File app/Http/Controllers/RequestVerification.php added (mode: 100644) (index 0000000..01b6a86) |
|
1 |
|
<?php |
|
2 |
|
|
|
3 |
|
namespace SICSF\Http\Controllers; |
|
4 |
|
|
|
5 |
|
use Illuminate\Http\Request; |
|
6 |
|
use SICSF\Users; |
|
7 |
|
use Illuminate\Support\Facades\Validator; |
|
8 |
|
use SICSF\UsersTokens; |
|
9 |
|
use Illuminate\Support\Facades\Mail; |
|
10 |
|
|
|
11 |
|
class RequestVerification extends Controller |
|
12 |
|
{ |
|
13 |
|
/** |
|
14 |
|
* Handle the incoming request. |
|
15 |
|
* |
|
16 |
|
* @param \Illuminate\Http\Request $request |
|
17 |
|
* @return \Illuminate\Http\Response |
|
18 |
|
*/ |
|
19 |
|
public function __invoke(Request $request) |
|
20 |
|
{ |
|
21 |
|
if ($request->isMethod("GET")) { |
|
22 |
|
return view("Layout/Template", [ |
|
23 |
|
"title" => "SICSF - Request verification link", |
|
24 |
|
"view" => "RequestVerification" |
|
25 |
|
]); |
|
26 |
|
} |
|
27 |
|
else if ($request->isMethod("POST")) { |
|
28 |
|
$email = $request->input("email"); |
|
29 |
|
$validator = Validator::make($request->all(), [ |
|
30 |
|
"email" => "required|email" |
|
31 |
|
]); |
|
32 |
|
|
|
33 |
|
if ($validator->fails()) { |
|
34 |
|
return response()->json([ |
|
35 |
|
"errors" => $validator->errors()->all() |
|
36 |
|
]); |
|
37 |
|
} |
|
38 |
|
|
|
39 |
|
$username = Users::GetUserByEmail($email)->Username; |
|
40 |
|
if (Users::EmailExists($email) && !Users::IsConfirmed($username)) { |
|
41 |
|
$token = base64_encode(bin2hex(random_bytes(64))); |
|
42 |
|
|
|
43 |
|
Mail::send("Mail/Verification", [ |
|
44 |
|
"username" => $username, |
|
45 |
|
"token" => $token |
|
46 |
|
], function($message) use ($username, $email) { |
|
47 |
|
$message |
|
48 |
|
->to($email, $username) |
|
49 |
|
->subject("Verification request"); |
|
50 |
|
$message->from("noreply@sicsf.heliohost.org", "SICSF Syria"); |
|
51 |
|
}); |
|
52 |
|
|
|
53 |
|
UsersTokens::AddConfirmationToken($username, $token); |
|
54 |
|
} |
|
55 |
|
|
|
56 |
|
return response()->json([ |
|
57 |
|
"success" => ["<div class='alert alert-success'>If the entered E-mail exist and isn't already registered, it will recieve an activation message.</div>"] |
|
58 |
|
]); |
|
59 |
|
} |
|
60 |
|
} |
|
61 |
|
} |
File app/Http/Controllers/Signup.php added (mode: 100644) (index 0000000..6eba098) |
|
1 |
|
<?php |
|
2 |
|
|
|
3 |
|
namespace SICSF\Http\Controllers; |
|
4 |
|
|
|
5 |
|
use Illuminate\Http\Request; |
|
6 |
|
use SICSF\Users; |
|
7 |
|
use Illuminate\Support\Facades\Mail; |
|
8 |
|
use Illuminate\Support\Facades\Validator; |
|
9 |
|
use SICSF\UsersTokens; |
|
10 |
|
|
|
11 |
|
class Signup extends Controller |
|
12 |
|
{ |
|
13 |
|
/** |
|
14 |
|
* Handle the incoming request. |
|
15 |
|
* |
|
16 |
|
* @param \Illuminate\Http\Request $request |
|
17 |
|
* @return \Illuminate\Http\Response |
|
18 |
|
*/ |
|
19 |
|
public function __invoke(Request $request) |
|
20 |
|
{ |
|
21 |
|
if ($request->session()->has("username")) { |
|
22 |
|
return redirect("/user/". $request->session()->get("username")); |
|
23 |
|
