From c3191986e34dca10a1e81f3b10690b0d497ccc59 Mon Sep 17 00:00:00 2001 From: Mohit <143085160+Mohit-Netzoptimize@users.noreply.github.com> Date: Wed, 6 Sep 2023 11:37:59 +0530 Subject: [PATCH] Routing improved and password reset tokens implemented --- app/Console/Kernel.php | 5 +++ app/Http/Controllers/HouseController.php | 22 ++++++++- app/Http/Controllers/UserController.php | 28 +++++++++--- app/Http/Kernel.php | 1 + app/Http/Middleware/AdminMiddleware.php | 28 ++++++++++++ app/Http/Middleware/UserAccess.php | 35 +++++++++++++++ app/Models/Expense.php | 2 +- app/Models/PasswordResetToken.php | 22 +++++++++ app/Models/Payment.php | 2 +- app/Notifications/ForgetPassword.php | 18 +++++++- resources/views/home.blade.php | 2 + resources/views/houses/create.blade.php | 0 resources/views/users/create.blade.php | 17 ++++--- resources/views/users/home.blade.php | 2 +- resources/views/users/report.blade.php | 6 ++- routes/api.php | 6 +++ routes/web.php | 57 ++++++++++++++++-------- 17 files changed, 212 insertions(+), 41 deletions(-) create mode 100644 app/Http/Middleware/AdminMiddleware.php create mode 100644 app/Http/Middleware/UserAccess.php create mode 100644 app/Models/PasswordResetToken.php create mode 100644 resources/views/houses/create.blade.php diff --git a/app/Console/Kernel.php b/app/Console/Kernel.php index e6b9960..fb02656 100644 --- a/app/Console/Kernel.php +++ b/app/Console/Kernel.php @@ -2,6 +2,8 @@ namespace App\Console; +use App\Models\PasswordResetToken; +use Carbon\Carbon; use Illuminate\Console\Scheduling\Schedule; use Illuminate\Foundation\Console\Kernel as ConsoleKernel; @@ -13,6 +15,9 @@ class Kernel extends ConsoleKernel protected function schedule(Schedule $schedule): void { // $schedule->command('inspire')->hourly(); + $schedule->call(function(){ + PasswordResetToken::where('expires_at', '<', Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s'))->delete(); + })->daily(); } /** diff --git a/app/Http/Controllers/HouseController.php b/app/Http/Controllers/HouseController.php index ad438cb..0c1d25b 100644 --- a/app/Http/Controllers/HouseController.php +++ b/app/Http/Controllers/HouseController.php @@ -25,7 +25,27 @@ public function create() public function store(Request $request) { - // + + $fulladress = $request->Block1; + if($request->Block2){ + $fulladress = $fulladress . '-' . $request->Block2; + } + if($request->house_no){ + $fulladress = $fulladress . '-' . $request->house_no; + } + if($request->floor){ + $fulladress = $fulladress . '-' . $request->floor; + } + + return response()->json([ + 'house_type' => $request->house_type, + 'house_no' => $request->house_no, + 'Block1' => $request->Block1, + 'Block2' => $request->Block2, + 'floor' => $request->floor, + 'fulladress' => $fulladress + ]); + } diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index 0c8182d..8b2cf46 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -2,6 +2,7 @@ namespace App\Http\Controllers; +use App\Models\PasswordResetToken; use Illuminate\Http\Request; use App\Models\User; use App\Models\Society; @@ -12,6 +13,8 @@ use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Notification; use App\Notifications\ForgetPassword; +use Carbon\Carbon; +use Illuminate\Auth\Events\PasswordReset; class UserController extends Controller { @@ -139,7 +142,6 @@ public function destroy($id) } public function home() { - return view('users.home'); } @@ -228,7 +230,7 @@ public function resetPassword(User $user, Request $request) public function forgetpassword(Request $request) { $user = User::where('mobile1', $request->mobile)->first(); - + if($user) { if($user->email) @@ -251,11 +253,21 @@ public function forgetpassword(Request $request) } } - public function forget($id) + public function forget($token) { - $user= User::where('id',$id)->first(); - + $email = PasswordResetToken::where('token',$token)->first(); + if($email){ + if($email->expires_at < Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s')) + { + $email->delete(); + return redirect('/')->with('error', 'Token Expired'); + } + $user = User::where('email',$email->email)->first(); return view('users/forgetpasswordcreate', compact('user')); + }else{ + return redirect('/')->with('error', 'Invalid Token'); + } + } public function forgetstore(User $user, Request $req) { @@ -263,11 +275,13 @@ public function forgetstore(User $user, Request $req) 'password' => 'required|min:8', 'confirmPassword' => 'required|same:password' ]); - + $user->update([ 'password' => Hash::make($req->password) ]); - + $token = PasswordResetToken::where('email',$user->email)->first(); + $token->delete(); + return redirect("/")->with('success', 'Password Changed Successfully'); } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 1fd34bf..62e90c0 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -67,5 +67,6 @@ class Kernel extends HttpKernel protected $routeMiddleware = [ 'userType' => \App\Http\Middleware\UserType::class, + 'user-access' => \App\Http\Middleware\UserAccess::class, ]; } diff --git a/app/Http/Middleware/AdminMiddleware.php b/app/Http/Middleware/AdminMiddleware.php new file mode 100644 index 0000000..c276af5 --- /dev/null +++ b/app/Http/Middleware/AdminMiddleware.php @@ -0,0 +1,28 @@ +usertype_id != $userType) + { + return redirect('home')->with('error', 'You are not authorized to access this page'); + }else{ + return $next($request); + } + + } +} diff --git a/app/Http/Middleware/UserAccess.php b/app/Http/Middleware/UserAccess.php new file mode 100644 index 0000000..6184f43 --- /dev/null +++ b/app/Http/Middleware/UserAccess.php @@ -0,0 +1,35 @@ +usertype_id != $usertype) + { + if(Auth::user()->usertype_id == User::RESIDENT) + { + return redirect()->route('user.home')->with('error','You are not allowed to access this page'); + }elseif(Auth::user()->usertype_id == User::ADMIN) + { + return $next($request); + } + return redirect()->route('home')->with('error','You are not allowed to access this page'); + }else{ + return $next($request); + } + } +} diff --git a/app/Models/Expense.php b/app/Models/Expense.php index ee99a7e..ef05e0c 100644 --- a/app/Models/Expense.php +++ b/app/Models/Expense.php @@ -8,7 +8,7 @@ class Expense extends Model -{ +{ use HasFactory; protected $fillable=[ diff --git a/app/Models/PasswordResetToken.php b/app/Models/PasswordResetToken.php new file mode 100644 index 0000000..fa4f81e --- /dev/null +++ b/app/Models/PasswordResetToken.php @@ -0,0 +1,22 @@ +belongsTo(User::class); + } + use HasFactory; +} diff --git a/app/Models/Payment.php b/app/Models/Payment.php index 295392e..eeb05c8 100644 --- a/app/Models/Payment.php +++ b/app/Models/Payment.php @@ -43,7 +43,7 @@ public function scopeMonthlyfilter($query, $month) public function scopeDatebetween($query, $start, $end) { return $query->whereBetween( - \DB::raw("STR_TO_DATE(billingmonth, '%d-%m-%Y')"), + DB::raw("STR_TO_DATE(billingmonth, '%d-%m-%Y')"), [date('Y-m-d', strtotime($start)), date('Y-m-d', strtotime($end))] )->get(); } diff --git a/app/Notifications/ForgetPassword.php b/app/Notifications/ForgetPassword.php index b5f81b3..6599a6e 100644 --- a/app/Notifications/ForgetPassword.php +++ b/app/Notifications/ForgetPassword.php @@ -2,10 +2,13 @@ namespace App\Notifications; +use App\Models\PasswordResetToken; +use Carbon\Carbon; use Illuminate\Bus\Queueable; use Illuminate\Contracts\Queue\ShouldQueue; use Illuminate\Notifications\Messages\MailMessage; use Illuminate\Notifications\Notification; +use ILLuminate\Support\Str; class ForgetPassword extends Notification { @@ -35,9 +38,22 @@ public function via(object $notifiable): array */ public function toMail($notifiable) { + $token = Str::random(60); + $passwordReset = PasswordResetToken::where('email', $this->user->email)->first(); + if($passwordReset){ + $passwordReset->token = $token; + $passwordReset->expires_at = Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s'); + $passwordReset->save(); + }else{ + $passwordReset = new PasswordResetToken(); + $passwordReset->email = $this->user->email; + $passwordReset->token = $token; + $passwordReset->expires_at = Carbon::now('Asia/Kolkata')->addDay()->format('Y-m-d H:i:s'); + $passwordReset->save(); + } return (new MailMessage) ->line($this->user->name.' Click On The Following Link To Reset Your Password :') - ->action('Reset Password', route('forget', $notifiable->id)) + ->action('Reset Password', route('forget', $token)) ->line('Thank you for using our application!'); } diff --git a/resources/views/home.blade.php b/resources/views/home.blade.php index 1fc5d8d..bf79a9e 100644 --- a/resources/views/home.blade.php +++ b/resources/views/home.blade.php @@ -1,7 +1,9 @@ @extends('layouts.main') @section('title') Society Home + @endsection + @section('content') @endsection diff --git a/resources/views/houses/create.blade.php b/resources/views/houses/create.blade.php new file mode 100644 index 0000000..e69de29 diff --git a/resources/views/users/create.blade.php b/resources/views/users/create.blade.php index d817035..590e22d 100644 --- a/resources/views/users/create.blade.php +++ b/resources/views/users/create.blade.php @@ -1,4 +1,3 @@ - @extends('layouts.main') @section('title') Society Create User @@ -16,45 +15,45 @@
@csrf - +
@error('name') {{ $message }} @enderror
- +
@error('mobile1') {{ $message }} @enderror
- +
@error('mobile2') {{ $message }} @enderror
- +
@error('email') {{ $message }} @enderror
- +
@error('password') {{ $message }} @enderror
- +
@error('confirmPassword') {{ $message }} @enderror - Show Password + Show Password
- @foreach($usertypes as $usertype) diff --git a/resources/views/users/home.blade.php b/resources/views/users/home.blade.php index 9f6ca01..76fad45 100644 --- a/resources/views/users/home.blade.php +++ b/resources/views/users/home.blade.php @@ -1,7 +1,7 @@ @extends('layouts.mainWithoutNav') @include('users.navbar') @section('title') -Society Home +Society Home @endsection @section('content') @endsection diff --git a/resources/views/users/report.blade.php b/resources/views/users/report.blade.php index 6a73230..91e1978 100644 --- a/resources/views/users/report.blade.php +++ b/resources/views/users/report.blade.php @@ -4,10 +4,12 @@ Society User-Report @endsection @section('content') -@php $payments = Auth::user()->payments()->get() @endphp +@php $payments = Auth::user()->payments()->get() +@endphp
+ @@ -15,7 +17,7 @@ @foreach ($payments as $payment) - + @foreach ($months as $key => $month) @if($key == $payment->billingmonth) diff --git a/routes/api.php b/routes/api.php index 889937e..63e9e77 100644 --- a/routes/api.php +++ b/routes/api.php @@ -2,6 +2,7 @@ use Illuminate\Http\Request; use Illuminate\Support\Facades\Route; +use App\Http\Controllers\HouseController; /* |-------------------------------------------------------------------------- @@ -13,6 +14,11 @@ | be assigned to the "api" middleware group. Make something great! | */ +Route::get('/test',function(){ + return response()->json(['message'=>'Hello World']); +}); + +Route::post('/storehouse', [HouseController::class, 'store'])->name('storeHouse'); Route::middleware('auth:sanctum')->get('/user', function (Request $request) { return $request->user(); diff --git a/routes/web.php b/routes/web.php index a28911f..0b7ea6f 100644 --- a/routes/web.php +++ b/routes/web.php @@ -7,7 +7,7 @@ use App\Http\Controllers\HouseController; use App\Http\Controllers\PaymentController; use App\Http\Controllers\AdminController; - +use App\Models\User; /* |-------------------------------------------------------------------------- @@ -32,36 +32,57 @@ return view('users.forget-password'); })->name('forget-password'); Route::post('users/forgetpassword', [UserController::class, 'forgetpassword'])->name('forgetpassword'); -Route::get('/forget/{id}', [UserController::class, 