Merge pull request #454 from pixelfed/frontend-ui-refactor

Frontend ui refactor

app/Http/Controllers/AccountController.php

@@ -278,4 +278,24 @@ class AccountController extends Controller
 
         return response()->json(['msg' => 'success'], 200);
     }
+
+    public function sudoMode(Request $request)
+    {
+        return view('auth.sudo');
+    }
+
+    public function sudoModeVerify(Request $request)
+    {
+        $this->validate($request, [
+            'password' => 'required|string|max:500'
+        ]);
+        $user = Auth::user();
+        $password = $request->input('password');
+        $next = $request->session()->get('redirectNext', '/');
+        if(password_verify($password, $user->password) === true) {
+            $request->session()->put('sudoMode', time());
+            return redirect($next);
+        }
+        return redirect($next);
+    }
 }

app/Http/Kernel.php

@@ -57,6 +57,7 @@ class Kernel extends HttpKernel
         'bindings'      => \Illuminate\Routing\Middleware\SubstituteBindings::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can'           => \Illuminate\Auth\Middleware\Authorize::class,
+        'dangerzone'    => \App\Http\Middleware\DangerZone::class,
         'guest'         => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'signed'        => \Illuminate\Routing\Middleware\ValidateSignature::class,
         'throttle'      => \Illuminate\Routing\Middleware\ThrottleRequests::class,

app/Http/Middleware/DangerZone.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App, Auth, Closure;
+use Carbon\Carbon;
+
+class DangerZone
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if(!Auth::check()) {
+            return redirect(route('login'));
+        }
+        if(!$request->is('i/auth/sudo')) {
+            if( !$request->session()->has('sudoMode') ) {
+                $request->session()->put('redirectNext', $request->url());
+                return redirect('/i/auth/sudo');
+            } 
+            if( $request->session()->get('sudoMode') < Carbon::now()->subMinutes(30)->timestamp ) {
+                $request->session()->put('redirectNext', $request->url());
+                return redirect('/i/auth/sudo');
+            } 
+        }
+        return $next($request);
+    }
+}

app/ImportJob.php

@@ -6,5 +6,19 @@ use Illuminate\Database\Eloquent\Model;
 
 class ImportJob extends Model
 {
-    //
+    public function url()
+    {
+    	return url("/i/import/job/{$this->uuid}/{$this->stage}");
+    }
+
+    public function files()
+    {
+    	return $this->hasMany(ImportData::class, 'job_id');
+    }
+
+    public function mediaJson()
+    {
+    	$path = storage_path("app/$this->media_json");
+    	return json_decode(file_get_contents($path), true);
+    }
 }

database/migrations/2018_09_10_024252_update_import_datas_table.php

@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class UpdateImportDatasTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('import_datas', function (Blueprint $table) {
+            $table->bigInteger('job_id')->unsigned()->nullable()->after('profile_id');
+            $table->string('original_name')->nullable()->after('stage');
+            $table->boolean('import_accepted')->default(false)->nullable()->after('original_name');
+            $table->unique(['job_id', 'original_name']);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}

resources/views/auth/sudo.blade.php

@@ -0,0 +1,49 @@
+@extends('layouts.blank')
+
+@section('content')
+<div class="container mt-5">
+    <div class="row justify-content-center">
+        <div class="col-lg-5">
+            <div class="text-center">
+                <img src="/img/pixelfed-icon-color.svg" height="60px">
+                <p class="font-weight-light h3 py-4">Confirm password to continue</p>
+            </div>
+            <div class="card">
+                <div class="card-body">
+                    <form method="POST">
+                        @csrf
+
+                        <div class="form-group row">
+
+                            <div class="col-md-12">
+                                <input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{__('Password')}}" required>
+
+                                @if ($errors->has('password'))
+                                    <span class="invalid-feedback">
+                                        <strong>{{ $errors->first('password') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+
+                        @if(config('pixelfed.recaptcha'))
+                        <div class="row my-3">
+                            {!! Recaptcha::render() !!}
+                        </div>
+                        @endif
+
+                        <div class="form-group row mb-0">
+                            <div class="col-md-12">
+                                <button type="submit" class="btn btn-success btn-block  font-weight-bold">
+                                    {{ __('Confirm Password') }}
+                                </button>
+
+                            </div>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+@endsection

resources/views/errors/403.blade.php

@@ -4,8 +4,9 @@
 <div class="container">
   <div class="error-page py-5 my-5">
     <div class="card mx-5">
-      <div class="card-body p-5">
-        <h1 class="text-center">403 – Forbidden</h1>
+      <div class="card-body p-5 text-center">
+        <h1 class="mb-0">403 – Forbidden</h1>
+        <p class="mb-0 text-muted lead">You do not have permission to view this page.</p>
       </div>
     </div>
   </div>

