| 
									
										
										
										
											2016-05-20 08:57:45 +02:00
										 |  |  | <?php | 
					
						
							| 
									
										
										
										
											2016-05-20 12:27:31 +02:00
										 |  |  | /** | 
					
						
							|  |  |  |  * ProfileController.php | 
					
						
							| 
									
										
										
										
											2020-01-31 07:32:04 +01:00
										 |  |  |  * Copyright (c) 2019 james@firefly-iii.org | 
					
						
							| 
									
										
										
										
											2016-05-20 12:27:31 +02:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This file is part of Firefly III (https://github.com/firefly-iii). | 
					
						
							| 
									
										
										
										
											2016-10-05 06:52:15 +02:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This program is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  |  * it under the terms of the GNU Affero General Public License as | 
					
						
							|  |  |  |  * published by the Free Software Foundation, either version 3 of the | 
					
						
							|  |  |  |  * License, or (at your option) any later version. | 
					
						
							| 
									
										
										
										
											2017-10-21 08:40:00 +02:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This program is distributed in the hope that it will be useful, | 
					
						
							| 
									
										
										
										
											2017-10-21 08:40:00 +02:00
										 |  |  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * GNU Affero General Public License for more details. | 
					
						
							| 
									
										
										
										
											2017-10-21 08:40:00 +02:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * You should have received a copy of the GNU Affero General Public License | 
					
						
							|  |  |  |  * along with this program.  If not, see <https://www.gnu.org/licenses/>. | 
					
						
							| 
									
										
										
										
											2016-05-20 12:27:31 +02:00
										 |  |  |  */ | 
					
						
							| 
									
										
										
										
											2017-03-24 11:07:38 +01:00
										 |  |  | declare(strict_types=1); | 
					
						
							| 
									
										
										
										
											2016-05-20 08:57:45 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | namespace FireflyIII\Http\Controllers; | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | use Auth; | 
					
						
							| 
									
										
										
										
											2018-04-02 15:17:03 +02:00
										 |  |  | use DB; | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | use FireflyIII\Events\UserChangedEmail; | 
					
						
							|  |  |  | use FireflyIII\Exceptions\FireflyException; | 
					
						
							| 
									
										
										
										
											2017-01-05 10:06:46 +01:00
										 |  |  | use FireflyIII\Exceptions\ValidationException; | 
					
						
							| 
									
										
										
										
											2017-12-19 19:25:50 +01:00
										 |  |  | use FireflyIII\Http\Middleware\IsDemoUser; | 
					
						
							|  |  |  | use FireflyIII\Http\Middleware\IsSandStormUser; | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  | use FireflyIII\Http\Requests\DeleteAccountFormRequest; | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | use FireflyIII\Http\Requests\EmailFormRequest; | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | use FireflyIII\Http\Requests\ProfileFormRequest; | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  | use FireflyIII\Http\Requests\TokenFormRequest; | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | use FireflyIII\Models\Preference; | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  | use FireflyIII\Repositories\User\UserRepositoryInterface; | 
					
						
							| 
									
										
										
										
											2018-08-10 17:05:37 +02:00
										 |  |  | use FireflyIII\Support\Http\Controllers\CreateStuff; | 
					
						
							| 
									
										
										
										
											2018-08-09 17:46:14 +02:00
										 |  |  | use FireflyIII\Support\Http\Controllers\RequestInformation; | 
					
						
							| 
									
										
										
										
											2017-03-24 11:07:38 +01:00
										 |  |  | use FireflyIII\User; | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  | use Google2FA; | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | use Hash; | 
					
						
							| 
									
										
										
										
											2017-11-25 08:54:52 +01:00
										 |  |  | use Illuminate\Contracts\Auth\Guard; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  | use Illuminate\Contracts\View\Factory; | 
					
						
							|  |  |  | use Illuminate\Http\RedirectResponse; | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | use Illuminate\Http\Request; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  | use Illuminate\Routing\Redirector; | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  | use Illuminate\Support\Collection; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  | use Illuminate\View\View; | 
					
						
							| 
									
										
										
										
											2018-04-02 15:17:03 +02:00
										 |  |  | use Laravel\Passport\ClientRepository; | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  | use Log; | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  | use PragmaRX\Recovery\Recovery; | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | /** | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |  * Class ProfileController. | 
					
						
							| 
									
										
										
										
											2017-11-25 08:54:52 +01:00
										 |  |  |  * | 
					
						
							|  |  |  |  * @method Guard guard() | 
					
						
							| 
									
										
										
