AccountController.php 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\EmailVerification;
  4. use App\Follower;
  5. use App\FollowRequest;
  6. use App\Jobs\FollowPipeline\FollowPipeline;
  7. use App\Mail\ConfirmEmail;
  8. use App\Notification;
  9. use App\Profile;
  10. use App\User;
  11. use App\UserFilter;
  12. use Auth;
  13. use Cache;
  14. use Carbon\Carbon;
  15. use Illuminate\Http\Request;
  16. use Mail;
  17. use Redis;
  18. use PragmaRX\Google2FA\Google2FA;
  19. class AccountController extends Controller
  20. {
  21. protected $filters = [
  22. 'user.mute',
  23. 'user.block',
  24. ];
  25. public function __construct()
  26. {
  27. $this->middleware('auth');
  28. }
  29. public function notifications(Request $request)
  30. {
  31. $this->validate($request, [
  32. 'page' => 'nullable|min:1|max:3',
  33. 'a' => 'nullable|alpha_dash',
  34. ]);
  35. $profile = Auth::user()->profile;
  36. $action = $request->input('a');
  37. $timeago = Carbon::now()->subMonths(6);
  38. if ($action && in_array($action, ['comment', 'follow', 'mention'])) {
  39. $notifications = Notification::whereProfileId($profile->id)
  40. ->whereAction($action)
  41. ->whereDate('created_at', '>', $timeago)
  42. ->orderBy('id', 'desc')
  43. ->simplePaginate(30);
  44. } else {
  45. $notifications = Notification::whereProfileId($profile->id)
  46. ->whereDate('created_at', '>', $timeago)
  47. ->orderBy('id', 'desc')
  48. ->simplePaginate(30);
  49. }
  50. return view('account.activity', compact('profile', 'notifications'));
  51. }
  52. public function followingActivity(Request $request)
  53. {
  54. $this->validate($request, [
  55. 'page' => 'nullable|min:1|max:3',
  56. 'a' => 'nullable|alpha_dash',
  57. ]);
  58. $profile = Auth::user()->profile;
  59. $action = $request->input('a');
  60. $allowed = ['like', 'follow'];
  61. $timeago = Carbon::now()->subMonths(3);
  62. $following = $profile->following->pluck('id');
  63. $notifications = Notification::whereIn('actor_id', $following)
  64. ->whereIn('action', $allowed)
  65. ->where('actor_id', '<>', $profile->id)
  66. ->whereDate('created_at', '>', $timeago)
  67. ->orderBy('notifications.created_at', 'desc')
  68. ->simplePaginate(30);
  69. return view('account.following', compact('profile', 'notifications'));
  70. }
  71. public function verifyEmail(Request $request)
  72. {
  73. return view('account.verify_email');
  74. }
  75. public function sendVerifyEmail(Request $request)
  76. {
  77. $timeLimit = Carbon::now()->subDays(1)->toDateTimeString();
  78. $recentAttempt = EmailVerification::whereUserId(Auth::id())
  79. ->where('created_at', '>', $timeLimit)->count();
  80. $exists = EmailVerification::whereUserId(Auth::id())->count();
  81. if ($recentAttempt == 1 && $exists == 1) {
  82. return redirect()->back()->with('error', 'A verification email has already been sent recently. Please check your email, or try again later.');
  83. } elseif ($recentAttempt == 0 && $exists !== 0) {
  84. // Delete old verification and send new one.
  85. EmailVerification::whereUserId(Auth::id())->delete();
  86. }
  87. $user = User::whereNull('email_verified_at')->find(Auth::id());
  88. $utoken = hash('sha512', $user->id);
  89. $rtoken = str_random(40);
  90. $verify = new EmailVerification();
  91. $verify->user_id = $user->id;
  92. $verify->email = $user->email;
  93. $verify->user_token = $utoken;
  94. $verify->random_token = $rtoken;
  95. $verify->save();
  96. Mail::to($user->email)->send(new ConfirmEmail($verify));
  97. return redirect()->back()->with('status', 'Verification email sent!');
  98. }
  99. public function confirmVerifyEmail(Request $request, $userToken, $randomToken)
  100. {
  101. $verify = EmailVerification::where('user_token', $userToken)
  102. ->where('random_token', $randomToken)
  103. ->firstOrFail();
  104. if (Auth::id() === $verify->user_id) {
  105. $user = User::find(Auth::id());
  106. $user->email_verified_at = Carbon::now();
  107. $user->save();
  108. return redirect('/');
  109. }
  110. }
  111. public function fetchNotifications($id)
  112. {
  113. $key = config('cache.prefix').":user.{$id}.notifications";
  114. $redis = Redis::connection();
  115. $notifications = $redis->lrange($key, 0, 30);
  116. if (empty($notifications)) {
  117. $notifications = Notification::whereProfileId($id)
  118. ->orderBy('id', 'desc')->take(30)->get();
  119. } else {
  120. $notifications = $this->hydrateNotifications($notifications);
  121. }
  122. return $notifications;
  123. }
  124. public function hydrateNotifications($keys)
  125. {
  126. $prefix = 'notification.';
  127. $notifications = collect([]);
  128. foreach ($keys as $key) {
  129. $notifications->push(Cache::get("{$prefix}{$key}"));
  130. }
  131. return $notifications;
  132. }
  133. public function messages()
  134. {
  135. return view('account.messages');
  136. }
  137. public function showMessage(Request $request, $id)
  138. {
  139. return view('account.message');
  140. }
  141. public function mute(Request $request)
  142. {
  143. $this->validate($request, [
  144. 'type' => 'required|string',
  145. 'item' => 'required|integer|min:1',
  146. ]);
  147. $user = Auth::user()->profile;
  148. $type = $request->input('type');
  149. $item = $request->input('item');
  150. $action = "{$type}.mute";
  151. if (!in_array($action, $this->filters)) {
  152. return abort(406);
  153. }
  154. $filterable = [];
  155. switch ($type) {
  156. case 'user':
  157. $profile = Profile::findOrFail($item);
  158. if ($profile->id == $user->id) {
  159. return abort(403);
  160. }
  161. $class = get_class($profile);
  162. $filterable['id'] = $profile->id;
  163. $filterable['type'] = $class;
  164. break;
  165. default:
  166. // code...
