mirror of
https://github.com/pelican-dev/panel.git
synced 2025-10-31 01:56:52 +01:00
70c31eef8f
* remove AccountTransformer and update UserTransformer (client api) to match UserTransformer (application api) * rename "toVueObject" * fix tests * forgot to rename this * backwards compat * fix tests
76 lines
2.5 KiB
PHP
76 lines
2.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\Client;
|
|
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\Response;
|
|
use Illuminate\Auth\AuthManager;
|
|
use Illuminate\Http\JsonResponse;
|
|
use App\Facades\Activity;
|
|
use App\Services\Users\UserUpdateService;
|
|
use App\Http\Requests\Api\Client\Account\UpdateEmailRequest;
|
|
use App\Http\Requests\Api\Client\Account\UpdatePasswordRequest;
|
|
use App\Transformers\Api\Client\UserTransformer;
|
|
|
|
class AccountController extends ClientApiController
|
|
{
|
|
/**
|
|
* AccountController constructor.
|
|
*/
|
|
public function __construct(private AuthManager $manager, private UserUpdateService $updateService)
|
|
{
|
|
parent::__construct();
|
|
}
|
|
|
|
public function index(Request $request): array
|
|
{
|
|
return $this->fractal->item($request->user())
|
|
->transformWith($this->getTransformer(UserTransformer::class))
|
|
->toArray();
|
|
}
|
|
|
|
/**
|
|
* Update the authenticated user's email address.
|
|
*/
|
|
public function updateEmail(UpdateEmailRequest $request): JsonResponse
|
|
{
|
|
$original = $request->user()->email;
|
|
$this->updateService->handle($request->user(), $request->validated());
|
|
|
|
if ($original !== $request->input('email')) {
|
|
Activity::event('user:account.email-changed')
|
|
->property(['old' => $original, 'new' => $request->input('email')])
|
|
->log();
|
|
}
|
|
|
|
return new JsonResponse([], Response::HTTP_NO_CONTENT);
|
|
}
|
|
|
|
/**
|
|
* Update the authenticated user's password. All existing sessions will be logged
|
|
* out immediately.
|
|
*
|
|
* @throws \Throwable
|
|
*/
|
|
public function updatePassword(UpdatePasswordRequest $request): JsonResponse
|
|
{
|
|
$user = $this->updateService->handle($request->user(), $request->validated());
|
|
|
|
$guard = $this->manager->guard();
|
|
// If you do not update the user in the session you'll end up working with a
|
|
// cached copy of the user that does not include the updated password. Do this
|
|
// to correctly store the new user details in the guard and allow the logout
|
|
// other devices functionality to work.
|
|
$guard->setUser($user);
|
|
|
|
// This method doesn't exist in the stateless Sanctum world.
|
|
if (method_exists($guard, 'logoutOtherDevices')) {
|
|
$guard->logoutOtherDevices($request->input('password'));
|
|
}
|
|
|
|
Activity::event('user:account.password-changed')->log();
|
|
|
|
return new JsonResponse([], Response::HTTP_NO_CONTENT);
|
|
}
|
|
}
|