From d40bc66438a2c57fd72458ba05dd798288ab1c23 Mon Sep 17 00:00:00 2001 From: Pig Fang Date: Tue, 2 Jun 2020 10:49:06 +0800 Subject: [PATCH] add more events and filters for `AuthController` --- app/Http/Controllers/AuthController.php | 34 +++++++++--------- .../ControllersTest/AuthControllerTest.php | 36 +++++++++++++------ 2 files changed, 43 insertions(+), 27 deletions(-) diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 06226e4d..004a7d91 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -44,12 +44,12 @@ class AuthController extends Controller Dispatcher $dispatcher, Filter $filter ) { - $request->validate([ + $data = $request->validate([ 'identification' => 'required', 'password' => 'required|min:6|max:32', ]); - $identification = $request->input('identification'); - $password = $request->input('password'); + $identification = $data['identification']; + $password = $data['password']; $can = $filter->apply('can_login', null, [$identification, $password]); if ($can instanceof Rejection) { @@ -143,7 +143,7 @@ class AuthController extends Controller Filter $filter ) { if (!option('user_can_register')) { - return json(trans('auth.register.close'), 7); + return json(trans('auth.register.close'), 1); } $can = $filter->apply('can_register', null); @@ -164,23 +164,24 @@ class AuthController extends Controller 'password' => 'required|min:8|max:32', 'captcha' => ['required', $captcha], ], $rule)); + $playerName = $request->input('player_name'); $dispatcher->dispatch('auth.registration.attempt', [$data]); if ( option('register_with_player_name') && - Player::where('name', $request->input('player_name'))->count() > 0 + Player::where('name', $playerName)->count() > 0 ) { - return json(trans('user.player.add.repeated'), 2); + return json(trans('user.player.add.repeated'), 1); } - // If amount of registered accounts of IP is more than allowed amounts, - // then reject the register. + // If amount of registered accounts of IP is more than allowed amount, + // reject this registration. $whip = new Whip(); $ip = $whip->getValidIpAddress(); $ip = $filter->apply('client_ip', $ip); if (User::where('ip', $ip)->count() >= option('regs_per_ip')) { - return json(trans('auth.register.max', ['regs' => option('regs_per_ip')]), 7); + return json(trans('auth.register.max', ['regs' => option('regs_per_ip')]), 1); } $dispatcher->dispatch('auth.registration.ready', [$data]); @@ -190,25 +191,28 @@ class AuthController extends Controller $user->nickname = $data[option('register_with_player_name') ? 'player_name' : 'nickname']; $user->score = option('user_initial_score'); $user->avatar = 0; - $user->password = $user->getEncryptedPwdFromEvent($data['password']) - ?: app('cipher')->hash($data['password'], config('secure.salt')); + $password = app('cipher')->hash($data['password'], config('secure.salt')); + $password = $filter->apply('user_password', $password); + $user->password = $password; $user->ip = $ip; $user->permission = User::NORMAL; $user->register_at = Carbon::now(); $user->last_sign_at = Carbon::now()->subDay(); - $user->save(); $dispatcher->dispatch('auth.registration.completed', [$user]); event(new Events\UserRegistered($user)); if (option('register_with_player_name')) { + $dispatcher->dispatch('player.adding', [$playerName, $user]); + $player = new Player(); $player->uid = $user->uid; - $player->name = $request->get('player_name'); + $player->name = $playerName; $player->tid_skin = 0; $player->save(); + $dispatcher->dispatch('player.added', [$player, $user]); event(new Events\PlayerWasAdded($player)); } @@ -262,7 +266,6 @@ class AuthController extends Controller } $user = User::where('email', $email)->first(); - if (!$user) { return json(trans('auth.forgot.unregistered'), 1); } @@ -271,7 +274,7 @@ class AuthController extends Controller $url = URL::temporarySignedRoute( 'auth.reset', - now()->addHour(), + Carbon::now()->addHour(), ['uid' => $user->uid], false ); @@ -343,7 +346,6 @@ class AuthController extends Controller abort_unless($request->hasValidSignature(false), 403, trans('auth.verify.invalid')); $user = User::find($uid); - if (!