  167. break;
  168. }
  169. $filter = UserFilter::firstOrCreate([
  170. 'user_id' => $user->id,
  171. 'filterable_id' => $filterable['id'],
  172. 'filterable_type' => $filterable['type'],
  173. 'filter_type' => 'mute',
  174. ]);
  175. return redirect()->back();
  176. }
  177. public function block(Request $request)
  178. {
  179. $this->validate($request, [
  180. 'type' => 'required|string',
  181. 'item' => 'required|integer|min:1',
  182. ]);
  183. $user = Auth::user()->profile;
  184. $type = $request->input('type');
  185. $item = $request->input('item');
  186. $action = "{$type}.block";
  187. if (!in_array($action, $this->filters)) {
  188. return abort(406);
  189. }
  190. $filterable = [];
  191. switch ($type) {
  192. case 'user':
  193. $profile = Profile::findOrFail($item);
  194. $class = get_class($profile);
  195. $filterable['id'] = $profile->id;
  196. $filterable['type'] = $class;
  197. Follower::whereProfileId($profile->id)->whereFollowingId($user->id)->delete();
  198. Notification::whereProfileId($user->id)->whereActorId($profile->id)->delete();
  199. break;
  200. default:
  201. // code...
  202. break;
  203. }
  204. $filter = UserFilter::firstOrCreate([
  205. 'user_id' => $user->id,
  206. 'filterable_id' => $filterable['id'],
  207. 'filterable_type' => $filterable['type'],
  208. 'filter_type' => 'block',
  209. ]);
  210. return redirect()->back();
  211. }
  212. public function followRequests(Request $request)
  213. {
  214. $pid = Auth::user()->profile->id;
  215. $followers = FollowRequest::whereFollowingId($pid)->orderBy('id','desc')->whereIsRejected(0)->simplePaginate(10);
  216. return view('account.follow-requests', compact('followers'));
  217. }
  218. public function followRequestHandle(Request $request)
  219. {
  220. $this->validate($request, [
  221. 'action' => 'required|string|max:10',
  222. 'id' => 'required|integer|min:1'
  223. ]);
  224. $pid = Auth::user()->profile->id;
  225. $action = $request->input('action') === 'accept' ? 'accept' : 'reject';
  226. $id = $request->input('id');
  227. $followRequest = FollowRequest::whereFollowingId($pid)->findOrFail($id);
  228. $follower = $followRequest->follower;
  229. switch ($action) {
  230. case 'accept':
  231. $follow = new Follower();
  232. $follow->profile_id = $follower->id;
  233. $follow->following_id = $pid;
  234. $follow->save();
  235. FollowPipeline::dispatch($follow);
  236. $followRequest->delete();
  237. break;
  238. case 'reject':
  239. $followRequest->is_rejected = true;
  240. $followRequest->save();
  241. break;
  242. }
  243. return response()->json(['msg' => 'success'], 200);
  244. }
  245. public function sudoMode(Request $request)
  246. {
  247. return view('auth.sudo');
  248. }
  249. public function sudoModeVerify(Request $request)
  250. {
  251. $this->validate($request, [
  252. 'password' => 'required|string|max:500'
  253. ]);
  254. $user = Auth::user();
  255. $password = $request->input('password');
  256. $next = $request->session()->get('redirectNext', '/');
  257. if(password_verify($password, $user->password) === true) {
  258. $request->session()->put('sudoMode', time());
  259. return redirect($next);
  260. } else {
  261. return redirect()
  262. ->back()
  263. ->withErrors(['password' => __('auth.failed')]);
  264. }
  265. }
  266. public function twoFactorCheckpoint(Request $request)
  267. {
  268. return view('auth.checkpoint');
  269. }
  270. public function twoFactorVerify(Request $request)
  271. {
  272. $this->validate($request, [
  273. 'code' => 'required|string|max:32'
  274. ]);
  275. $user = Auth::user();
  276. $code = $request->input('code');
  277. $google2fa = new Google2FA();
  278. $verify = $google2fa->verifyKey($user->{'2fa_secret'}, $code);
  279. if($verify) {
  280. $request->session()->push('2fa.session.active', true);
  281. return redirect('/');
  282. } else {
  283. if($request->session()->has('2fa.attempts')) {
  284. $count = (int) $request->session()->has('2fa.attempts');
  285. $request->session()->push('2fa.attempts', $count + 1);
  286. } else {
  287. $request->session()->push('2fa.attempts', 1);
  288. }
  289. return redirect()->back()->withErrors([
  290. 'code' => 'Invalid code'
  291. ]);
  292. }
  293. }
  294. }