resources/views/errors/404.blade.php

@@ -5,7 +5,7 @@
   <div class="error-page py-5 my-5">
     <div class="card mx-5">
       <div class="card-body p-5 text-center">
-        <h1 class="text-center">404 – Page Not Found</h1>
+        <h1>Page Not Found</h1>
         <img src="/img/fred1.gif" class="img-fluid">
       </div>
     </div>

resources/views/errors/500.blade.php

@@ -0,0 +1,15 @@
+@extends('layouts.app')
+
+@section('content')
+<div class="container">
+  <div class="error-page py-5 my-5">
+    <div class="card mx-5">
+      <div class="card-body p-5 text-center">
+        <h1>Whoops! Something went wrong.</h1>
+        <p class="mb-0 text-muted lead">Please try again, if this error keeps happening please contact an admin.</p>
+        <img src="/img/fred1.gif" class="img-fluid">
+      </div>
+    </div>
+  </div>
+</div>
+@endsection

resources/views/errors/503.blade.php

@@ -5,8 +5,9 @@
   <div class="error-page py-5 my-5">
     <div class="card mx-5">
       <div class="card-body p-5 text-center">
-        <h1>503 – Service Unavailable</h1>
-        <p class="lead mb-0">Our services are overloaded at the moment, please try again later.</p>
+        <h1>Service Unavailable</h1>
+        <p class="mb-0 text-muted lead">Our services are in maintenance mode, please try again later.</p>
+        <img src="/img/fred1.gif" class="img-fluid">
       </div>
     </div>
   </div>

resources/views/layouts/blank.blade.php

@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html lang="{{ app()->getLocale() }}">
+<head>
+    
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="csrf-token" content="{{ csrf_token() }}">
+
+    <meta name="mobile-web-app-capable" content="yes">
+
+    <title>{{ $title ?? config('app.name', 'Laravel') }}</title>
+
+    <meta property="og:site_name" content="{{ config('app.name', 'pixelfed') }}">
+    <meta property="og:title" content="{{ $title or config('app.name', 'pixelfed') }}">
+    <meta property="og:type" content="article">
+    <meta property="og:url" content="{{request()->url()}}">
+    @stack('meta')
+
+    <meta name="medium" content="image">
+    <meta name="theme-color" content="#10c5f8">
+    <meta name="apple-mobile-web-app-capable" content="yes">
+    <link rel="shortcut icon" type="image/png" href="/img/favicon.png">
+    <link rel="canonical" href="{{request()->url()}}">
+    <link href="{{ mix('css/app.css') }}" rel="stylesheet">
+    @stack('styles')
+</head>
+<body class="">
+    <main id="content">
+        @yield('content')
+    </main>
+    @include('layouts.partial.footer')
+    <script type="text/javascript" src="{{ mix('js/app.js') }}"></script>
+    @stack('scripts')
+</body>
+</html>

routes/web.php

@@ -68,6 +68,9 @@ Route::domain(config('pixelfed.domain.app'))->middleware('validemail')->group(fu
         Route::post('verify-email', 'AccountController@sendVerifyEmail')->middleware('throttle:10,1440');
         Route::get('confirm-email/{userToken}/{randomToken}', 'AccountController@confirmVerifyEmail')->middleware('throttle:10,1440');
 
+        Route::get('auth/sudo', 'AccountController@sudoMode');
+        Route::post('auth/sudo', 'AccountController@sudoModeVerify');
+
         Route::group(['prefix' => 'report'], function () {
             Route::get('/', 'ReportController@showForm')->name('report.form');
             Route::post('/', 'ReportController@formStore')->middleware('throttle:100,1440');
@@ -98,8 +101,8 @@ Route::domain(config('pixelfed.domain.app'))->middleware('validemail')->group(fu
         Route::post('home', 'SettingsController@homeUpdate')->middleware('throttle:25,1440');
         Route::get('avatar', 'SettingsController@avatar')->name('settings.avatar');
         Route::post('avatar', 'AvatarController@store')->middleware('throttle:5,1440');
-        Route::get('password', 'SettingsController@password')->name('settings.password');
-        Route::post('password', 'SettingsController@passwordUpdate')->middleware('throttle:2,1440');
+        Route::get('password', 'SettingsController@password')->name('settings.password')->middleware('dangerzone');
+        Route::post('password', 'SettingsController@passwordUpdate')->middleware(['throttle:2,1440','dangerzone']);
         Route::get('email', 'SettingsController@email')->name('settings.email');
         Route::get('notifications', 'SettingsController@notifications')->name('settings.notifications');
         Route::get('privacy', 'SettingsController@privacy')->name('settings.privacy');