-
-
Notifications
You must be signed in to change notification settings - Fork 568
/
Copy pathPasswordController.php
54 lines (39 loc) · 1.42 KB
/
PasswordController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
namespace Statamic\Http\Controllers\CP\Users;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Password as PasswordFacade;
use Illuminate\Validation\Rules\Password;
use Statamic\Events\UserPasswordChanged;
use Statamic\Exceptions\NotFoundHttpException;
use Statamic\Facades\User;
use Statamic\Http\Controllers\CP\CpController;
use Statamic\Http\Middleware\CP\RequireElevatedSession;
class PasswordController extends CpController
{
public function __construct(Request $request)
{
parent::__construct($request);
$this->middleware(RequireElevatedSession::class);
}
public function update(Request $request, $user)
{
throw_unless($user = User::find($user), new NotFoundHttpException);
$updatingOwnPassword = $user->id() == User::fromUser($request->user())->id();
$this->authorize('editPassword', $user);
$rules = [
'password' => ['required', 'confirmed', Password::default()],
];
if ($updatingOwnPassword) {
$rules['current_password'] = ['required', 'current_password'];
}
$request->validate($rules);
$user->password($request->password)->save();
if ($updatingOwnPassword) {
Auth::login($user);
}
PasswordFacade::deleteToken($user);
UserPasswordChanged::dispatch($user);
return response('', 204);
}
}