Merge remote-tracking branch 'origin/email-verification'

# Conflicts:
#	composer.lock
#	public/mix-manifest.json
#	tests/TestCase.php

app/Actions/Fortify/CreateNewUser.php

@@ -1,61 +0,0 @@
-<?php
-namespace App\Actions\Fortify;
-
-use App\Models\User;
-use App\Models\Setting;
-use App\Models\UserSettings;
-use Illuminate\Validation\Rule;
-use Illuminate\Support\Facades\Validator;
-use Laravel\Fortify\Contracts\CreatesNewUsers;
-
-class CreateNewUser implements CreatesNewUsers
-{
-    use PasswordValidationRules;
-
-    /**
-     * Validate and create a newly registered user.
-     *
-     * @param array $input
-     * @return \App\Models\User
-     */
-    public function create(array $input)
-    {
-        $settings = Setting::whereIn('name', ['storage_default', 'registration'])
-            ->pluck('value', 'name');
-
-        // Check if account registration is enabled
-        if (! intval($settings['registration'])) {
-            abort(401);
-        }
-
-        Validator::make($input, [
-            'name' => ['required', 'string', 'max:255'],
-            'email' => [
-                'required',
-                'string',
-                'email',
-                'max:255',
-                Rule::unique(User::class),
-            ],
-            'password' => $this->passwordRules(),
-        ])->validate();
-
-        $user = User::create([
-            'email' => $input['email'],
-            'password' => bcrypt($input['password']),
-        ]);
-
-        UserSettings::unguard();
-
-        $user
-            ->settings()
-            ->create([
-                'name' => $input['name'],
-                'storage_capacity' => $settings['storage_default'],
-            ]);
-
-        UserSettings::reguard();
-
-        return $user;
-    }
-}

app/Actions/Fortify/CreateNewUserAction.php

@@ -0,0 +1,79 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Models\Setting;
+use App\Models\UserSettings;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Validation\Rule;
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Contracts\Auth\StatefulGuard;
+
+class CreateNewUserAction extends Controller
+{
+    use PasswordValidationRules;
+
+    public function __construct(
+        protected StatefulGuard $guard
+    ) {}
+
+    /**
+     * Validate and create a newly registered user.
+     */
+    public function __invoke(Request $request): Response
+    {
+        $settings = Setting::whereIn('name', [
+            'storage_default', 'registration'
+        ])
+            ->pluck('value', 'name');
+
+        // Check if account registration is enabled
+        if (!intval($settings['registration'])) {
+            abort(401);
+        }
+
+        Validator::make($request->all(), [
+            'name'     => ['required', 'string', 'max:255'],
+            'email'    => [
+                'required',
+                'string',
+                'email',
+                'max:255',
+                Rule::unique(User::class),
+            ],
+            'password' => $this->passwordRules(),
+        ])->validate();
+
+        $user = User::create([
+            'email'    => $request->email,
+            'password' => bcrypt($request->password),
+        ]);
+
+        UserSettings::unguard();
+
+        $user
+            ->settings()
+            ->create([
+                'name'             => $request->name,
+                'storage_capacity' => $settings['storage_default'],
+            ]);
+
+        if (!get_setting('user_verification')) {
+            $user->markEmailAsVerified();
+        }
+
+        UserSettings::reguard();
+
+        event(new Registered($user));
+
+        if (!get_setting('user_verification')) {
+            $this->guard->login($user);
+        }
+
+        return response('User registered successfully', 201);
+    }
+}

app/Console/Commands/SetupDevEnvironment.php

@@ -90,6 +90,7 @@ class SetupDevEnvironment extends Command
             'role' => 'admin',
             'email' => 'howdy@hi5ve.digital',
             'password' => bcrypt('vuefilemanager'),
+            'email_verified_at' => now(),
         ]);
 
         $user
@@ -130,6 +131,7 @@ class SetupDevEnvironment extends Command
                 'role' => 'user',
                 'email' => $this->faker->email,
                 'password' => bcrypt('vuefilemanager'),
+                'email_verified_at' => now(),
             ]);
 
