From 5349f0578ebd31d73e06ec3307ab9b3e495e2074 Mon Sep 17 00:00:00 2001
From: bad <badatnames@tutanota.com>
Date: Thu, 16 Dec 2021 21:58:10 +0100
Subject: [PATCH] User account updating

---
 ...LoginController.php => UserController.php} | 44 +++++++++++++++++--
 resources/views/login.blade.php               |  2 +-
 resources/views/user.blade.php                | 26 +++++++++--
 routes/web.php                                | 10 +++--
 4 files changed, 69 insertions(+), 13 deletions(-)
 rename app/Http/Controllers/{LoginController.php => UserController.php} (51%)

diff --git a/app/Http/Controllers/LoginController.php b/app/Http/Controllers/UserController.php
similarity index 51%
rename from app/Http/Controllers/LoginController.php
rename to app/Http/Controllers/UserController.php
index 5bf5ab4..13fb7e3 100644
--- a/app/Http/Controllers/LoginController.php
+++ b/app/Http/Controllers/UserController.php
@@ -6,14 +6,15 @@ use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
+use Illuminate\Validation\Rules\Password;
 
-class LoginController extends Controller
+class UserController extends Controller
 {
     public function authenticate(Request $request)
     {
         $creds = $request->validate([
             'email' => ['required', 'email'],
-            'password' => ['required']
+            'password' => ['required'],
         ]);
         if (Auth::attempt($creds)) {
             $request->session()->regenerate();
@@ -29,9 +30,9 @@ class LoginController extends Controller
         Auth::logout();
 
         $creds = $request->validate([
-            'email' => ['required', 'email', 'unique:users'],
             'name' => ['required', 'unique:users'],
-            'password' => ['required']
+            'email' => ['required', 'email', 'unique:users'],
+            'password' => ['confirmed', Password::min(9)->uncompromised()],
         ]);
         $creds["password"] = Hash::make($creds["password"]);
         User::create($creds);
@@ -39,6 +40,41 @@ class LoginController extends Controller
         return redirect("login")->withSuccess("Success! Now login");
     }
 
+    public function update(Request $request) {
+        $user = Auth::user();
+
+        $creds = $request->validate([
+            'name' => ['string'],
+            'email' => ['email', 'string'],
+        ]);
+
+        if($creds["name"]) $user->name = $creds["name"];
+        if($creds["email"]) $user->email = $creds["email"];
+        $user->save();
+        return back();
+    }
+
+    public function updatePassword(Request $request) {
+        $user = Auth::user();
+
+        $creds = $request->validate([
+            'old_password' => ['required'],
+            'password' => ['required', 'confirmed', Password::min(9)->uncompromised()],
+        ]);
+
+        if (Hash::check($creds["old_password"], $user->password)) {
+            $creds["password"] = Hash::make($creds["password"]);
+            $user->password = $creds["password"];
+        } else {
+            return back()->withErrors([
+                'Incorrect password'
+            ]);
+        }
+
+        $user->save();
+        return back();
+    }
+
     public function logout(Request $request)
     {
         Auth::logout();
diff --git a/resources/views/login.blade.php b/resources/views/login.blade.php
index 9923525..7433549 100644
--- a/resources/views/login.blade.php
+++ b/resources/views/login.blade.php
@@ -25,7 +25,7 @@
                 <input type="email" name="email" placeholder="email">
                 <input type="text" name="name" placeholder="Imie">
                 <input type="password" name="password" placeholder="Hasło">
-                <input type="password" name="repeat-password" placeholder="Powtórz hasło">
+                <input type="password" name="password_confirmation" placeholder="Powtórz hasło">
                 <input type="submit">
                 @csrf
             </form>
diff --git a/resources/views/user.blade.php b/resources/views/user.blade.php
index 8e91688..6d41f8d 100644
--- a/resources/views/user.blade.php
+++ b/resources/views/user.blade.php
@@ -7,8 +7,26 @@
 @section('title', "Sklep")
 
 @section('main')
-    <p>
-       <b>Welcome, you are logged in as {{ $user->name }}</b>
-       <a href="{{route("logout")}}"> Logout </a>
-    </p>
+    <div>
+        <div>       
+            <b>Welcome, you are logged in as {{ $user->name }}</b>
+            <a href="{{route("logout")}}"> Logout </a>
+        </div>
+        <div>
+            <form method="post" action="{{ route("user.update") }}">
+                <!-- TODO validation in js !-->
+                <input type="email" name="email" placeholder="email" value="{{ $user->email }}">
+                <input type="text" name="name" placeholder="Imie" value="{{ $user->name }}">
+                <input type="submit">
+                @csrf
+            </form>
+            <form action="{{ route("user.updatepassword") }}" method="post">
+                <input type="password" name="old_password" placeholder="Obecne hasło">
+                <input type="password" name="password" placeholder="Nowe hasło">
+                <input type="password" name="password_confirmation" placeholder="Powtórz nowe hasło">
+                <input type="submit">
+                @csrf
+            </form>
+        </div>
+    </div>
 @endsection()
diff --git a/routes/web.php b/routes/web.php
index 7067126..51e6464 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -1,7 +1,7 @@
 <?php
 
 use App\Http\Controllers\ImageController;
-use App\Http\Controllers\LoginController;
+use App\Http\Controllers\UserController;
 use App\Http\Controllers\MainPageController;
 use App\Http\Controllers\CartController;
 use App\Http\Controllers\CategoryController;
@@ -26,12 +26,14 @@ Route::get('/user', function () {
     $user = Auth::user();
     return view("user", ["user"=>$user]);
 })->middleware("auth")->name("user");
+Route::post('/user', [UserController::class, "update"])->name("user.update");
+Route::post('/user/password', [UserController::class, "updatePassword"])->name("user.updatepassword");
 
 Route::view("/login", "login");
 
-Route::post('/login', [LoginController::class, "authenticate"])->name("login");
-Route::post('/register', [LoginController::class, "register"])->name("register");
-Route::any("/logout", [LoginController::class, "logout"])->name("logout");
+Route::post('/login', [UserController::class, "authenticate"])->name("login");
+Route::post('/register', [UserController::class, "register"])->name("register");
+Route::any("/logout", [UserController::class, "logout"])->name("logout");
 
 Route::get("/cart", [CartController::class, "show"])->name("cart")->middleware("auth");
 Route::post("/product/{product}/addToCart", [CartController::class, "addToCart"])->name("addToCart")->middleware("auth");