keksAccount/app/Http/Controllers/GUI/AccountController.php

<?php

namespace App\Http\Controllers\GUI;

use App\Exceptions\HTTPException;
use App\Http\Controllers\Controller;
use App\Http\Resources\oAuth\AccessToken;
use App\Jobs\Mails\ValidateMailAddressJob;
use App\Models\App;
use App\Models\AppAccess;
use App\Models\Invite;
use App\Models\Mail;
use App\Models\Setting;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;

class AccountController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        //
    }

    public function registerView(Request $request) {
        $invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
        if($invite != null) {
            if($invite->status != "active") {
                return view('error', ["msg"=>"Invite code invalide"]);
            }
            return view('account/register', ["msg"=>"", "username" => $invite->username, "invite"=>$invite->code]);
        }
        $setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
        if(!$setting->value) {
            return view('error', ["msg"=>"Registration is disabled"]);
        } else {
            return view('account/register', ["msg"=>"", "username" => "", "invite"=>$request->input("invite")]);
        }

    }

    public function register(Request $request) {
        $this->validate($request, [
            'username' => 'required|max:255|min:5|regex:@^[a-z0-9]*$@|unique:users',
            'password' => 'required|min:8',
            'mail' => 'required|email|unique:mails'
        ]);

        DB::beginTransaction();
        $invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
        if($invite != null) {
            if($invite->status != "active") {
                throw new HTTPException("Invite code invalide");
            }
            if(!empty($invite->username) && $request->input("username") != $invite->username) {
                throw new HTTPException("Invalide username for invite");
            }

        } else {
            $setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
            if(!$setting->value) {
                throw  new HTTPException("400", "Registration disabled");
            }
        }


        $user = new User();
        $user->username = $request->input("username");
        $user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);

        //Make first user an admin
        $count = User::query()->count("*");
        if($count == 1) {
            $user->admin = 1;
            $user->developer = 1;
        }

        $user->saveOrFail();

        $mail = new Mail();
        $mail->createValidationToken();
        $mail->mail = $request->input("mail");
        $mail->primary = false;
        $mail->status = "waiting";
        $mail->user_id = $user->id;

        $mail->saveOrFail();

        $this->dispatch(new ValidateMailAddressJob($mail));

        if($invite != null) {
            $invite->status = "used";
            $invite->saveOrFail();
        }

        DB::commit();
    }

    public function inviteView() {
        return view('account/invite_code', ["msg"=>""]);
    }

    public function loginView() {
        return view('account/login', ["msg"=>""]);
    }
    public function login(Request $request) {
        $this->validate($request, [
            'username' => 'required',
            'password' => 'required'
        ]);

        $user = User::query()->where("username", "=", $request->input("username"))->first();
        if($user==null) {
            abort(401, "Username or Password wrong");
        }

        if(!password_verify($request->input("password"), $user->password)) {
            abort(401, "Username or Password wrong");
        }

        $access = AppAccess::getOrCreate($user->id, App::query()->where("name", "=", "PHP-GUI")->firstOrFail()->id);
        $token = \App\Models\AccessToken::createToken($access);
        $_SESSION["token"] = $token->token;

        return new AccessToken($token);
    }
    public function logout() {
        session_destroy();
        return view('account/login', ["msg"=>"Logout successful", "user" => null]);

    }

    public function validateEMail($id, $code) {
        $mail = Mail::query()->where("id", "=", $id)->firstOrFail();
        if($mail->validation_code != $code) {
            throw new \App\Exceptions\HTTPException(400, "Wrong validation code");
        }

        $mail->status = "valide";
        $mail->primary = true;

        $mails = Mail::query()->where("user_id", "=", $mail->user_id)->where("primary", "=", true)->get("*");
        foreach($mails as $m) {
            $m->primary = false;
            $m->saveOrFail();
        }

        $mail->saveOrFail();
        echo "E-Mail wurde validiert";
    }



    //
}