										
											2019-08-17 10:47:10 +02:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |  */ | 
					
						
							|  |  |  | class ProfileController extends Controller | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2018-08-10 17:05:37 +02:00
										 |  |  |     use RequestInformation, CreateStuff; | 
					
						
							| 
									
										
										
										
											2018-08-09 19:44:36 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-01-09 08:20:55 +01:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * ProfileController constructor. | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |      * @codeCoverageIgnore | 
					
						
							| 
									
										
										
										
											2016-01-09 08:20:55 +01:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-01-08 18:29:47 +01:00
										 |  |  |     public function __construct() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-01-08 20:40:48 +01:00
										 |  |  |         parent::__construct(); | 
					
						
							| 
									
										
										
										
											2016-10-20 19:10:43 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  |         $this->middleware( | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |             static function ($request, $next) { | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |                 app('view')->share('title', (string) trans('firefly.profile')); | 
					
						
							| 
									
										
										
										
											2017-12-16 19:46:36 +01:00
										 |  |  |                 app('view')->share('mainTitleIcon', 'fa-user'); | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |                 return $next($request); | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         ); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-19 19:25:50 +01:00
										 |  |  |         $this->middleware(IsDemoUser::class)->except(['index']); | 
					
						
							|  |  |  |         $this->middleware(IsSandStormUser::class)->except('index'); | 
					
						
							| 
									
										
										
										
											2016-01-08 18:29:47 +01:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Change your email address. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2019-02-13 17:38:41 +01:00
										 |  |  |      * @param Request $request | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-25 07:03:23 +01:00
										 |  |  |      * @return Factory|RedirectResponse|Redirector|View | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |     public function changeEmail(Request $request) | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2019-08-03 05:08:35 +02:00
										 |  |  |             $request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)])); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('profile.index')); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         $title        = auth()->user()->email; | 
					
						
							|  |  |  |         $email        = auth()->user()->email; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         $subTitle     = (string) trans('firefly.change_your_email'); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         $subTitleIcon = 'fa-envelope'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return view('profile.change-email', compact('title', 'subTitle', 'subTitleIcon', 'email')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Change your password. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2019-02-13 17:38:41 +01:00
										 |  |  |      * @param Request $request | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-25 07:03:23 +01:00
										 |  |  |      * @return Factory|RedirectResponse|Redirector|View | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |     public function changePassword(Request $request) | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2019-08-03 05:08:35 +02:00
										 |  |  |             $request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)])); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('profile.index')); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  |         $title        = auth()->user()->email; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         $subTitle     = (string) trans('firefly.change_your_password'); | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  |         $subTitleIcon = 'fa-key'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * View that generates a 2FA code for the user. | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return Factory|View | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function code() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $domain = $this->getDomain(); | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         $secret = null; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // generate secret if not in session
 | 
					
						
							|  |  |  |         if (!session()->has('temp-mfa-secret')) { | 
					
						
							|  |  |  |             // generate secret + store + flash
 | 
					
						
							|  |  |  |             $secret = Google2FA::generateSecretKey(); | 
					
						
							|  |  |  |             session()->put('temp-mfa-secret', $secret); | 
					
						
							|  |  |  |             session()->flash('two-factor-secret', $secret); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         // re-use secret if in session
 | 
					
						
							|  |  |  |         if (session()->has('temp-mfa-secret')) { | 
					
						
							|  |  |  |             // get secret from session and flash
 | 
					
						
							|  |  |  |             $secret = session()->get('temp-mfa-secret'); | 
					
						
							|  |  |  |             session()->flash('two-factor-secret', $secret); | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2018-06-23 17:59:37 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         // generate codes if not in session:
 | 
					
						
							|  |  |  |         if (!session()->has('temp-mfa-codes')) { | 
					
						
							|  |  |  |             // generate codes + store + flash:
 | 
					
						
							|  |  |  |             $recovery      = app(Recovery::class); | 
					
						
							|  |  |  |             $recoveryCodes = $recovery->lowercase()->setCount(8)->setBlocks(2)->setChars(6)->toArray(); | 
					
						
							|  |  |  |             session()->put('temp-mfa-codes', $recoveryCodes); | 
					
						
							|  |  |  |             session()->flash('two-factor-codes', $recoveryCodes); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // get codes from session if there already:
 | 
					
