#25: Implemented support for Poniverse email address updates.

This commit is contained in:
Peter Deltchev 2016-12-29 08:46:31 -08:00
parent ab9dd7a1eb
commit 0677d93e89
5 changed files with 83 additions and 4 deletions

View file

@ -23,11 +23,11 @@ namespace Poniverse\Ponyfm\Http\Controllers;
use Carbon\Carbon; use Carbon\Carbon;
use Illuminate\Support\Facades\Input; use Illuminate\Support\Facades\Input;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException; use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use Log; use Log;
use Poniverse\Lib\Client; use Poniverse\Lib\Client;
use Poniverse\Ponyfm\Models\User; use Poniverse\Ponyfm\Models\User;
use Auth; use Auth;
use Config;
use DB; use DB;
use Request; use Request;
use Redirect; use Redirect;
@ -117,6 +117,38 @@ class AuthController extends Controller
return $this->loginRedirect($user); return $this->loginRedirect($user);
} }
/**
* Processes requests to update a user's Poniverse information.
*
* @return \Illuminate\Http\JsonResponse
*/
public function postPoniverseAccountSync()
{
$poniverseId = Input::get('id');
$updatedAttribute = Input::get('attribute');
// Only email address updates are supported at this time.
if ('email' !== $updatedAttribute) {
return \Response::json(['message' => 'Unsupported Poniverse account attribute.'], 400);
}
$user = User::wherePoniverseId($poniverseId)->first();
/** @var AccessToken $accessToken */
$accessToken = $user->getAccessToken();
if ($accessToken->hasExpired()) {
$accessToken = $this->poniverse->getOAuthProvider()->getAccessToken('refresh_token', ['refresh_token' => $accessToken->getRefreshToken()]);
$user->setAccessToken($accessToken);
}
/** @var \Poniverse\Lib\Entity\Poniverse\User $newUserData */
$newUserData = $this->poniverse->getOAuthProvider()->getResourceOwner($accessToken);
$user->{$updatedAttribute} = $newUserData->{$updatedAttribute};
$user->save();
return \Response::json(['message' => 'Successfully updated this user!'], 200);
} }
protected function loginRedirect($user, $rememberMe = true) protected function loginRedirect($user, $rememberMe = true)

View file

@ -53,11 +53,9 @@ class Kernel extends HttpKernel
protected $routeMiddleware = [ protected $routeMiddleware = [
'auth' => \Poniverse\Ponyfm\Http\Middleware\Authenticate::class, 'auth' => \Poniverse\Ponyfm\Http\Middleware\Authenticate::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'auth.oauth' => \Poniverse\Ponyfm\Http\Middleware\AuthenticateOAuth::class, 'auth.oauth' => \Poniverse\Ponyfm\Http\Middleware\AuthenticateOAuth::class,
'can' => \Poniverse\Ponyfm\Http\Middleware\Authorize::class, 'can' => \Poniverse\Ponyfm\Http\Middleware\Authorize::class,
'json-exceptions' => \Poniverse\Ponyfm\Http\Middleware\JsonExceptions::class, 'json-exceptions' => \Poniverse\Ponyfm\Http\Middleware\JsonExceptions::class,
//'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class,
'guest' => \Poniverse\Ponyfm\Http\Middleware\RedirectIfAuthenticated::class, 'guest' => \Poniverse\Ponyfm\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
]; ];

View file

@ -30,6 +30,7 @@ class VerifyCsrfToken extends BaseVerifier
* @var array * @var array
*/ */
protected $except = [ protected $except = [
'api/*' 'api/*',
'auth/poniverse-sync'
]; ];
} }

View file

@ -32,6 +32,7 @@ use Illuminate\Database\Eloquent\Relations\MorphMany;
use Illuminate\Foundation\Auth\Access\Authorizable; use Illuminate\Foundation\Auth\Access\Authorizable;
use Auth; use Auth;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use League\OAuth2\Client\Token\AccessToken;
use Poniverse\Ponyfm\Contracts\Commentable; use Poniverse\Ponyfm\Contracts\Commentable;
use Poniverse\Ponyfm\Contracts\Searchable; use Poniverse\Ponyfm\Contracts\Searchable;
use Poniverse\Ponyfm\Traits\IndexedInElasticsearchTrait; use Poniverse\Ponyfm\Traits\IndexedInElasticsearchTrait;
@ -95,6 +96,7 @@ use Venturecraft\Revisionable\RevisionableTrait;
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User whereDisabledAt($value) * @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User whereDisabledAt($value)
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User withEmailSubscriptionFor($activityType) * @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User withEmailSubscriptionFor($activityType)
* @mixin \Eloquent * @mixin \Eloquent
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User wherePoniverseId($poniverseId)
*/ */
class User extends Model implements AuthenticatableContract, CanResetPasswordContract, \Illuminate\Contracts\Auth\Access\Authorizable, Searchable, Commentable class User extends Model implements AuthenticatableContract, CanResetPasswordContract, \Illuminate\Contracts\Auth\Access\Authorizable, Searchable, Commentable
{ {
@ -142,6 +144,51 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
}); });
} }
/**
* Finds a user by their Poniverse account ID.
*
* @param $query
* @param int $poniverseId
* @return mixed
*/
public function scopeWherePoniverseId($query, int $poniverseId) {
return $query
->join('oauth2_tokens', 'users.id', '=', 'oauth2_tokens.user_id')
->select('users.*', 'oauth2_tokens.external_user_id')
->where('oauth2_tokens.external_user_id', '=', $poniverseId);
}
/**
* Gets this user's OAuth access token record.
*
* @return AccessToken
*/
public function getAccessToken():AccessToken {
$accessTokenRecord = DB::table('oauth2_tokens')->where('user_id', '=', $this->id)->first();
return new AccessToken([
'access_token' => $accessTokenRecord->access_token,
'refresh_token' => $accessTokenRecord->refresh_token,
'expires' => $accessTokenRecord->expires,
'resource_owner_id' => $accessTokenRecord->external_user_id,
]);
}
/**
* Updates this user's access token record.
*
* @param AccessToken $accessToken
*/
public function setAccessToken(AccessToken $accessToken) {
DB::table('oauth2_tokens')
->where('user_id', '=', $this->id)
->update([
'access_token' => $accessToken->getToken(),
'refresh_token' => $accessToken->getRefreshToken(),
'expires' => $accessToken->getExpires(),
'resource_owner_id' => $accessToken->getResourceOwnerId(),
]);
}
/** /**
* Takes the given string, slugifies it, and increments a counter if needed * Takes the given string, slugifies it, and increments a counter if needed
* to generate a unique slug version of it. * to generate a unique slug version of it.

View file

@ -54,6 +54,7 @@ Route::get('/register', 'AccountController@getRegister');
Route::get('/login', 'AuthController@getLogin'); Route::get('/login', 'AuthController@getLogin');
Route::post('/auth/logout', 'AuthController@postLogout'); Route::post('/auth/logout', 'AuthController@postLogout');
Route::get('/auth/oauth', 'AuthController@getOAuth'); Route::get('/auth/oauth', 'AuthController@getOAuth');
Route::post('/auth/poniverse-sync', 'AuthController@postPoniverseAccountSync')->middleware('throttle:60,1');
Route::get('/about', function () { Route::get('/about', function () {
return View::make('pages.about'); return View::make('pages.about');