Added reset password functionality, and added a random password generator function
This commit is contained in:
parent
4fc0d5c793
commit
c91765e828
8 changed files with 76 additions and 9 deletions
app
public/js
resources/views
routes
|
@ -88,6 +88,20 @@ class AdministrativeUserController extends Controller
|
|||
return redirect("/" . Auth::user()->getAdminPath() . "/users/group/$user->group_id");
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Function for reset a users password
|
||||
*
|
||||
*/
|
||||
public function resetUserPassword(User $user, Request $request)
|
||||
{
|
||||
$this->authorize('resetPassword', $user);
|
||||
|
||||
$user->resetPassword();
|
||||
$request->session()->flash('status', 'The password was successfully reset!');
|
||||
return redirect("/" . Auth::user()->getAdminPath() . "/users/$user->id");
|
||||
}
|
||||
|
||||
public function deleteUser(User $user, Request $request)
|
||||
{
|
||||
$this->authorize('delete', $user);
|
||||
|
|
|
@ -43,6 +43,14 @@ class UserPolicy
|
|||
return false;
|
||||
}
|
||||
|
||||
public function resetPassword(User $user, User $user2)
|
||||
{
|
||||
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id AND !$user2->isAdministrator())) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function delete(User $user, User $user2)
|
||||
{
|
||||
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id AND !$user2->isAdministrator()) || $user === $user2) {
|
||||
|
|
28
app/User.php
28
app/User.php
|
@ -47,7 +47,7 @@ class User extends Authenticatable
|
|||
|
||||
public function passwordHash($password)
|
||||
{
|
||||
$this->password = password_hash($password, PASSWORD_DEFAULT);
|
||||
return password_hash($password, PASSWORD_DEFAULT);
|
||||
}
|
||||
|
||||
public function passwordVerify($password)
|
||||
|
@ -55,6 +55,26 @@ class User extends Authenticatable
|
|||
return password_verify($password, $this->password);
|
||||
}
|
||||
|
||||
public function generatePassword(Int $length)
|
||||
{
|
||||
$chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWZYZabcdefghijklmnopqrstuvwxyz";
|
||||
$password = "";
|
||||
$char_max = strlen($chars) - 1;
|
||||
|
||||
for ($i = 0; $i < $length; ++$i) {
|
||||
$password .= $chars[random_int(0, $char_max)];
|
||||
}
|
||||
|
||||
return $password;
|
||||
}
|
||||
|
||||
public function resetPassword()
|
||||
{
|
||||
$this->password = $this->passwordHash($this->generatePassword(10));
|
||||
$this->update();
|
||||
return true;
|
||||
}
|
||||
|
||||
public function isModerator()
|
||||
{
|
||||
if ($this->access_level === 2) {
|
||||
|
@ -80,7 +100,7 @@ class User extends Authenticatable
|
|||
{
|
||||
$this->name = $request["name"];
|
||||
$this->email = trim($request["email"]);
|
||||
$this->passwordHash($request["password"]);
|
||||
$this->password = $this->passwordHash($request["password"]);
|
||||
$this->enabled = $request["enabled"];
|
||||
$this->access_level = $request["access_level"];
|
||||
|
||||
|
@ -108,7 +128,7 @@ class User extends Authenticatable
|
|||
$this->enabled = $request["enabled"];
|
||||
|
||||
if ($request["password"]) {
|
||||
$this->passwordHash($request["password"]);
|
||||
$this->password = $this->passwordHash($request["password"]);
|
||||
}
|
||||
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
|
@ -143,7 +163,7 @@ class User extends Authenticatable
|
|||
|
||||
public function updatePassword($password)
|
||||
{
|
||||
$this->passwordHash($password);
|
||||
$this->password = $this->passwordHash($password);
|
||||
$this->update();
|
||||
}
|
||||
|
||||
|
|
|
@ -23,9 +23,15 @@ $('.delete-modal').on('show.bs.modal', function (event) {
|
|||
var button = $(event.relatedTarget); // Button that triggered the modal
|
||||
var delete_url = button.data('url'); // Extract info from data-* attributes
|
||||
var delete_id = button.data('id'); // Extract info from data-* attributes
|
||||
// If necessary, you could initiate an AJAX request here (and then do the updating in a callback).
|
||||
// Update the modal's content. We'll use jQuery here, but you could use a data binding library or other methods instead.