						
							|  |  |  |         if (session()->has('temp-mfa-codes')) { | 
					
						
							|  |  |  |             $recoveryCodes = session()->get('temp-mfa-codes'); | 
					
						
							|  |  |  |             session()->flash('two-factor-codes', $recoveryCodes); | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         $codes = implode("\r\n", $recoveryCodes); | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-02-13 17:38:41 +01:00
										 |  |  |         $image = Google2FA::getQRCodeInline($domain, auth()->user()->email, $secret); | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         return view('profile.code', compact('image', 'secret', 'codes')); | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Screen to confirm email change. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |      * @param UserRepositoryInterface $repository | 
					
						
							|  |  |  |      * @param string                  $token | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @throws FireflyException | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |     public function confirmEmailChange(UserRepositoryInterface $repository, string $token) | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |             throw new FireflyException('Cannot confirm email change when authentication provider is not local.'); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         // find preference with this token value.
 | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         /** @var Collection $set */ | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |         $set  = app('preferences')->findByName('email_change_confirm_token'); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         $user = null; | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |         //Log::debug(sprintf('Found %d preferences', $set->count()));
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         /** @var Preference $preference */ | 
					
						
							|  |  |  |         foreach ($set as $preference) { | 
					
						
							|  |  |  |             if ($preference->data === $token) { | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |                 //Log::debug('Found user');
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |                 $user = $preference->user; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         // update user to clear blocked and blocked_code.
 | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |         if (null === $user) { | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |             //Log::debug('Found no user');
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             throw new FireflyException('Invalid token.'); | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2019-07-21 17:15:06 +02:00
										 |  |  |         //Log::debug('Will unblock user.');
 | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |         $repository->unblockUser($user); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         // return to login.
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.login_with_new_email')); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('login')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Delete your account view. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2019-02-13 17:38:41 +01:00
										 |  |  |      * @param Request $request | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return Factory|View | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |     public function deleteAccount(Request $request) | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2019-08-03 05:08:35 +02:00
										 |  |  |             $request->session()->flash('warning', trans('firefly.delete_local_info_only', ['login_provider' => e($loginProvider)])); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  |         $title        = auth()->user()->email; | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         $subTitle     = (string) trans('firefly.delete_account'); | 
					
						
							| 
									
										
										
										
											2016-10-29 07:44:46 +02:00
										 |  |  |         $subTitleIcon = 'fa-trash'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon')); | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Delete 2FA routine. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function deleteCode() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 07:09:51 +02:00
										 |  |  |         /** @var UserRepositoryInterface $repository */ | 
					
						
							|  |  |  |         $repository = app(UserRepositoryInterface::class); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         /** @var User $user */ | 
					
						
							|  |  |  |         $user = auth()->user(); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         $repository->setMFACode($user, null); | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.pref_two_factor_auth_disabled')); | 
					
						
							|  |  |  |         session()->flash('info', (string) trans('firefly.pref_two_factor_auth_remove_it')); | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('profile.index')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Enable 2FA screen. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2018-08-30 20:58:07 +02:00
										 |  |  |     public function enable2FA() | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							|  |  |  |         $user       = auth()->user(); | 
					
						
							|  |  |  |         $enabledMFA = null !== $user->mfa_secret; | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |         // if we don't have a valid secret yet, redirect to the code page to get one.
 | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  |         if (!$enabledMFA) { | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  |             return redirect(route('profile.code')); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // If FF3 already has a secret, just set the two factor auth enabled to 1,
 | 
					
						
							|  |  |  |         // and let the user continue with the existing secret.
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('info', (string) trans('firefly.2fa_already_enabled')); | 
					
						
							| 
									
										
										
										
											2018-03-09 05:45:22 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('profile.index')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Index for profile. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return Factory|View | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  |     public function index() | 
					
						
							| 
									
										
										
										
											2015-04-28 15:26:30 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-03 19:57:24 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							|  |  |  |         $user          = auth()->user(); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							| 
									
										
										
										
											2018-04-02 15:17:03 +02:00
										 |  |  |         // check if client token thing exists (default one)
 | 
					
						
							| 
									
										
										
										
											2019-08-03 19:57:24 +02:00
										 |  |  |         $count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count(); | 
					
						
							| 
									
										
										
										
											2018-04-02 15:26:33 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         $this->createOAuthKeys(); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-08 07:59:58 +02:00
										 |  |  |         if (0 === $count) { | 
					
						
							| 
									
										
										
