Flycro/laravel-nuxt-ui-inertia-template
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: use form requests in auth controllers, remove double hashing

Browse Source
This commit is contained in:
Flycro
2026-03-19 23:14:52 +01:00
parent da97c45dd4
commit 44c1cbe5f6
5 changed files with 41 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
app/Http/Controllers/Auth/CompleteProfileController.php
View File

@@ -3,13 +3,12 @@
namespace App\Http\Controllers\Auth; namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\CompleteProfileRequest;
use App\Models\User; use App\Models\User;
use Illuminate\Auth\Events\Registered; use Illuminate\Auth\Events\Registered;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
use Inertia\Inertia; use Inertia\Inertia;
use Inertia\Response; use Inertia\Response;
@@ -34,35 +33,23 @@ class CompleteProfileController extends Controller
/** /**
* Handle the complete profile request. * Handle the complete profile request.
*/ */
public function store(Request $request): RedirectResponse public function store(CompleteProfileRequest $request): RedirectResponse
{ {
$socialiteUser = session('socialite_user'); $socialiteUser = session('socialite_user');
$validated = $request->validated();
if (! $socialiteUser) {
return redirect()->route('login');
}
$request->validate([
'username' => [
'required', 'string', 'max:255', 'alpha_dash',
function ($attribute, $value, $fail) {
$exists = User::whereRaw('LOWER(username) = ?', [strtolower($value)])->exists();
if ($exists) {
$fail('The username has already been taken.');
}
},
],
'first_name' => ['required', 'string', 'max:255'],
'last_name' => ['required', 'string', 'max:255'],
]);
$user = User::create([ $user = User::create([
'username' => $request->username, 'username' => $validated['username'],
'first_name' => $request->first_name, 'first_name' => $validated['first_name'],
'last_name' => $request->last_name, 'last_name' => $validated['last_name'],
'email' => $socialiteUser['email'], 'email' => $socialiteUser['email'],
'password' => Hash::make(Str::random(24)), ]);
'email_verified_at' => now(),
$user->forceFill(['email_verified_at' => now()])->save();
$user->socialAccounts()->create([
'provider' => $socialiteUser['provider'],
'provider_id' => $socialiteUser['provider_id'],
]); ]);
session()->forget('socialite_user'); session()->forget('socialite_user');

14
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@@ -3,8 +3,8 @@
namespace App\Http\Controllers\Auth; namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\ForgotPasswordRequest;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Password; use Illuminate\Support\Facades\Password;
use Inertia\Inertia; use Inertia\Inertia;
use Inertia\Response; use Inertia\Response;
@@ -26,18 +26,10 @@ class ForgotPasswordController extends Controller
/** /**
* Handle an incoming password reset link request. * Handle an incoming password reset link request.
*/ */
public function store(Request $request): RedirectResponse public function store(ForgotPasswordRequest $request): RedirectResponse
{ {
if (! config('auth-ui.features.password_reset')) {
abort(404);
}
$request->validate([
'email' => ['required', 'email'],
]);
$status = Password::sendResetLink( $status = Password::sendResetLink(
$request->only('email') $request->validated()
); );
if ($status === Password::RESET_LINK_SENT) { if ($status === Password::RESET_LINK_SENT) {