$user || $user->verified) { throw new PrettyPageException(trans('auth.verify.invalid'), 1); } diff --git a/tests/HttpTest/ControllersTest/AuthControllerTest.php b/tests/HttpTest/ControllersTest/AuthControllerTest.php index d966b107..03f4a41c 100644 --- a/tests/HttpTest/ControllersTest/AuthControllerTest.php +++ b/tests/HttpTest/ControllersTest/AuthControllerTest.php @@ -7,9 +7,9 @@ use App\Mail\ForgotPassword; use App\Models\Player; use App\Models\User; use App\Rules\Captcha; -use App\Services\Facades\Option; use Blessing\Rejection; use Cache; +use Carbon\Carbon; use Event; use Illuminate\Foundation\Testing\DatabaseTransactions; use Illuminate\Support\Facades\Mail; @@ -337,7 +337,7 @@ class AuthControllerTest extends TestCase 'captcha' => 'a', ] )->assertJson([ - 'code' => 2, + 'code' => 1, 'message' => trans('user.player.add.repeated'), ]); $this->assertNull(User::where('email', 'a@b.c')->first()); @@ -385,7 +385,7 @@ class AuthControllerTest extends TestCase )->assertJsonValidationErrors('captcha'); // Should be forbidden if registering is closed - Option::set('user_can_register', false); + option(['user_can_register' => false]); $this->postJson( '/auth/register', [ @@ -395,7 +395,7 @@ class AuthControllerTest extends TestCase 'captcha' => 'a', ] )->assertJson([ - 'code' => 7, + 'code' => 1, 'message' => trans('auth.register.close'), ]); @@ -409,12 +409,11 @@ class AuthControllerTest extends TestCase 'captcha' => 'a', ] )->assertJson([ - 'code' => 7, + 'code' => 1, 'message' => trans('auth.register.max', ['regs' => option('regs_per_ip')]), ]); - Option::set('regs_per_ip', 100); - + option(['regs_per_ip' => 100]); // Database should be updated if succeeded $response = $this->postJson( '/auth/register', @@ -435,6 +434,9 @@ class AuthControllerTest extends TestCase return true; }); + $filter->assertApplied('user_password', function ($password) { + return app('cipher')->verify('12345678', $password); + }); $this->assertTrue($newUser->verifyPassword('12345678')); $this->assertDatabaseHas('users', [ 'email' => 'a@b.c', @@ -480,6 +482,7 @@ class AuthControllerTest extends TestCase }); // Require player name + Event::fake(); option(['register_with_player_name' => true]); auth()->logout(); $this->postJson( @@ -492,6 +495,18 @@ class AuthControllerTest extends TestCase ] )->assertJson(['code' => 0]); $this->assertNotNull(Player::where('player', 'name')); + Event::assertDispatched('player.adding', function ($eventName, $payload) { + $this->assertEquals('name', $payload[0]); + $this->assertEquals('abc@test.org', $payload[1]->email); + + return true; + }); + Event::assertDispatched('player.added', function ($eventName, $payload) { + $this->assertEquals('name', $payload[0]->name); + $this->assertEquals('abc@test.org', $payload[1]->email); + + return true; + }); auth()->logout(); // rejected by filter @@ -500,7 +515,6 @@ class AuthControllerTest extends TestCase return new Rejection('disabled'); }); $this->postJson('/auth/register', []) - ->dump() ->assertJson(['code' => 1, 'message' => 'disabled']); } @@ -634,7 +648,7 @@ class AuthControllerTest extends TestCase $user = factory(User::class)->create(); $url = URL::temporarySignedRoute( 'auth.reset', - now()->addHour(), + Carbon::now()->addHour(), ['uid' => $user->uid], false ); @@ -642,7 +656,7 @@ class AuthControllerTest extends TestCase $url = URL::temporarySignedRoute( 'auth.reset', - now()->addHour(), + Carbon::now()->addHour(), ['uid' => $user->uid] ); $this->get($url)->assertForbidden(); @@ -655,7 +669,7 @@ class AuthControllerTest extends TestCase $user = factory(User::class)->create(); $url = URL::temporarySignedRoute( 'auth.reset', - now()->addHour(), + Carbon::now()->addHour(), ['uid' => $user->uid], false );