} |
|
24 |
|
else if ($request->isMethod("GET")) { |
|
25 |
|
return view("Layout/Template", [ |
|
26 |
|
"title" => "SICSF - Signup for an account", |
|
27 |
|
"view" => "Signup" |
|
28 |
|
]); |
|
29 |
|
} |
|
30 |
|
else if ($request->isMethod("POST")) { |
|
31 |
|
$validator = Validator::make($request->all(), [ |
|
32 |
|
"username" => "required|min:6|max:20|regex:/^([A-Za-z0-9_]){6,20}$/i|unique:Users,Username", |
|
33 |
|
"email" => "required|email", |
|
34 |
|
"password" => "required|min:8|max:1024", |
|
35 |
|
"password-confirmation" => "required|min:8|max:1024|same:password" |
|
36 |
|
]); |
|
37 |
|
|
|
38 |
|
if ($validator->fails()) { |
|
39 |
|
return response()->json([ |
|
40 |
|
"errors" => $validator->errors()->all() |
|
41 |
|
]); |
|
42 |
|
} |
|
43 |
|
|
|
44 |
|
if (Users::EmailExists($request->input("email"))) { |
|
45 |
|
return response()->json([ |
|
46 |
|
"success" => ["<div class='alert alert-success'>You've been successfully registered.<br/>If the entered E-mail exist and isn't already registered, it will recieve an activation message.</div>"] |
|
47 |
|
]); |
|
48 |
|
} |
|
49 |
|
|
|
50 |
|
$data = [ |
|
51 |
|
"Username" => $request->input("username"), |
|
52 |
|
"Email" => $request->input("email"), |
|
53 |
|
"Password" => $request->input("password") |
|
54 |
|
]; |
|
55 |
|
|
|
56 |
|
Users::AddUser($data); |
|
57 |
|
$token = base64_encode(bin2hex(random_bytes(64))); |
|
58 |
|
Mail::send("Mail/Welcome", [ |
|
59 |
|
"name" => $request->input("username"), |
|
60 |
|
"token" => $token |
|
61 |
|
], function($message) use ($request) { |
|
62 |
|
$message |
|
63 |
|
->to($request->input("email"), $request->input("username")) |
|
64 |
|
->subject("Welcome to SICSF"); |
|
65 |
|
$message->from("noreply@sicsf.heliohost.org", "SICSF Syria"); |
|
66 |
|
}); |
|
67 |
|
|
|
68 |
|
UsersTokens::AddConfirmationToken($request->input("username"), $token); |
|
69 |
|
|
|
70 |
|
return response()->json([ |
|
71 |
|
"success" => ["<div class='alert alert-success'>You've been successfully registered.<br/>If the entered E-mail exist and isn't already registered, it will recieve an activation message.</div>"] |
|
72 |
|
]); |
|
73 |
|
} |
|
74 |
|
} |
|
75 |
|
} |
File app/UsersTokens.php added (mode: 100644) (index 0000000..786979e) |
|
1 |
|
<?php |
|
2 |
|
|
|
3 |
|
namespace SICSF; |
|
4 |
|
|
|
5 |
|
use Illuminate\Database\Eloquent\Model; |
|
6 |
|
|
|
7 |
|
class UsersTokens extends Model |
|
8 |
|
{ |
|
9 |
|
protected $table = "UsersTokens"; |
|
10 |
|
protected $primaryKey = NULL; |
|
11 |
|
public $incrementing = FALSE; |
|
12 |
|
protected $keyType = NULL; |
|
13 |
|
public $timestamps = FALSE; |
|
14 |
|
|
|
15 |
|
public static function GetConfirmationToken($username) { |
|
16 |
|
return self::where("Username", $username)->first()->ConfirmationToken; |
|
17 |
|
} |
|
18 |
|
|
|
19 |
|
public static function GetTokenInfo($token) { |
|
20 |
|
return self::where("ConfirmationToken", $token)->first(); |
|
21 |
|
} |
|
22 |
|
|
|
23 |
|
public static function AddConfirmationToken($username, $token) { |
