Check User

2019-11-19 18:41:55 +01:00 · 2019-11-19 18:41:55 +01:00 · d6982e95ad
commit d6982e95ad
parent b5c329481b
2 changed files with 71 additions and 2 deletions
--- a/app/Http/Controllers/API/UserController.php
+++ b/app/Http/Controllers/API/UserController.php
@ -72,6 +72,30 @@ class UserController extends BaseController
        return $response->withData(new AccessToken($token));
    }
    public function checkPassword(Request $request, Response $response) {
        //Validate Input
        $this->validate($request, [
            'username' => 'required',
            'password' => 'required'
        ]);
        //Get User
        $user = User::query()->where("username", "=", $request->input("username"))->first();
        //Check if a user is found
        if($user == null) {
            throw new HTTPException("400", "Username or Password wrong");
        }
        if(!password_verify($request->input("password"), $user->password)) {
            throw new HTTPException("400", "Username or Password wrong");
        }
        $response->setMessage("Account ok");
        return $response;
    }
    public function me(Response $response) {
        if(!Auth::check()) {
            throw new NotLoggedInException();
@ -192,4 +216,45 @@ class UserController extends BaseController
        return $response->withData(\App\Http\Resources\API\Mail::collection(collect($mails)));
    }
    public function addMail(Request $request, Response $response) {
        if(!Auth::check()) {
            throw new NotLoggedInException();
        }
        $this->validate($request, [
            'mail' => 'required|email|unique:mails'
        ]);
        $mail = new Mail();
        $mail->createValidationToken();
        $mail->mail = $request->input("mail");
        $mail->primary = false;
        $mail->status = "waiting";
        $mail->user_id = Auth::user()->id;
        $mail->saveOrFail();
        $this->dispatch(new ValidateMailAddressJob($mail));
        return $response;
    }
    public function removeMail(Request $request, Response $response, $id) {
        if(!Auth::check()) {
            abort(401);
        }
        $mail = Mail::query()->where("id", "=", $id)->firstOrFail();
        if($mail->user_id != Auth::user()->id) {
            abort(401);
        }
        if($mail->primary) {
            throw new HTTPException(400, "You can't delete your primary mail");
        }
        $mail->delete();
        $response->setMessage("Mail address deleted");
        return $response;
    }
 }
--- a/routes/web.php
+++ b/routes/web.php
@ -22,10 +22,8 @@ $router->group(['prefix' => 'gitlab', 'middleware' => 'gui'], function () use ($
        $router->post("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeDo']);
        $router->post("/token", ['uses' => 'oAuthController@token']);
    });
    $router->get('/api/v4/user', ['uses' => 'oAuthController@getUserTMP']);
    $router->get('/api/v4/groups', ['uses' => 'oAuthController@getGroupsTMP']);
 });
 //Oauth URLS, moved to /api, this is just that old versions still work
@ -39,13 +37,19 @@ $router->group(['prefix' => 'oauth'], function () use ($router) {
 //Internal API
 $router->group(['prefix' => 'api'], function () use ($router) {
    $router->group(['prefix' => 'v1'], function () use ($router) {
        $router->get("status/check", ["uses" => "StatusController@check"]);
        $router->group(['prefix' => 'user'], function () use ($router) {
            $router->post("/login", ['uses' => 'API\UserController@passwordLogin']);
            $router->post("/check", ['uses' => 'API\UserController@checkPassword']);
            $router->post("/register", ['uses' => 'API\UserController@register']);
            $router->get("/captcha", ['uses' => 'API\UserController@reCAPTCHA']);
            $router->get("/invites", ['uses' => 'API\UserController@getInviteCodeInfo']);
            $router->get("/me", ['uses' => 'API\UserController@me']);
            $router->get("/me/mails", ['uses' => 'API\UserController@listMails']);
            $router->post("/me/mails", ["uses" => "API\UserController@addMail"]);
            $router->group(['prefix' => '/me/mail/{id}'], function () use ($router) {
                $router->delete("", ['uses' => 'API\UserController@removeMail']);
            });
        });
        $router->group(['prefix' => 'app'], function () use ($router) {
            $router->get("/", ['uses' => 'API\AppController@listApps']);