'forget'])->name('forget'); +Route::get('/forget/{token}', [UserController::class, 'forget'])->name('forget'); Route::post('forgetpassword/{user}/store', [UserController::class, 'forgetstore'])->name('forgetpassword.store'); -Route::middleware(['auth'])->group(function () { +Route::middleware(['auth'])->group(function(){ + + Route::get('users/profile', [UserController::class, 'profile'])->name('user.profile'); + Route::get('users/profile/edit', [UserController::class, 'profileEdit'])->name('user.profile.edit'); + Route::post('users/reset-password/{user}', [UserController::class, 'resetPassword'])->name('user.resetpassword'); + Route::post('users/profile/update/{user}', [UserController::class, 'profileupdate'])->name('user.profile.update'); + Route::post('ajax', [PaymentController::class, 'ajax'])->name('ajax'); + Route::get('/users/home', [UserController::class, 'home'])->name('user.home'); + Route::get('users/report', [UserController::class, 'report'])->name('user.report'); +}); +Route::middleware(['auth','user-access:'.User::ADMIN])->group(function() { + Route::get('/home', function() + { + return view('home'); + })->name('home'); + Route::get('admin/profile', [UserController::class, 'adminProfile'])->name('admin.user.profile'); + Route::get('residents/create/{id?}', [ResidentController::class,'create'])->name('residents.create'); + Route::resource('payments', PaymentController::class); + Route::resource('admins/expenses', AdminController::class)->middleware('userType'); + Route::resource('residents', ResidentController::class)->except(['create']);; + Route::resource('houses', HouseController::class); + Route::resource('users', UserController::class); +}); + +Route::middleware(['auth','user-access:'.User::MODERATOR])->group(function() { Route::get('/home', function() { return view('home'); - }); + })->name('home'); Route::get('admin/profile', [UserController::class, 'adminProfile'])->name('admin.user.profile'); + Route::resource('payments', PaymentController::class)->except(['create','store','destroy','edit','update']); + Route::resource('admins/expenses', AdminController::class)->except(['create','store','destroy','edit','update']); + Route::resource('residents', ResidentController::class)->except(['create','store','destroy','edit','update']); + Route::resource('houses', HouseController::class)->except(['create','store','destroy','edit','update']); + Route::resource('users', UserController::class)->except(['create','store','destroy','edit','update']); +}); - Route::get('users/profile', [UserController::class, 'profile'])->name('user.profile'); - Route::get('users/profile/edit', [UserController::class, 'profileEdit'])->name('user.profile.edit'); - Route::post('users/profile/update/{user}', [UserController::class, 'profileupdate'])->name('user.profile.update'); - Route::get('/users/home', [UserController::class, 'home'])->name('user.home'); - Route::get('users/report', [UserController::class, 'report'])->name('user.report'); - Route::post('users/reset-password/{user}', [UserController::class, 'resetPassword'])->name('user.resetpassword'); - Route::resource('users', UserController::class); - Route::resource('houses', HouseController::class); +Route::middleware(['auth','user-access:'.User::RESIDENT])->group(function() { + Route::resource('users', UserController::class)->except(['index','create','store','destroy','edit','update']); +}); + + - Route::resource('residents', ResidentController::class)->except(['create']);; - Route::get('residents/create/{id?}', [ResidentController::class,'create'])->name('residents.create'); - Route::resource('payments', PaymentController::class); - Route::post('ajax', [PaymentController::class, 'ajax'])->name('ajax'); - Route::resource('admins/expenses', AdminController::class)->middleware('userType'); -});
ADDRESS BILLING MONTH PAYMENT MODE DATE OF DEPOSIT
{{ $address }}{{ $payment->houses->full_address }}{{ $month }}