             $newbie
@@ -791,6 +793,10 @@ class SetupDevEnvironment extends Command
                 'name' => 'registration',
                 'value' => 1,
             ],
+            [
+                'name' => 'user_verification',
+                'value' => 1,
+            ],
             [
                 'name' => 'payments_active',
                 'value' => 1,

app/Console/Commands/SetupProdEnvironment.php

@@ -112,6 +112,10 @@ class SetupProdEnvironment extends Command
                 'name' => 'registration',
                 'value' => 0,
             ],
+            [
+                'name' => 'user_verification',
+                'value' => 1,
+            ],
             [
                 'name' => 'storage_limitation',
                 'value' => 1,
@@ -181,6 +185,8 @@ class SetupProdEnvironment extends Command
             'role' => 'admin',
             'email' => 'howdy@hi5ve.digital',
             'password' => bcrypt('vuefilemanager'),
+            'email_verified_at' => now(),
+
         ]);
 
         $user

app/Console/Kernel.php

@@ -41,6 +41,10 @@ class Kernel extends ConsoleKernel
             }
         })->everySixHours();
 
+        $schedule->call(function () use ($scheduler) {
+            $scheduler->delete_unverified_users();
+        })->daily();
+
         // Run queue jobs every minute
         $schedule->command('queue:work --stop-when-empty')
             ->everyMinute()

app/Http/Controllers/Admin/UserController.php

@@ -180,6 +180,7 @@ class UserController extends Controller
             'role' => $request->role,
             'email' => $request->email,
             'password' => bcrypt($request->password),
+            'email_verified_at' => now(),
         ]);
 
         UserSettings::unguard();

app/Http/Controllers/App/SetupWizardController.php

@@ -412,6 +412,7 @@ class SetupWizardController extends Controller
             'role' => 'admin',
             'email' => $request->email,
             'password' => bcrypt($request->password),
+            'email_verified_at' => now(),
         ]);
 
         $user

app/Http/Controllers/Auth/AuthController.php

@@ -26,6 +26,7 @@ class AuthController extends Controller
         return [
             'name' => $user->settings->name,
             'avatar' => $user->settings->avatar,
+            'verified' => $user->email_verified_at ? true : false
         ];
     }
 }

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -1,10 +1,10 @@
 <?php
 namespace App\Http\Controllers\Auth;
 
+use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use Illuminate\Support\Facades\Lang;
-use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 
 class ForgotPasswordController extends Controller
 {

app/Http/Controllers/User/AccountController.php

@@ -1,16 +1,23 @@
 <?php
+
 namespace App\Http\Controllers\User;
 
+use App\Models\User;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use App\Services\DemoService;
 use App\Http\Controllers\Controller;
 use App\Http\Resources\UserResource;
+use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
 use App\Http\Resources\InvoiceCollection;
 use Illuminate\Support\Facades\Validator;
 use App\Http\Resources\UserStorageResource;
 use Illuminate\Contracts\Routing\ResponseFactory;
 use App\Http\Requests\User\UpdateUserPasswordRequest;
+use App\Http\Requests\User\UserCreateAccessTokenRequest;
+use Illuminate\Support\Str;
+use Laravel\Sanctum\PersonalAccessToken;
 
 class AccountController extends Controller
 {
@@ -70,8 +77,8 @@ class AccountController extends Controller
         // TODO: pridat validator do requestu
         $validator = Validator::make($request->all(), [
             'avatar' => 'sometimes|file',
-            'name' => 'string',
-            'value' => 'string',
+            'name'   => 'string',
+            'value'  => 'string',
         ]);
 
