make it possible to modify email and username

This commit is contained in:
Bence Pőcze 2023-04-09 02:10:32 +02:00
parent 151112bd2a
commit a0fe77fe66
Signed by: bence
GPG Key ID: DC5BD6E95A333E6D
2 changed files with 42 additions and 8 deletions

View File

@ -13,6 +13,7 @@ use SokoWeb\Response\HtmlContent;
use SokoWeb\Response\JsonContent; use SokoWeb\Response\JsonContent;
use SokoWeb\Response\Redirect; use SokoWeb\Response\Redirect;
use SokoWeb\Util\JwtParser; use SokoWeb\Util\JwtParser;
use RVR\Repository\UserRepository;
class UserController implements ISecured class UserController implements ISecured
{ {
@ -20,10 +21,13 @@ class UserController implements ISecured
private PersistentDataManager $pdm; private PersistentDataManager $pdm;
private UserRepository $userRepository;
public function __construct(IRequest $request) public function __construct(IRequest $request)
{ {
$this->request = $request; $this->request = $request;
$this->pdm = new PersistentDataManager(); $this->pdm = new PersistentDataManager();
$this->userRepository = new UserRepository();
} }
public function authorize(): bool public function authorize(): bool
@ -126,8 +130,39 @@ class UserController implements ISecured
return new JsonContent(['error' => ['errorText' => $error]]); return new JsonContent(['error' => ['errorText' => $error]]);
} }
if (strlen($this->request->post('password_new')) > 0) { $newEmail = $this->request->post('email');
if (strlen($this->request->post('password_new')) < 6) { if ($newEmail !== $user->getEmail()) {
if (!filter_var($newEmail, FILTER_VALIDATE_EMAIL)) {
return new JsonContent(['error' => ['errorText' => 'Please provide a valid email address.']]);
}
if ($this->userRepository->getByEmail($newEmail) !== null) {
return new JsonContent(['error' => ['errorText' => 'The given email address belongs to another account.']]);
}
$user->setEmail($newEmail);
}
$newUsername = $this->request->post('username');
if ($newUsername !== $user->getUsername()) {
if (strlen($newUsername) > 0) {
if (filter_var($newUsername, FILTER_VALIDATE_EMAIL)) {
return new JsonContent(['error' => ['errorText' => 'Please select a username that is not a valid email address.']]);
}
if ($this->userRepository->getByUsername($newUsername) !== null) {
return new JsonContent(['error' => ['errorText' => 'The given username is already taken.']]);
}
$user->setUsername($newUsername);
} else {
$user->setUsername(null);
}
}
$newPassword = $this->request->post('password_new');
if (strlen($newPassword) > 0) {
if (strlen($newPassword) < 6) {
return new JsonContent([ return new JsonContent([
'error' => [ 'error' => [
'errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!' 'errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!'
@ -135,7 +170,7 @@ class UserController implements ISecured
]); ]);
} }
if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) { if ($newPassword !== $this->request->post('password_new_confirm')) {
return new JsonContent([ return new JsonContent([
'error' => [ 'error' => [
'errorText' => 'The given new passwords do not match.' 'errorText' => 'The given new passwords do not match.'
@ -143,7 +178,7 @@ class UserController implements ISecured
]); ]);
} }
$user->setPlainPassword($this->request->post('password_new')); $user->setPlainPassword($newPassword);
} }
$this->pdm->saveToDb($user); $this->pdm->saveToDb($user);

View File

@ -5,7 +5,7 @@
@section(main) @section(main)
<h2>Account</h2> <h2>Account</h2>
<div class="box"> <div class="box">
<form id="accountForm" action="/account" method="post" data-observe-inputs="password_new,password_new_confirm"> <form id="accountForm" action="/account" method="post" data-observe-inputs="email,username,password_new,password_new_confirm">
<?php if ($user['password'] !== null && $user['google_sub'] !== null): ?> <?php if ($user['password'] !== null && $user['google_sub'] !== null): ?>
<p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p> <p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p>
<div class="inputWithButton"> <div class="inputWithButton">
@ -23,9 +23,8 @@
</div> </div>
<?php endif; ?> <?php endif; ?>
<hr> <hr>
<?php /* TODO: disabled for the time being, email modification should be implemented */ ?> <input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $user['email'] ?>">
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $user['email'] ?>" disabled> <input type="text" class="text big fullWidth marginTop" name="username" placeholder="Username" value="<?= $user['username'] ?>">
<input type="text" class="text big fullWidth marginTop" name="username" placeholder="Username" value="<?= $user['username'] ?>" disabled>
<input type="password" class="text big fullWidth marginTop" name="password_new" placeholder="New password" minlength="6"> <input type="password" class="text big fullWidth marginTop" name="password_new" placeholder="New password" minlength="6">
<input type="password" class="text big fullWidth marginTop" name="password_new_confirm" placeholder="New password confirmation" minlength="6"> <input type="password" class="text big fullWidth marginTop" name="password_new_confirm" placeholder="New password confirmation" minlength="6">
<p id="accountFormError" class="formError justify marginTop"></p> <p id="accountFormError" class="formError justify marginTop"></p>