										
											2018-04-02 15:17:03 +02:00
										 |  |  |             /** @var ClientRepository $repository */ | 
					
						
							|  |  |  |             $repository = app(ClientRepository::class); | 
					
						
							|  |  |  |             $repository->createPersonalAccessClient(null, config('app.name') . ' Personal Access Client', 'http://localhost'); | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2019-08-04 07:21:11 +02:00
										 |  |  |         $subTitle       = $user->email; | 
					
						
							|  |  |  |         $userId         = $user->id; | 
					
						
							|  |  |  |         $enabled2FA     = null !== $user->mfa_secret; | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data); | 
					
						
							| 
									
										
										
										
											2016-10-20 19:10:43 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  |         // get access token or create one.
 | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |         $accessToken = app('preferences')->get('access_token', null); | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |         if (null === $accessToken) { | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |             $token       = $user->generateAccessToken(); | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |             $accessToken = app('preferences')->set('access_token', $token); | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-04 07:21:11 +02:00
										 |  |  |         return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'loginProvider')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return Factory|View | 
					
						
							| 
									
										
										
										
											2019-08-04 07:21:11 +02:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function newBackupCodes() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         // generate recovery codes:
 | 
					
						
							|  |  |  |         $recovery      = app(Recovery::class); | 
					
						
							|  |  |  |         $recoveryCodes = $recovery->lowercase() | 
					
						
							|  |  |  |                                   ->setCount(8)     // Generate 8 codes
 | 
					
						
							|  |  |  |                                   ->setBlocks(2)    // Every code must have 7 blocks
 | 
					
						
							|  |  |  |                                   ->setChars(6)    // Each block must have 16 chars
 | 
					
						
							|  |  |  |                                   ->toArray(); | 
					
						
							|  |  |  |         $codes         = implode("\r\n", $recoveryCodes); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         app('preferences')->set('mfa_recovery', $recoveryCodes); | 
					
						
							|  |  |  |         app('preferences')->mark(); | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-04 07:21:11 +02:00
										 |  |  |         return view('profile.new-backup-codes', compact('codes')); | 
					
						
							| 
									
										
										
										
											2015-04-22 07:54:56 +02:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Submit the change email form. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      * @param EmailFormRequest        $request | 
					
						
							|  |  |  |      * @param UserRepositoryInterface $repository | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return $this|RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2019-08-03 05:08:35 +02:00
										 |  |  |             $request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)])); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('profile.index')); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							|  |  |  |         $user     = auth()->user(); | 
					
						
							|  |  |  |         $newEmail = $request->string('email'); | 
					
						
							|  |  |  |         $oldEmail = $user->email; | 
					
						
							|  |  |  |         if ($newEmail === $user->email) { | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |             session()->flash('error', (string) trans('firefly.email_not_changed')); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('profile.change-email'))->withInput(); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         $existing = $repository->findByEmail($newEmail); | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |         if (null !== $existing) { | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             // force user logout.
 | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |             Auth::guard()->logout(); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             $request->session()->invalidate(); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |             session()->flash('success', (string) trans('firefly.email_changed')); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('index')); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // now actually update user:
 | 
					
						
							|  |  |  |         $repository->changeEmail($user, $newEmail); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // call event.
 | 
					
						
							|  |  |  |         $ipAddress = $request->ip(); | 
					
						
							|  |  |  |         event(new UserChangedEmail($user, $newEmail, $oldEmail, $ipAddress)); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // force user logout.
 | 
					
						
							|  |  |  |         Auth::guard()->logout(); | 
					
						
							|  |  |  |         $request->session()->invalidate(); | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.email_changed')); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('index')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Submit change password form. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-12-18 17:54:11 +01:00
										 |  |  |      * @param ProfileFormRequest      $request | 
					
						
							|  |  |  |      * @param UserRepositoryInterface $repository | 
					
						
							| 
									
										
										
										
											2015-05-03 12:58:55 +02:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-12-18 17:54:11 +01:00
										 |  |  |     public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository) | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2019-08-03 05:08:35 +02:00
										 |  |  |             $request->session()->flash('error', trans('firefly.login_provider_local_only', ['login_provider' => e($loginProvider)])); | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             return redirect(route('profile.index')); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-03-24 11:07:38 +01:00
										 |  |  |         // the request has already validated both new passwords must be equal.
 | 
					
						
							|  |  |  |         $current = $request->get('current_password'); | 
					
						
							|  |  |  |         $new     = $request->get('new_password'); | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							| 
									
										
										
										
											2018-07-13 15:50:42 +02:00
										 |  |  |         $user = auth()->user(); | 
					
						
							| 
									
										
										
										
											2017-01-05 10:06:46 +01:00
										 |  |  |         try { | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |             $this->validatePassword($user, $current, $new); | 
					
						
							| 
									
										
										
