mirror of
https://github.com/Poniverse/Pony.fm.git
synced 2024-11-25 06:27:59 +01:00
#25: Implemented support for Poniverse email address updates.
This commit is contained in:
parent
ab9dd7a1eb
commit
0677d93e89
5 changed files with 83 additions and 4 deletions
|
@ -23,11 +23,11 @@ namespace Poniverse\Ponyfm\Http\Controllers;
|
|||
use Carbon\Carbon;
|
||||
use Illuminate\Support\Facades\Input;
|
||||
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
|
||||
use League\OAuth2\Client\Token\AccessToken;
|
||||
use Log;
|
||||
use Poniverse\Lib\Client;
|
||||
use Poniverse\Ponyfm\Models\User;
|
||||
use Auth;
|
||||
use Config;
|
||||
use DB;
|
||||
use Request;
|
||||
use Redirect;
|
||||
|
@ -117,6 +117,38 @@ class AuthController extends Controller
|
|||
|
||||
return $this->loginRedirect($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Processes requests to update a user's Poniverse information.
|
||||
*
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function postPoniverseAccountSync()
|
||||
{
|
||||
$poniverseId = Input::get('id');
|
||||
$updatedAttribute = Input::get('attribute');
|
||||
|
||||
// Only email address updates are supported at this time.
|
||||
if ('email' !== $updatedAttribute) {
|
||||
return \Response::json(['message' => 'Unsupported Poniverse account attribute.'], 400);
|
||||
}
|
||||
|
||||
$user = User::wherePoniverseId($poniverseId)->first();
|
||||
/** @var AccessToken $accessToken */
|
||||
$accessToken = $user->getAccessToken();
|
||||
|
||||
if ($accessToken->hasExpired()) {
|
||||
$accessToken = $this->poniverse->getOAuthProvider()->getAccessToken('refresh_token', ['refresh_token' => $accessToken->getRefreshToken()]);
|
||||
$user->setAccessToken($accessToken);
|
||||
}
|
||||
|
||||
/** @var \Poniverse\Lib\Entity\Poniverse\User $newUserData */
|
||||
$newUserData = $this->poniverse->getOAuthProvider()->getResourceOwner($accessToken);
|
||||
|
||||
$user->{$updatedAttribute} = $newUserData->{$updatedAttribute};
|
||||
$user->save();
|
||||
|
||||
return \Response::json(['message' => 'Successfully updated this user!'], 200);
|
||||
}
|
||||
|
||||
protected function loginRedirect($user, $rememberMe = true)
|
||||
|
|
|
@ -53,11 +53,9 @@ class Kernel extends HttpKernel
|
|||
protected $routeMiddleware = [
|
||||
'auth' => \Poniverse\Ponyfm\Http\Middleware\Authenticate::class,
|
||||
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||
'can' => \Illuminate\Auth\Middleware\Authorize::class,
|
||||
'auth.oauth' => \Poniverse\Ponyfm\Http\Middleware\AuthenticateOAuth::class,
|
||||
'can' => \Poniverse\Ponyfm\Http\Middleware\Authorize::class,
|
||||
'json-exceptions' => \Poniverse\Ponyfm\Http\Middleware\JsonExceptions::class,
|
||||
//'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class,
|
||||
'guest' => \Poniverse\Ponyfm\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
|
||||
];
|
||||
|
|
|
@ -30,6 +30,7 @@ class VerifyCsrfToken extends BaseVerifier
|
|||
* @var array
|
||||
*/
|
||||
protected $except = [
|
||||
'api/*'
|
||||
'api/*',
|
||||
'auth/poniverse-sync'
|
||||
];
|
||||
}
|
||||
|
|
|
@ -32,6 +32,7 @@ use Illuminate\Database\Eloquent\Relations\MorphMany;
|
|||
use Illuminate\Foundation\Auth\Access\Authorizable;
|
||||
use Auth;
|
||||
use Illuminate\Support\Str;
|
||||
use League\OAuth2\Client\Token\AccessToken;
|
||||
use Poniverse\Ponyfm\Contracts\Commentable;
|
||||
use Poniverse\Ponyfm\Contracts\Searchable;
|
||||
use Poniverse\Ponyfm\Traits\IndexedInElasticsearchTrait;
|
||||
|
@ -95,6 +96,7 @@ use Venturecraft\Revisionable\RevisionableTrait;
|
|||
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User whereDisabledAt($value)
|
||||
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User withEmailSubscriptionFor($activityType)
|
||||
* @mixin \Eloquent
|
||||
* @method static \Illuminate\Database\Query\Builder|\Poniverse\Ponyfm\Models\User wherePoniverseId($poniverseId)
|
||||
*/
|
||||
class User extends Model implements AuthenticatableContract, CanResetPasswordContract, \Illuminate\Contracts\Auth\Access\Authorizable, Searchable, Commentable
|
||||
{
|
||||
|
@ -142,6 +144,51 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
|
|||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds a user by their Poniverse account ID.
|
||||
*
|
||||
* @param $query
|
||||
* @param int $poniverseId
|
||||
* @return mixed
|
||||
*/
|
||||
public function scopeWherePoniverseId($query, int $poniverseId) {
|
||||
return $query
|
||||
->join('oauth2_tokens', 'users.id', '=', 'oauth2_tokens.user_id')
|
||||
->select('users.*', 'oauth2_tokens.external_user_id')
|
||||
->where('oauth2_tokens.external_user_id', '=', $poniverseId);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets this user's OAuth access token record.
|
||||
*
|
||||
* @return AccessToken
|
||||
*/
|
||||
public function getAccessToken():AccessToken {
|
||||
$accessTokenRecord = DB::table('oauth2_tokens')->where('user_id', '=', $this->id)->first();
|
||||
return new AccessToken([
|
||||
'access_token' => $accessTokenRecord->access_token,
|
||||
'refresh_token' => $accessTokenRecord->refresh_token,
|
||||
'expires' => $accessTokenRecord->expires,
|
||||
'resource_owner_id' => $accessTokenRecord->external_user_id,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates this user's access token record.
|
||||
*
|
||||
* @param AccessToken $accessToken
|
||||
*/
|
||||
public function setAccessToken(AccessToken $accessToken) {
|
||||
DB::table('oauth2_tokens')
|
||||
->where('user_id', '=', $this->id)
|
||||
->update([
|
||||
'access_token' => $accessToken->getToken(),
|
||||
'refresh_token' => $accessToken->getRefreshToken(),
|
||||
'expires' => $accessToken->getExpires(),
|
||||
'resource_owner_id' => $accessToken->getResourceOwnerId(),
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Takes the given string, slugifies it, and increments a counter if needed
|
||||
* to generate a unique slug version of it.
|
||||
|
|
|
@ -54,6 +54,7 @@ Route::get('/register', 'AccountController@getRegister');
|
|||
Route::get('/login', 'AuthController@getLogin');
|
||||
Route::post('/auth/logout', 'AuthController@postLogout');
|
||||
Route::get('/auth/oauth', 'AuthController@getOAuth');
|
||||
Route::post('/auth/poniverse-sync', 'AuthController@postPoniverseAccountSync')->middleware('throttle:60,1');
|
||||
|
||||
Route::get('/about', function () {
|
||||
return View::make('pages.about');
|
||||
|
|
Loading…
Reference in a new issue