Update Settings, fix regression

app/Http/Controllers/Settings/HomeSettings.php

@@ -38,14 +38,12 @@ trait HomeSettings
         'name'    => 'required|string|max:'.config('pixelfed.max_name_length'),
         'bio'     => 'nullable|string|max:'.config('pixelfed.max_bio_length'),
         'website' => 'nullable|url',
-        'email'   => 'nullable|email',
       ]);
 
         $changes = false;
         $name = strip_tags(Purify::clean($request->input('name')));
         $bio = $request->filled('bio') ? strip_tags(Purify::clean($request->input('bio'))) : null;
         $website = $request->input('website');
-        $email = $request->input('email');
         $user = Auth::user();
         $profile = $user->profile;
         $layout = $request->input('profile_layout');
@@ -55,28 +53,6 @@ trait HomeSettings
 
         $validate = config('pixelfed.enforce_email_verification');
 
-        if ($user->email != $email) {
-            $changes = true;
-            $user->email = $email;
-
-            if ($validate) {
-                $user->email_verified_at = null;
-                // Prevent old verifications from working
-                EmailVerification::whereUserId($user->id)->delete();
-            }
-
-            $log = new AccountLog();
-            $log->user_id = $user->id;
-            $log->item_id = $user->id;
-            $log->item_type = 'App\User';
-            $log->action = 'account.edit.email';
-            $log->message = 'Email changed';
-            $log->link = null;
-            $log->ip_address = $request->ip();
-            $log->user_agent = $request->userAgent();
-            $log->save();
-        }
-
         // Only allow email to be updated if not yet verified
         if (!$validate || !$changes && $user->email_verified_at) {
             if ($profile->name != $name) {
@@ -158,6 +134,52 @@ trait HomeSettings
         return view('settings.email');
     }
 
+    public function emailUpdate(Request $request)
+    {
+        $this->validate($request, [
+            'email'   => 'required|email',
+        ]);
+        $changes = false;
+        $email = $request->input('email');
+        $user = Auth::user();
+        $profile = $user->profile;
+
+        $validate = config('pixelfed.enforce_email_verification');
+
+        if ($user->email != $email) {
+            $changes = true;
+            $user->email = $email;
+
+            if ($validate) {
+                $user->email_verified_at = null;
+                // Prevent old verifications from working
+                EmailVerification::whereUserId($user->id)->delete();
+            }
+
+            $log = new AccountLog();
+            $log->user_id = $user->id;
+            $log->item_id = $user->id;
+            $log->item_type = 'App\User';
+            $log->action = 'account.edit.email';
+            $log->message = 'Email changed';
+            $log->link = null;
+            $log->ip_address = $request->ip();
+            $log->user_agent = $request->userAgent();
+            $log->save();
+        }
+
+        if ($changes === true) {
+            Cache::forget('user:account:id:'.$user->id);
+            $user->save();
+            $profile->save();
+
+            return redirect('/settings/home')->with('status', 'Email successfully updated!');
+        } else {
+            return redirect('/settings/email');
+        }
+
+    }
+
     public function avatar()
     {
         return view('settings.avatar');

resources/views/settings/email.blade.php

@@ -6,7 +6,7 @@
     <h3 class="font-weight-bold">Email Settings</h3>
   </div>
   <hr>
-  <form method="post" action="{{route('settings')}}">
+  <form method="post" action="{{route('settings.email')}}">
     @csrf
     <input type="hidden" class="form-control" name="name" value="{{Auth::user()->profile->name}}">
     <input type="hidden" class="form-control" name="username" value="{{Auth::user()->profile->username}}">

routes/web.php

@@ -175,6 +175,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
         Route::get('password', 'SettingsController@password')->name('settings.password')->middleware('dangerzone');
         Route::post('password', 'SettingsController@passwordUpdate')->middleware('dangerzone');
         Route::get('email', 'SettingsController@email')->name('settings.email');
+        Route::post('email', 'SettingsController@emailUpdate');
         Route::get('notifications', 'SettingsController@notifications')->name('settings.notifications');
         Route::get('privacy', 'SettingsController@privacy')->name('settings.privacy');
         Route::post('privacy', 'SettingsController@privacyStore');