|
24 |
|
$timestamp = date_timestamp_get(date_create()); |
|
25 |
|
self::where("Username", $username)->insert([ |
|
26 |
|
"Username" => $username, |
|
27 |
|
"ConfirmationToken" => $token, |
|
28 |
|
"CreationDate" => $timestamp, |
|
29 |
|
"ExpirationDate" => $timestamp + (60 * 60 * 8) |
|
30 |
|
]); |
|
31 |
|
} |
|
32 |
|
|
|
33 |
|
public static function ConfirmationTokenExists($token) { |
|
34 |
|
return (self::where("ConfirmationToken", $token)->count() === 1); |
|
35 |
|
} |
|
36 |
|
|
|
37 |
|
public static function ClearConfirmationToken($token) { |
|
38 |
|
self::where("ConfirmationToken", $token)->delete(); |
|
39 |
|
} |
|
40 |
|
} |
File resources/views/RequestVerification.blade.php copied from file resources/views/ReportError.blade.php (similarity 59%) (mode: 100644) (index 53b786d..d69e0b8) |
2 |
2 |
<div class="row"> |
<div class="row"> |
3 |
3 |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
4 |
4 |
<div class="col-xs-8 col-sm-8 col-md-6 col-lg-6 border border-dark rounded"> |
<div class="col-xs-8 col-sm-8 col-md-6 col-lg-6 border border-dark rounded"> |
5 |
|
<h2 class="text-center">Report An Error</h2> |
|
6 |
|
<p>Have you faced any error?, if so, please use the following form to report these errors so i can fix them.</p> |
|
7 |
|
<p>Describe in details the error you faced:</p> |
|
8 |
|
<textarea class="form-control" rows="8" id="report-reason"></textarea> |
|
|
5 |
|
<h2 class="text-center">Request verification</h2> |
|
6 |
|
<p>Input the E-mail address you used to create your account:</p> |
|
7 |
|
<input type="email" class="form-control" id="email"></textarea> |
9 |
8 |
<br/> |
<br/> |
10 |
|
<button class="btn btn-block btn-dark" id="report-button">Report <span class="fa fa-exclamation-triangle"></button> |
|
|
9 |
|
<button class="btn btn-block btn-dark" id="request-button">Request verification <span class="fa fa-envelope"></button> |
11 |
10 |
<br/> |
<br/> |
12 |
11 |
<div id="result"></div> |
<div id="result"></div> |
13 |
12 |
<br/> |
<br/> |
14 |
|
|
|
|
13 |
|
|
15 |
14 |
</div> |
</div> |
16 |
15 |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
17 |
16 |
</div> |
</div> |
18 |
17 |
<br/> |
<br/> |
19 |
18 |
</div> |
</div> |
20 |
|
|
|
|
19 |
|
|
21 |
20 |
<script> |
<script> |
22 |
21 |
$(document).ready(function() { |
$(document).ready(function() { |
23 |
|
$("#report-button").on("click", function() { |
|
24 |
|
var ReportReason = $("#report-reason").val(); |
|
25 |
|
|
|
26 |
|
var Message = ""; |
|
27 |
|
var IsValid = true; |
|
|
22 |
|
$("#request-button").on("click", function() { |
|
23 |
|
var Email = $("#email").val(); |
28 |
24 |
|
|
29 |
|
if (ReportReason.length > 8000 || ReportReason.length === 0) { |
|
30 |
|
Message = "The reason field can't exceed 8000 characters in length and cannot be empty.<br/>"; |
|
|
25 |
|
var EmailPattern = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; |
|
26 |
|
|
|
27 |
|
var Message = ""; |
|
28 |
|
var IsValid = true; |
|
29 |
|
|
|
30 |
|
if (!EmailPattern.test(Email)) { |
31 |
31 |