										
											2017-01-05 10:06:46 +01:00
										 |  |  |         } catch (ValidationException $e) { | 
					
						
							| 
									
										
										
										
											2018-04-22 17:10:11 +02:00
										 |  |  |             session()->flash('error', $e->getMessage()); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 16:27:21 +02:00
										 |  |  |             return redirect(route('profile.change-password')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         $repository->changePassword($user, $request->get('new_password')); | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.password_changed')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-12-05 21:58:23 +01:00
										 |  |  |         return redirect(route('profile.index')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |     /** @noinspection PhpUnusedParameterInspection */ | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Submit 2FA for the first time. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |      * @param TokenFormRequest $request | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function postCode(TokenFormRequest $request) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-03 20:09:09 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							|  |  |  |         $user = auth()->user(); | 
					
						
							|  |  |  |         /** @var UserRepositoryInterface $repository */ | 
					
						
							|  |  |  |         $repository = app(UserRepositoryInterface::class); | 
					
						
							|  |  |  |         /** @var string $secret */ | 
					
						
							|  |  |  |         $secret = session()->get('two-factor-secret'); | 
					
						
							|  |  |  |         $repository->setMFACode($user, $secret); | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.saved_preferences')); | 
					
						
							| 
									
										
										
										
											2018-07-08 12:08:53 +02:00
										 |  |  |         app('preferences')->mark(); | 
					
						
							| 
									
										
										
										
											2018-08-06 19:14:30 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         // also save the code so replay attack is prevented.
 | 
					
						
							|  |  |  |         $mfaCode = $request->get('code'); | 
					
						
							|  |  |  |         $this->addToMFAHistory($mfaCode); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // save backup codes in preferences:
 | 
					
						
							|  |  |  |         app('preferences')->set('mfa_recovery', session()->get('temp-mfa-codes')); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-04 07:09:51 +02:00
										 |  |  |         // make sure MFA is logged out.
 | 
					
						
							| 
									
										
										
										
											2019-08-04 11:12:24 +02:00
										 |  |  |         if ('testing' !== config('app.env')) { | 
					
						
							|  |  |  |             Google2FA::logout(); | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2019-08-04 07:09:51 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |         // drop all info from session:
 | 
					
						
							|  |  |  |         session()->forget(['temp-mfa-secret', 'two-factor-secret', 'temp-mfa-codes', 'two-factor-codes']); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |         return redirect(route('profile.index')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Submit delete account. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  |      * @param UserRepositoryInterface  $repository | 
					
						
							| 
									
										
										
										
											2015-05-03 12:58:55 +02:00
										 |  |  |      * @param DeleteAccountFormRequest $request | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  |     public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request) | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-09-16 12:15:58 +02:00
										 |  |  |         if (!Hash::check($request->get('password'), auth()->user()->password)) { | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |             session()->flash('error', (string) trans('firefly.invalid_password')); | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 16:27:21 +02:00
										 |  |  |             return redirect(route('profile.delete-account')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  |         $user = auth()->user(); | 
					
						
							|  |  |  |         Log::info(sprintf('User #%d has opted to delete their account', auth()->user()->id)); | 
					
						
							|  |  |  |         // make repository delete user:
 | 
					
						
							|  |  |  |         auth()->logout(); | 
					
						
							| 
									
										
										
										
											2018-04-22 17:12:22 +02:00
										 |  |  |         session()->flush(); | 
					
						
							| 
									
										
										
										
											2016-12-12 15:24:47 +01:00
										 |  |  |         $repository->destroy($user); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 16:27:21 +02:00
										 |  |  |         return redirect(route('index')); | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-05-03 09:19:14 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Regenerate access token. | 
					
						
							| 
									
										
										
										
											2018-08-06 19:14:30 +02:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2017-11-15 10:52:29 +01:00
										 |  |  |     public function regenerate() | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         /** @var User $user */ | 
					
						
							| 
									
										
										
										
											2018-07-13 15:50:42 +02:00
										 |  |  |         $user  = auth()->user(); | 
					
						
							| 
									
										
										
										
											2018-07-09 19:24:08 +02:00
										 |  |  |         $token = $user->generateAccessToken(); | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |         app('preferences')->set('access_token', $token); | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.token_regenerated')); | 
					
						
							| 
									
										
										
