diff --git a/app/Http/Controllers/Traits/VerifiesUserEmail.php b/app/Http/Controllers/Traits/VerifiesUserEmail.php index 889d4dea5c55..5e34fc587e5d 100644 --- a/app/Http/Controllers/Traits/VerifiesUserEmail.php +++ b/app/Http/Controllers/Traits/VerifiesUserEmail.php @@ -15,6 +15,7 @@ namespace App\Http\Controllers\Traits; use App\Models\User; use App\Utils\Traits\UserSessionAttributes; use Illuminate\Support\Facades\Auth; +use Illuminate\Support\Facades\Hash; /** * Class VerifiesUserEmail @@ -30,20 +31,49 @@ trait VerifiesUserEmail */ public function confirm() { - if ($user = User::whereRaw("BINARY `confirmation_code`= ?", request()->route('confirmation_code'))->first()) { - $user->email_verified_at = now(); - $user->confirmation_code = null; - $user->save(); + $user = User::where('confirmation_code', request()->confirmation_code)->first(); + + // if ($user = User::whereRaw("BINARY `confirmation_code`= ?", request()->input('confirmation_code'))->first()) { - return $this->render('auth.confirmed', [ - 'root' => 'themes', - 'message' => ctrans('texts.security_confirmation'), - ]); + if (!$user) { + return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]); } + if (is_null($user->password) || empty($user->password)) { + return $this->render('auth.confirmation_with_password', ['root' => 'themes']); + } + + $user->email_verified_at = now(); + $user->confirmation_code = null; + $user->save(); + return $this->render('auth.confirmed', [ 'root' => 'themes', - 'message' => ctrans('texts.wrong_confirmation'), + 'message' => ctrans('texts.security_confirmation'), + ]); + } + + public function confirmWithPassword() + { + $user = User::where('confirmation_code', request()->confirmation_code)->first(); + + if (!$user) { + return $this->render('auth.confirmed', ['root' => 'themes', 'message' => ctrans('texts.wrong_confirmation')]); + } + + request()->validate([ + 'password' => ['required', 'min:6', 'confirmed'], + ]); + + $user->password = Hash::make(request()->password); + + $user->email_verified_at = now(); + $user->confirmation_code = null; + $user->save(); + + return $this->render('auth.confirmed', [ + 'root' => 'themes', + 'message' => ctrans('texts.security_confirmation'), ]); } } diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php index 42c5f2bfaf78..172cf2b155ce 100644 --- a/resources/lang/en/texts.php +++ b/resources/lang/en/texts.php @@ -3224,4 +3224,5 @@ return [ 'year_invalid' => 'Provided year is not valid.', 'if_you_need_help' => 'If you need help you can either post to our', + 'update_password_on_confirm' => 'After updating your password, your account will be confirmed.', ]; diff --git a/resources/views/themes/ninja2020/auth/confirmation_with_password.blade.php b/resources/views/themes/ninja2020/auth/confirmation_with_password.blade.php new file mode 100644 index 000000000000..ac96e616a75c --- /dev/null +++ b/resources/views/themes/ninja2020/auth/confirmation_with_password.blade.php @@ -0,0 +1,43 @@ +@extends('portal.ninja2020.layout.clean') +@section('meta_title', ctrans('texts.set_password')) + +@section('body') +
+
+
+ Invoice Ninja logo +

{{ ctrans('texts.set_password') }}

+ {{ ctrans('texts.update_password_on_confirm') }} + +
+ @csrf +
+ + + @error('password') +
+ {{ $message }} +
+ @enderror +
+
+ + + @error('password_confirmation') +
+ {{ $message }} +
+ @enderror +
+
+ +
+
+
+
+
+@endsection diff --git a/routes/web.php b/routes/web.php index 08e26b71c171..b50df7e6e9b3 100644 --- a/routes/web.php +++ b/routes/web.php @@ -30,4 +30,5 @@ Route::post('password/reset', 'Auth\ResetPasswordController@reset')->name('passw */ Route::group(['middleware' => ['url_db']], function () { Route::get('/user/confirm/{confirmation_code}', 'UserController@confirm'); + Route::post('/user/confirm/{confirmation_code}', 'UserController@confirmWithPassword'); }); \ No newline at end of file