IsValid = false; |
IsValid = false; |
|
32 |
|
Message += "E-mail cannot be empty, and must be formatted correctly.<br>"; |
32 |
33 |
} |
} |
33 |
|
|
|
|
34 |
|
|
34 |
35 |
if (!IsValid) { |
if (!IsValid) { |
35 |
36 |
Message = "<div class='alert alert-danger'>" + Message + "</div>"; |
Message = "<div class='alert alert-danger'>" + Message + "</div>"; |
36 |
37 |
$("#result").html(Message); |
$("#result").html(Message); |
37 |
38 |
} |
} |
38 |
39 |
else { |
else { |
39 |
40 |
$.ajax({ |
$.ajax({ |
40 |
|
url : "{{ URL::to('report-error') }}", |
|
|
41 |
|
url : "{{ URL::to('request-verification') }}", |
41 |
42 |
type : "POST", |
type : "POST", |
42 |
43 |
data : { |
data : { |
43 |
44 |
"_token" : window.CSRFHashToken, |
"_token" : window.CSRFHashToken, |
44 |
|
"ReportReason" : ReportReason |
|
|
45 |
|
"email" : Email |
45 |
46 |
}, |
}, |
46 |
47 |
success : function(result, status, xhr) { |
success : function(result, status, xhr) { |
47 |
48 |
if ("success" in result) { |
if ("success" in result) { |
48 |
49 |
Snackbar.show({ |
Snackbar.show({ |
49 |
|
text : "The error has been successfully reported.<br/>I'll fix it ASAP.", |
|
|
50 |
|
text : "A verification message has been sent to your E-mail.<br/>Check it out.", |
50 |
51 |
pos : "top-center", |
pos : "top-center", |
51 |
52 |
backgroundColor : "#212529", |
backgroundColor : "#212529", |
52 |
53 |
actionText : "Dismiss", |
actionText : "Dismiss", |
|
61 |
62 |
$("#result").html(""); |
$("#result").html(""); |
62 |
63 |
} |
} |
63 |
64 |
else { |
else { |
64 |
|
$("#result").html("<div class='alert alert-danger'>" + result.errors + "</div>"); |
|
|
65 |
|
$("#result").html("<div class='alert alert-danger'>" + result.errors.join("<br/>") + "</div>"); |
65 |
66 |
} |
} |
66 |
67 |
}, |
}, |
67 |
68 |
error : function(xhr, status, error) { |
error : function(xhr, status, error) { |
68 |
|
$("#result").html("<div class='alert alert-danger'>An internal error has occured.<br/>Please try again later.</div>"); |
|
|
69 |
|
//$("#result").html("<div class='alert alert-danger'>An internal error has occured.<br/>Please try again later.</div>"); |
|
70 |
|
$("#result").html(xhr.responseText) |
69 |
71 |
} |
} |
70 |
72 |
}); |
}); |
71 |
73 |
} |
} |
File resources/views/Signup.blade.php copied from file resources/views/Login.blade.php (similarity 50%) (mode: 100644) (index c284080..613987c) |
2 |
2 |
<div class="row"> |
<div class="row"> |
3 |
3 |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
<div class="col-xs-2 col-sm-2 col-md-3 col-lg-3"></div> |
4 |
4 |
<div class="col-xs-8 col-sm-8 col-md-6 col-lg-6 border border-dark rounded"> |
<div class="col-xs-8 col-sm-8 col-md-6 col-lg-6 border border-dark rounded"> |
5 |
|
<h2 class="text-center">Login to your account</h2> |
|
|
5 |
|
<h2 class="text-center">Signup for an account</h2> |
6 |
6 |
<br/> |
<br/> |
7 |
|
<form id="login-form"> |
|
|
7 |
|
<form id="signup-form"> |
|
8 |
|
<div class="form-group"> |
|
9 |
|
<div class="row"> |
|
10 |
|
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
|
11 |
|