|
||||
var modal = $(this);
|
||||
var admin_path = modal.find('#modal-button-delete').attr("formaction");
|
||||
modal.find('#modal-button-delete').attr("formaction", admin_path + delete_url + "/" + delete_id + "/delete");
|
||||
})
|
||||
|
||||
$('.reset-password-modal').on('show.bs.modal', function (event) {
|
||||
var button = $(event.relatedTarget); // Button that triggered the modal
|
||||
var reset_password_id = button.data('id'); // Extract info from data-* attributes
|
||||
var modal = $(this);
|
||||
var admin_path = modal.find('#modal-button-reset-password').attr("formaction");
|
||||
modal.find('#modal-button-reset-password').attr("formaction", admin_path + "users/" + reset_password_id + "/reset-password");
|
||||
})
|
|
@ -6,9 +6,7 @@
|
|||
<h4 class="modal-title" id="myModalLabel">Are You Sure!</h4>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form method="POST" class="">
|
||||
{{ csrf_field() }}
|
||||
{{ method_field('DELETE') }}
|
||||
<form method="GET">
|
||||
<button id="modal-button-delete" class="btn btn-danger" formaction="/{{ Auth::user()->getAdminPath() }}/">Yes</button>
|
||||
<button type="button" class="btn btn-default" data-dismiss="modal">No</button>
|
||||
</form>
|
||||
|
|
16
resources/views/shared/reset-password-modal.blade.php
Normal file
16
resources/views/shared/reset-password-modal.blade.php
Normal file
|
@ -0,0 +1,16 @@
|
|||
<div class="modal fade reset-password-modal" tabindex="-1" role="dialog" aria-labelledby="reset-password-modal">
|
||||
<div class="modal-dialog modal-sm" role="document">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
|
||||
<h4 class="modal-title" id="myModalLabel">Are You Sure!</h4>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form method="GET">
|
||||
<button id="modal-button-reset-password" class="btn btn-danger" formaction="/{{ Auth::user()->getAdminPath() }}/">Yes</button>
|
||||
<button type="button" class="btn btn-default" data-dismiss="modal">No</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -4,6 +4,8 @@
|
|||
|
||||
@include('shared.delete-modal')
|
||||
|
||||
@include('shared.reset-password-modal')
|
||||
|
||||
<div class="container-fluid">
|
||||
<div class="row">
|
||||
<div class="col-md-6 col-md-offset-3">
|
||||
|
@ -17,6 +19,7 @@
|
|||
<form method="get">
|
||||
<button type="button" class="btn btn-sm btn-danger pull-right" data-toggle="modal" data-target=".delete-modal" data-url="users" data-id="{{ $user->id }}">Delete</button>
|
||||
<button class="btn btn-sm btn-default pull-right" formaction="/{{ Auth::user()->getAdminPath() }}/users/{{ $user->id }}/edit">Edit</button>
|
||||
<button type="button" class="btn btn-sm btn-default pull-right" data-toggle="modal" data-target=".reset-password-modal" data-id="{{ $user->id }}">Reset Password</button>
|
||||
</form>
|
||||
@endif
|
||||
<strong>Name:</strong><br>
|
||||
|
|
|
@ -67,6 +67,7 @@ Route::group(['prefix' => 'mod', 'middleware' => 'is.mod'], function () {
|
|||
Route::get('/users/{user}', 'AdministrativeUserController@showUser');
|
||||
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
|
||||
Route::get('/users/{user}/reset-password', 'AdministrativeUserController@resetUserPassword');
|
||||
Route::delete('/users/{user}/delete', 'AdministrativeUserController@deleteUser');
|
||||
|
||||
Route::get('/groups/{group}', 'GroupController@showGroup');
|
||||
|
@ -103,6 +104,7 @@ Route::group(['prefix' => 'admin', 'middleware' => 'is.admin'], function () {
|
|||
Route::get('/users/{user}', 'AdministrativeUserController@showUser');
|
||||
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
|
||||
Route::get('/users/{user}/reset-password', 'AdministrativeUserController@resetUserPassword');
|
||||
Route::delete('/users/{user}/delete', 'AdministrativeUserController@deleteUser');
|
||||
|
||||
Route::get('/groups', 'GroupController@showGroups');
|
||||
|
|
Reference in a new issue