiedEmail()) {
			
 
				+            return redirect($this->redirectPath());
			
 
				+        }
			
 
				 
			
 
				-            return redirect($this->redirectPath())->with('verified', true);
			
 
				+        if ($verifiable->markEmailAsVerified() && $verifiable instanceof User) {
			
 
				+            event(new Verified($verifiable));
			
 
				         }
			
 
				+
			
 
				+        if ($request->user() !== null) {
			
 
				+            $redirect = $verifiable instanceof User ? $this->redirectPath() : route('recipients.index');
			
 
				+        } else {
			
 
				+            $redirect = 'login';
			
 
				+        }
			
 
				+
			
 
				+        return redirect($redirect)
			
 
				+            ->with('verified', true)
			
 
				+            ->with(['status' => 'Email Address Verified Successfully']);
			
 
				     }
			
 
				 }
			
--- a/config/queue.php
+++ b/config/queue.php
@@ -79,6 +79,7 @@ return [
 
				     */
			
 
				 
			
 
				     'failed' => [
			
 
				+        'driver' => env('QUEUE_FAILED_DRIVER', 'database'),
			
 
				         'database' => env('DB_CONNECTION', 'mysql'),
			
 
				         'table' => 'failed_jobs',
			
 
				     ],
			
--- a/resources/views/auth/login.blade.php
+++ b/resources/views/auth/login.blade.php
@@ -4,8 +4,6 @@
 
				     <div class="p-6 bg-indigo-900 min-h-screen flex justify-center items-center">
			
 
				         <div class="w-full max-w-md">
			
 
				 
			
 
				-            @include('shared.status')
			
 
				-
			
 
				             <div class="flex justify-center text-white mb-6 text-5xl font-bold">
			
 
				                 <img class="w-48" alt="AnonAddy Logo" src="/svg/logo.svg">
			
 
				             </div>
			
@@ -21,6 +19,12 @@
 
				 
			
 
				                         <div class="mx-auto mt-6 w-24 border-b-2 border-grey-200"></div>
			
 
				 
			
 
				+                        @if (session('status'))
			
 
				+                            <div class="text-sm border-t-8 rounded text-green-700 border-green-600 bg-green-100 px-3 py-4 mt-4" role="alert">
			
 
				+                                {{ session('status') }}
			
 
				+                            </div>
			
 
				+                        @endif
			
 
				+
			
 
				                         <div class="mt-8 flex flex-wrap mb-6">
			
 
				                             <label for="username" class="block text-grey-700 text-sm mb-2">
			
 
				                                 {{ __('Username') }}:
			
--- a/tests/Feature/RecipientsTest.php
+++ b/tests/Feature/RecipientsTest.php
@@ -9,7 +9,9 @@ use App\User;
 
				 use Illuminate\Auth\Notifications\VerifyEmail;
			
 
				 use Illuminate\Foundation\Testing\RefreshDatabase;
			
 
				 use Illuminate\Support\Carbon;
			
 
				+use Illuminate\Support\Facades\Config;
			
 
				 use Illuminate\Support\Facades\Notification;
			
 
				+use Illuminate\Support\Facades\URL;
			
 
				 use Tests\TestCase;
			
 
				 
			
 
				 class RecipientsTest extends TestCase
			
@@ -209,6 +211,34 @@ class RecipientsTest extends TestCase
 
				         );
			
 
				     }
			
 
				 
			
 
				+    /** @test */
			
 
				+    public function user_can_verify_recipient_email_successfully()
			
 
				+    {
			
 
				+        $recipient = factory(Recipient::class)->create([
			
 
				+            'user_id' => $this->user->id,
			
 
				+            'email_verified_at' => null
			
 
				+        ]);
			
 
				+
			
 
				+        $this->assertNull($recipient->refresh()->email_verified_at);
			
 
				+
			
 
				+        $verificationUrl = URL::temporarySignedRoute(
			
 
				+            'verification.verify',
			
 
				+            Carbon::now()->addMinutes(Config::get('auth.verification.expire', 60)),
			
 
				+            [
			
 
				+                'id' => $recipient->getKey(),
			
 
				+                'hash' => sha1($recipient->getEmailForVerification()),
			
 
				+            ]
			
 
				+        );
			
 
				+
			
 
				+        $response = $this->get($verificationUrl);
			
 
				+
			
 
				+        $response
			
 
				+            ->assertRedirect('/recipients')
			
 
				+            ->assertSessionHas('verified');
			
 
				+
			
 
				+        $this->assertNotNull($recipient->refresh()->email_verified_at);
			
 
				+    }
			
 
				+
			
 
				     /** @test */
			
 
				     public function user_must_wait_before_resending_recipient_verification_email()
			
 
				     {
			
--- a/tests/Feature/RegistrationTest.php
+++ b/tests/Feature/RegistrationTest.php
@@ -6,7 +6,12 @@ use App\AdditionalUsername;
 
				 use App\DeletedUsername;
			
 
				 use App\Recipient;
			
 
				 use App\User;
			
 
				+use Illuminate\Auth\Notifications\VerifyEmail;
			
 
				 use Illuminate\Foundation\Testing\RefreshDatabase;
			
 
				+use Illuminate\Support\Carbon;
			
 
				+use Illuminate\Support\Facades\Config;
			
 
				+use Illuminate\Support\Facades\Notification;
			
 
				+use Illuminate\Support\Facades\URL;
			
 
				 use Tests\TestCase;
			
 
				 
			
 
				 class RegistrationTest extends TestCase
			
@@ -16,6 +21,8 @@ class RegistrationTest extends TestCase
 
				     /** @test */
			
 
				     public function user_can_register_successfully()
			
 
				     {
			
 
				+        Notification::fake();
			
 
				+
			
 
				         $response = $this->post('/register', [
			
 
				             'username' => 'johndoe',
			
 
				             'email' => 'johndoe@example.com',
			
@@ -31,6 +38,41 @@ class RegistrationTest extends TestCase
 
				         $this->assertDatabaseHas('users', [
			
 
				             'username' => 'johndoe'
			
 
				         ]);
			
 
				+
			
 
				+        $user = User::where('username', 'johndoe')->first();
			
 
				+
			
 
				+        Notification::assertSentTo(
			
 
				+            $user,
			
 
				+            VerifyEmail::class
			
 
				+        );
			
 
				+    }
			
 
				+
			
 
				+    /** @test */
			
 
				+    public function user_can_verify_email_successfully()
			
 
				+    {
			
 
				+        $this->withoutExceptionHandling();
			
 
				+        $user = factory(User::class)->create();
			
 
				+        $user->email_verified_at = null;
			
 
				+        $user->save();
			
 
				+
			
 
				+        $this->assertNull($user->refresh()->email_verified_at);
			
 
				+
			
 
				+        $verificationUrl = URL::temporarySignedRoute(
			
 
				+            'verification.verify',
			
 
				+            Carbon::now()->addMinutes(Config::get('auth.verification.expire', 60)),
			
 
				+            [
			
 
				+                'id' => $user->getKey(),
			
 
				+                'hash' => sha1($user->getEmailForVerification()),
			
 
				+            ]
			
 
				+        );
			
 
				+
			
 
				+        $response = $this->actingAs($user)->get($verificationUrl);
			
 
				+
			
 
				+        $response
			
 
				+            ->assertRedirect('/')
			
 
				+            ->assertSessionHas('verified');
			
 
				+
			
 
				+        $this->assertNotNull($user->refresh()->email_verified_at);
			
 
				     }
			
 
				 
			
 
				     /** @test */