										
											2017-09-14 18:27:22 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('profile.index')); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2017-04-09 07:44:22 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2018-07-22 08:10:16 +02:00
										 |  |  |      * Undo change of user email address. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2017-12-17 14:30:53 +01:00
										 |  |  |      * @param UserRepositoryInterface $repository | 
					
						
							|  |  |  |      * @param string                  $token | 
					
						
							|  |  |  |      * @param string                  $hash | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @throws FireflyException | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |     public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash) | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         $loginProvider = config('firefly.login_provider'); | 
					
						
							|  |  |  |         if ('eloquent' !== $loginProvider) { | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |             throw new FireflyException('Cannot confirm email change when authentication provider is not local.'); | 
					
						
							| 
									
										
										
										
											2018-12-12 20:30:25 +01:00
										 |  |  |             // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2018-10-13 15:06:56 +02:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         // find preference with this token value.
 | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |         $set  = app('preferences')->findByName('email_change_undo_token'); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         $user = null; | 
					
						
							|  |  |  |         /** @var Preference $preference */ | 
					
						
							|  |  |  |         foreach ($set as $preference) { | 
					
						
							|  |  |  |             if ($preference->data === $token) { | 
					
						
							|  |  |  |                 $user = $preference->user; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |         if (null === $user) { | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             throw new FireflyException('Invalid token.'); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-20 14:34:56 +02:00
										 |  |  |         // found user.which email address to return to?
 | 
					
						
							| 
									
										
										
										
											2018-07-14 16:08:34 +02:00
										 |  |  |         $set = app('preferences')->beginsWith($user, 'previous_email_'); | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |         /** @var string $match */ | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |         $match = null; | 
					
						
							|  |  |  |         foreach ($set as $entry) { | 
					
						
							| 
									
										
										
										
											2020-04-11 06:42:21 +02:00
										 |  |  |             $hashed = hash('sha256', sprintf('%s%s', (string) config('app.key'), $entry->data)); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             if ($hashed === $hash) { | 
					
						
							|  |  |  |                 $match = $entry->data; | 
					
						
							|  |  |  |                 break; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2017-11-15 12:25:49 +01:00
										 |  |  |         if (null === $match) { | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  |             throw new FireflyException('Invalid token.'); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         // change user back
 | 
					
						
							| 
									
										
										
										
											2017-12-17 14:06:14 +01:00
										 |  |  |         // now actually update user:
 | 
					
						
							|  |  |  |         $repository->changeEmail($user, $match); | 
					
						
							|  |  |  |         $repository->unblockUser($user); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         // return to login.
 | 
					
						
							| 
									
										
										
										
											2020-03-17 15:01:00 +01:00
										 |  |  |         session()->flash('success', (string) trans('firefly.login_with_old_email')); | 
					
						
							| 
									
										
										
										
											2017-09-26 08:52:16 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return redirect(route('login')); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * TODO duplicate code. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param string $mfaCode | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     private function addToMFAHistory(string $mfaCode): void | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         /** @var array $mfaHistory */ | 
					
						
							|  |  |  |         $mfaHistory   = app('preferences')->get('mfa_history', [])->data; | 
					
						
							|  |  |  |         $entry        = [ | 
					
						
							|  |  |  |             'time' => time(), | 
					
						
							|  |  |  |             'code' => $mfaCode, | 
					
						
							|  |  |  |         ]; | 
					
						
							|  |  |  |         $mfaHistory[] = $entry; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         app('preferences')->set('mfa_history', $mfaHistory); | 
					
						
							|  |  |  |         $this->filterMFAHistory(); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2018-04-02 15:26:33 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-08 17:52:37 +02:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Remove old entries from the preferences array. | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     private function filterMFAHistory(): void | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         /** @var array $mfaHistory */ | 
					
						
							|  |  |  |         $mfaHistory = app('preferences')->get('mfa_history', [])->data; | 
					
						
							|  |  |  |         $newHistory = []; | 
					
						
							|  |  |  |         $now        = time(); | 
					
						
							|  |  |  |         foreach ($mfaHistory as $entry) { | 
					
						
							|  |  |  |             $time = $entry['time']; | 
					
						
							|  |  |  |             $code = $entry['code']; | 
					
						
							|  |  |  |             if ($now - $time <= 300) { | 
					
						
							|  |  |  |                 $newHistory[] = [ | 
					
						
							|  |  |  |                     'time' => $time, | 
					
						
							|  |  |  |                     'code' => $code, | 
					
						
							|  |  |  |                 ]; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         app('preferences')->set('mfa_history', $newHistory); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-02-25 21:19:06 +01:00
										 |  |  | } |