         // Return error
@@ -125,4 +132,75 @@ class AccountController extends Controller
 
         return response('Changed!', 204);
     }
+
+    /**
+     * Get all user tokens
+     */
+    public function tokens(): Response
+    {
+        return response(
+            Auth::user()->tokens()->get(),
+            200
+        );
+    }
+
+    public function create_token(UserCreateAccessTokenRequest $request): Response
+    {
+        // Check if is demo
+        abort_if(is_demo_account('howdy@hi5ve.digital'), 201, [
+            "name"           => "token",
+            "token"          => Str::random(40),
+            "abilities"      => '["*"]',
+            "tokenable_id"   => Str::uuid(),
+            "updated_at"     => now(),
+            "created_at"     => now(),
+            "id"             => Str::random(40),
+        ]);
+
+        $token = Auth::user()->createToken($request->input('name'));
+
+        return response($token, 201);
+    }
+
+    public function revoke_token(PersonalAccessToken $token): Response
+    {
+        // Check if is demo
+        abort_if(is_demo_account('howdy@hi5ve.digital'), 204, 'Deleted!');
+
+        if (Auth::id() !== $token->tokenable_id) {
+            return response('Unauthorized', 401);
+        }
+
+        $token->delete();
+
+        return response('Deleted!', 204);
+    }
+
+    public function email_verification(string $id, Request $request): RedirectResponse|Response
+    {
+        if (!$request->hasValidSignature()) {
+            return response("Invalid or expired url provided.", 401);
+        }
+
+        $user = User::find($id);
+
+        if (!$user->hasVerifiedEmail()) {
+            $user->markEmailAsVerified();
+        }
+
+        return redirect()->to('/successfully-verified');
+    }
+
+    public function resend_verification_email(Request $request): Response
+    {
+        $user = User::whereEmail($request->input('email'))->first();
+
+        if ($user->hasVerifiedEmail()) {
+            return response("Email was already verified.", 204);
+        }
+
+        $user->sendEmailVerificationNotification();
+
+        return response("Email verification link sent to your email", 204);
+    }
 }

app/Http/Requests/User/UserCreateAccessTokenRequest.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests\User;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UserCreateAccessTokenRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required|string|min:3',
+        ];
+    }
+}

app/Models/User.php

@@ -13,8 +13,9 @@ use Illuminate\Support\Facades\Storage;
 use Illuminate\Notifications\Notifiable;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
 
-class User extends Authenticatable
+class User extends Authenticatable implements MustVerifyEmail
 {
     use Notifiable, Billable, Sortable, HasFactory, HasApiTokens;
 

app/Providers/FortifyServiceProvider.php

@@ -3,7 +3,7 @@ namespace App\Providers;
 
 use Illuminate\Http\Request;
 use Laravel\Fortify\Fortify;
-use App\Actions\Fortify\CreateNewUser;
+use App\Actions\Fortify\CreateNewUserAction;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Cache\RateLimiting\Limit;
 use App\Actions\Fortify\ResetUserPassword;
@@ -29,7 +29,6 @@ class FortifyServiceProvider extends ServiceProvider
      */
     public function boot()
     {
-        Fortify::createUsersUsing(CreateNewUser::class);
         Fortify::updateUserProfileInformationUsing(UpdateUserProfileInformation::class);
         Fortify::updateUserPasswordsUsing(UpdateUserPassword::class);
         Fortify::resetUserPasswordsUsing(ResetUserPassword::class);

app/Providers/RouteServiceProvider.php

@@ -13,7 +13,7 @@ class RouteServiceProvider extends ServiceProvider
      *
      * @var string
      */
-    protected $namespace = 'App\Http\Controllers';
+    protected $namespace = null;
 
     /**
      * The path to the "home" route for your application.
@@ -22,16 +22,6 @@ class RouteServiceProvider extends ServiceProvider
      */
     public const HOME = '/home';
 
-    /**
-     * Define your route model bindings, pattern filters, etc.
-     *
-     * @return void
-     */
-    public function boot()
-    {
-        parent::boot();
-    }
-
     /**
      * Define the routes for the application.
      *

app/Services/SchedulerService.php

@@ -3,6 +3,7 @@ namespace App\Services;
 
 use Carbon\Carbon;
 use App\Models\Zip;
+use App\Models\User;
 use App\Models\Share;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Storage;
@@ -74,4 +75,15 @@ class SchedulerService
             }
         });
     }
+
+    /**
+     * Delete unverified users older than 30 days
+     */
+    public function delete_unverified_users(): void
+    {
+        User::where('created_at', '<=', now()->subDays(30)->toDateString())
+            ->where('email_verified_at', null)
+            ->get()
+            ->each(fn ($user) => $user->delete());
+    }
 }