<p>Pick a username:</p> |
|
12 |
|
</div> |
|
13 |
|
<div class="col-xs-6 col-sm-6 col-md-7 col-lg-7"> |
|
14 |
|
<input type="text" class="form-control" id="username"> |
|
15 |
|
</div> |
|
16 |
|
</div> |
|
17 |
|
</div> |
|
18 |
|
|
8 |
19 |
<div class="form-group"> |
<div class="form-group"> |
9 |
20 |
<div class="row"> |
<div class="row"> |
10 |
21 |
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
|
19 |
30 |
<div class="form-group"> |
<div class="form-group"> |
20 |
31 |
<div class="row"> |
<div class="row"> |
21 |
32 |
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
22 |
|
<p>Enter your password:</p> |
|
|
33 |
|
<p>Enter a password:</p> |
23 |
34 |
</div> |
</div> |
24 |
35 |
<div class="col-xs-6 col-sm-6 col-md-7 col-lg-7"> |
<div class="col-xs-6 col-sm-6 col-md-7 col-lg-7"> |
25 |
36 |
<input type="password" class="form-control" id="password"> |
<input type="password" class="form-control" id="password"> |
|
27 |
38 |
</div> |
</div> |
28 |
39 |
</div> |
</div> |
29 |
40 |
|
|
30 |
|
<button class="btn btn-block btn-dark">Login</button> |
|
|
41 |
|
<div class="form-group"> |
|
42 |
|
<div class="row"> |
|
43 |
|
<div class="col-xs-6 col-sm-6 col-md-5 col-lg-5"> |
|
44 |
|
<p>Confirm your password:</p> |
|
45 |
|
</div> |
|
46 |
|
<div class="col-xs-6 col-sm-6 col-md-7 col-lg-7"> |
|
47 |
|
<input type="password" class="form-control" id="password-confirmation"> |
|
48 |
|
</div> |
|
49 |
|
</div> |
|
50 |
|
</div> |
|
51 |
|
|
|
52 |
|
<p class="text-center">By clicking signup you state that you agree to <a href="{{ URL::to('/terms-of-service') }}" target="_blank">terms of service</a></p> |
|
53 |
|
<button type="submit" class="btn btn-block btn-dark">Signup</button> |
31 |
54 |
<br/> |
<br/> |
32 |
55 |
<div id="result"></div> |
<div id="result"></div> |
33 |
56 |
</form> |
</form> |
|
36 |
59 |
</div> |
</div> |
37 |
60 |
<br/> |
<br/> |
38 |
61 |
</div> |
</div> |
39 |
|
|
|
40 |
62 |
<script> |
<script> |
41 |
63 |
$(document).ready(function() { |
$(document).ready(function() { |
42 |
|
$("#login-form").on("submit", function(e) { |
|
|
64 |
|
$("#signup-form").on("submit", function(e) { |
43 |
65 |
e.preventDefault(); |
e.preventDefault(); |
44 |
|
var Email = $("#email").val(); |
|
45 |
|
var Password = $("#password").val(); |
|
|
66 |
|
var Username = $("#username").val(); |
|
67 |
|
var Email = $("#email").val(); |
|
68 |
|
var Password = $("#password").val(); |
|
69 |
|
var PasswordConfirmation = $("#password-confirmation").val(); |
46 |
70 |
|
|
|
71 |
|
var UsernamePattern = /^([A-Za-z0-9_]){6,20}$/; |
47 |
72 |
var EmailPattern = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; |
var EmailPattern = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; |
48 |
|
var PasswordPattern = /^([\S\s]){8,}$/; |
|
|
73 |
|
var PasswordPattern = /^([\S\s]){8,1024}$/; |
49 |
74 |
var IsValid = true; |
var IsValid = true; |
50 |
75 |
var Message = ""; |
var Message = ""; |
51 |
76 |
|
|
|
77 |
|
if (!UsernamePattern.test(Username)) { |
|
78 |
|
IsValid = false; |
|
79 |
|