20
app/Http/Controllers/Auth/LoginController.php
View File

@@ -3,6 +3,7 @@
namespace App\Http\Controllers\Auth; namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Models\User; use App\Models\User;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@@ -24,26 +25,21 @@ class LoginController extends Controller
/** /**
* Handle an incoming authentication request. * Handle an incoming authentication request.
*/ */
public function store(Request $request): RedirectResponse public function store(LoginRequest $request): RedirectResponse
{ {
$request->validate([ $login = $request->validated('login');
'login' => ['required', 'string'], $password = $request->validated('password');
'password' => ['required', 'string'],
]);
$login = $request->input('login');
$password = $request->input('password');
$isEmail = filter_var($login, FILTER_VALIDATE_EMAIL); $isEmail = filter_var($login, FILTER_VALIDATE_EMAIL);
$user = $isEmail $credentials = $isEmail
? User::where('email', $login)->first() ? ['email' => $login, 'password' => $password]
: User::whereRaw('LOWER(username) = ?', [strtolower($login)])->first(); : ['email' => User::whereRaw('LOWER(username) = ?', [strtolower($login)])->value('email'), 'password' => $password];
$remember = config('auth-ui.features.remember_me') $remember = config('auth-ui.features.remember_me')
? $request->boolean('remember') ? $request->boolean('remember')
: false; : false;
if (! $user || ! Auth::attempt(['email' => $user->email, 'password' => $password], $remember)) { if (! $credentials['email'] || ! Auth::attempt($credentials, $remember)) {
throw ValidationException::withMessages([ throw ValidationException::withMessages([
'login' => __('auth.failed'), 'login' => __('auth.failed'),
]); ]);

40
app/Http/Controllers/Auth/RegisterController.php
View File

@@ -3,13 +3,11 @@
namespace App\Http\Controllers\Auth; namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\RegisterRequest;
use App\Models\User; use App\Models\User;
use Illuminate\Auth\Events\Registered; use Illuminate\Auth\Events\Registered;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules;
use Inertia\Inertia; use Inertia\Inertia;
use Inertia\Response; use Inertia\Response;
@@ -30,40 +28,26 @@ class RegisterController extends Controller
/** /**
* Handle an incoming registration request. * Handle an incoming registration request.
*/ */
public function store(Request $request): RedirectResponse public function store(RegisterRequest $request): RedirectResponse
{ {
if (! config('auth-ui.features.registration')) { $validated = $request->validated();
abort(404);
}
$request->validate([
'username' => [
'required', 'string', 'max:255', 'alpha_dash',
function ($attribute, $value, $fail) {
$exists = User::whereRaw('LOWER(username) = ?', [strtolower($value)])->exists();
if ($exists) {
$fail('The username has already been taken.');
}
},
],
'first_name' => ['required', 'string', 'max:255'],
'last_name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:'.User::class],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
$user = User::create([ $user = User::create([
'username' => $request->username, 'username' => $validated['username'],
'first_name' => $request->first_name, 'first_name' => $validated['first_name'],
'last_name' => $request->last_name, 'last_name' => $validated['last_name'],
'email' => $request->email, 'email' => $validated['email'],
'password' => Hash::make($request->password), 'password' => $validated['password'],
]); ]);
event(new Registered($user)); event(new Registered($user));
Auth::login($user); Auth::login($user);
if (config('auth-ui.features.email_verification')) {
return redirect()->route('verification.notice');
}
return redirect(config('auth-ui.redirects.register', '/')); return redirect(config('auth-ui.redirects.register', '/'));
} }
} }

21
app/Http/Controllers/Auth/ResetPasswordController.php
View File

@@ -3,13 +3,12 @@
namespace App\Http\Controllers\Auth; namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\ResetPasswordRequest;
use Illuminate\Auth\Events\PasswordReset; use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password; use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Illuminate\Validation\Rules;
use Inertia\Inertia; use Inertia\Inertia;
use Inertia\Response; use Inertia\Response;
@@ -33,23 +32,13 @@ class ResetPasswordController extends Controller
/** /**
* Handle an incoming new password request. * Handle an incoming new password request.
*/ */
public function store(Request $request): RedirectResponse public function store(ResetPasswordRequest $request): RedirectResponse
{ {
if (! config('auth-ui.features.password_reset')) {
abort(404);
}
$request->validate([
'token' => ['required'],
'email' => ['required', 'email'],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
$status = Password::reset( $status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'), $request->validated(),
function ($user) use ($request) { function ($user, string $password): void {
$user->forceFill([ $user->forceFill([
'password' => Hash::make($request->password), 'password' => $password,
'remember_token' => Str::random(60), 'remember_token' => Str::random(60),
])->save(); ])->save();