Message += "Username cannot be empty, and must only contain alphanumeric characters and underscore, also it must be between 6 and 20 characters in length.<br>" |
|
80 |
|
} |
|
81 |
|
|
52 |
82 |
if (!EmailPattern.test(Email)) { |
if (!EmailPattern.test(Email)) { |
53 |
83 |
IsValid = false; |
IsValid = false; |
54 |
84 |
Message += "E-mail cannot be empty, and must be formatted correctly.<br>"; |
Message += "E-mail cannot be empty, and must be formatted correctly.<br>"; |
|
59 |
89 |
Message += "Password must be at least 8 characters in length.<br>"; |
Message += "Password must be at least 8 characters in length.<br>"; |
60 |
90 |
} |
} |
61 |
91 |
|
|
|
92 |
|
if (PasswordConfirmation !== Password) { |
|
93 |
|
IsValid = false; |
|
94 |
|
Message += "The password and its confirmation doesn't match.<br>"; |
|
95 |
|
} |
|
96 |
|
|
62 |
97 |
if (!IsValid) { |
if (!IsValid) { |
63 |
98 |
Message = "<div class='alert alert-danger'>" + Message + "</div>"; |
Message = "<div class='alert alert-danger'>" + Message + "</div>"; |
64 |
99 |
$("#result").html(Message); |
$("#result").html(Message); |
65 |
100 |
} |
} |
66 |
101 |
else { |
else { |
|
102 |
|
$("#result").html("<div class='alert alert-info'>Please wait while we register you ...</div>"); |
67 |
103 |
$.ajax({ |
$.ajax({ |
68 |
104 |
type : "POST", |
type : "POST", |
69 |
|
url : "{{ URL::to('login') }}", |
|
|
105 |
|
url : "{{ URL::to('/signup') }}", |
70 |
106 |
data : { |
data : { |
71 |
107 |
"_token" : window.CSRFHashToken, |
"_token" : window.CSRFHashToken, |
|
108 |
|
"username" : Username, |
72 |
109 |
"email" : Email, |
"email" : Email, |
73 |
110 |
"password" : Password, |
"password" : Password, |
|
111 |
|
"password-confirmation" : PasswordConfirmation |
74 |
112 |
}, |
}, |
75 |
113 |
success : function(result, status, xhr) { |
success : function(result, status, xhr) { |
76 |
|
if ("errors" in result) { |
|
77 |
|
if (Array.isArray(result.errors)) { |
|
78 |
|
$("#result").html("<div class='alert alert-danger'>" + result.errors.join("<br/>") + "</div>"); |
|
79 |
|
} |
|
80 |
|
else { |
|
81 |
|
$("#result").html("<div class='alert alert-danger'>" + result.errors + "</div>") |
|
82 |
|
} |
|
|
114 |
|
var Response = result; |
|
115 |
|
if ("success" in result) { |
|
116 |
|
$("#result").html("<div class='alert alert-sucess'>" + result.success.join("<br/>") + "</div>"); |
83 |
117 |
} |
} |
84 |
118 |
else { |
else { |
85 |
|
$("#result").html("<div class='alert alert-success'>" + result.success + "</div>"); |
|
|
119 |
|
$("#result").html("<div class='alert alert-danger'>" + result.errors.join("<br/>") + "</div>"); |
86 |
120 |
} |
} |
87 |
121 |
}, |
}, |
88 |
122 |
error : function(xhr, status, error) { |
error : function(xhr, status, error) { |
89 |
|
$("#result").html("<div class='alert alert-danger'>An internal error has occured.<br>Please try again later.</div>") |
|
|
123 |
|
$("#result").html("<div class='alert alert-danger'>An internal error has occured.<br>Please try again later.</div>"); |
90 |
124 |
} |
} |
91 |
125 |
}); |
}); |
92 |
126 |
} |
} |