Routing improved and password reset tokens implemented

app/Console/Kernel.php

@@ -2,6 +2,8 @@
 
 namespace App\Console;
 
+use App\Models\PasswordResetToken;
+use Carbon\Carbon;
 use Illuminate\Console\Scheduling\Schedule;
 use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
 
@@ -13,6 +15,9 @@ class Kernel extends ConsoleKernel
     protected function schedule(Schedule $schedule): void
     {
         // $schedule->command('inspire')->hourly();
+        $schedule->call(function(){
+            PasswordResetToken::where('expires_at', '<', Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s'))->delete();
+        })->daily();
     }
 
     /**

app/Http/Controllers/HouseController.php

@@ -25,7 +25,27 @@ public function create()
 
     public function store(Request $request)
     {
-        //
+
+            $fulladress = $request->Block1;
+            if($request->Block2){
+                $fulladress = $fulladress . '-' . $request->Block2;
+            }
+            if($request->house_no){
+                $fulladress = $fulladress . '-' . $request->house_no;
+            }
+            if($request->floor){
+                $fulladress = $fulladress . '-' . $request->floor;
+            }
+
+            return response()->json([
+                'house_type' => $request->house_type,
+                'house_no' => $request->house_no,
+                'Block1' => $request->Block1,
+                'Block2' => $request->Block2,
+                'floor' => $request->floor,
+                'fulladress' => $fulladress
+            ]);
+
     }
 
 

app/Http/Controllers/UserController.php

@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers;
 
+use App\Models\PasswordResetToken;
 use Illuminate\Http\Request;
 use App\Models\User;
 use App\Models\Society;
@@ -12,6 +13,8 @@
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Notification;
 use App\Notifications\ForgetPassword;
+use Carbon\Carbon;
+use Illuminate\Auth\Events\PasswordReset;
 
 class UserController extends Controller
 {
@@ -139,7 +142,6 @@ public function destroy($id)
     }
     public function home()
     {
-
         return view('users.home');
     }
 
@@ -228,7 +230,7 @@ public function resetPassword(User $user, Request $request)
     public function forgetpassword(Request $request)
     {
         $user = User::where('mobile1', $request->mobile)->first();
-
+        
         if($user)
         {
             if($user->email)
@@ -251,23 +253,35 @@ public function forgetpassword(Request $request)
         }
     }
 
-    public function forget($id)
+    public function forget($token)
     {
-        $user= User::where('id',$id)->first();
-
+        $email = PasswordResetToken::where('token',$token)->first();
+        if($email){
+            if($email->expires_at < Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s'))
+            {
+                $email->delete();
+                return redirect('/')->with('error', 'Token Expired');
+            }
+        $user = User::where('email',$email->email)->first();
         return view('users/forgetpasswordcreate', compact('user'));
+        }else{
+            return redirect('/')->with('error', 'Invalid Token');
+        }
+
     }
     public function forgetstore(User $user, Request $req)
     {
         $req->validate([
             'password' => 'required|min:8',
             'confirmPassword' => 'required|same:password'
         ]);
-
+    
         $user->update([
             'password' => Hash::make($req->password)
         ]);
-
+        $token = PasswordResetToken::where('email',$user->email)->first();
+        $token->delete();
+
         return redirect("/")->with('success', 'Password Changed Successfully');
     }
 

app/Http/Kernel.php

@@ -67,5 +67,6 @@ class Kernel extends HttpKernel
 
     protected $routeMiddleware = [
         'userType' => \App\Http\Middleware\UserType::class,
+        'user-access' => \App\Http\Middleware\UserAccess::class,
     ];
 }

app/Http/Middleware/AdminMiddleware.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+class AdminMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next,$userType): Response
+    {
+        if(Auth::user()->usertype_id != $userType)
+        {
+            return redirect('home')->with('error', 'You are not authorized to access this page');
+        }else{
+            return $next($request);
+        }
+
+    }
+}

app/Http/Middleware/UserAccess.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
+use App\Models\User;
+
+class UserAccess
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next,$usertype): Response
+    {
+
+        if(Auth::user()->usertype_id != $usertype)
+        {
+            if(Auth::user()->usertype_id == User::RESIDENT)
+            {
+                return redirect()->route('user.home')->with('error','You are not allowed to access this page');
+            }elseif(Auth::user()->usertype_id == User::ADMIN)
+            {
+                return $next($request);
+            }
+            return redirect()->route('home')->with('error','You are not allowed to access this page');
+        }else{
+            return $next($request);
+        }
+    }
+}

app/Models/Expense.php

@@ -8,7 +8,7 @@
 
 
 class Expense extends Model
-{
+{ 
     use HasFactory;
 
     protected $fillable=[

app/Models/PasswordResetToken.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+
+class PasswordResetToken extends Model
+{
+    public $timestamps = false;
+    protected $table = 'password_reset_tokens';
+    protected $fillable = [
+        'email',
+        'token',
+        'expires_at',
+    ];
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+    use HasFactory;
+}

app/Models/Payment.php

@@ -43,7 +43,7 @@ public function scopeMonthlyfilter($query, $month)
     public function scopeDatebetween($query, $start, $end)
     {
         return $query->whereBetween(
-            \DB::raw("STR_TO_DATE(billingmonth, '%d-%m-%Y')"),
+            DB::raw("STR_TO_DATE(billingmonth, '%d-%m-%Y')"),
             [date('Y-m-d', strtotime($start)), date('Y-m-d', strtotime($end))]
         )->get();
     }

app/Notifications/ForgetPassword.php

@@ -2,10 +2,13 @@
 
 namespace App\Notifications;
 
+use App\Models\PasswordResetToken;
+use Carbon\Carbon;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
+use ILLuminate\Support\Str;
 
 class ForgetPassword extends Notification
 {
@@ -35,9 +38,22 @@ public function via(object $notifiable): array
      */
     public function toMail($notifiable)
     {
+        $token = Str::random(60);
+        $passwordReset = PasswordResetToken::where('email', $this->user->email)->first();
+        if($passwordReset){
+            $passwordReset->token = $token;
+            $passwordReset->expires_at = Carbon::now('Asia/Kolkata')->format('Y-m-d H:i:s');
+            $passwordReset->save();
+        }else{
+            $passwordReset = new PasswordResetToken();
+            $passwordReset->email = $this->user->email;
+            $passwordReset->token = $token;
+            $passwordReset->expires_at = Carbon::now('Asia/Kolkata')->addDay()->format('Y-m-d H:i:s');
+            $passwordReset->save();
+        }
         return (new MailMessage)
             ->line($this->user->name.' Click On The Following Link To Reset Your Password :')
-            ->action('Reset Password', route('forget', $notifiable->id))
+            ->action('Reset Password', route('forget', $token))
             ->line('Thank you for using our application!');
     }
 

resources/views/home.blade.php

@@ -1,7 +1,9 @@
 @extends('layouts.main')
 @section('title')
 Society Home
+
 @endsection
+
 @section('content')
 @endsection
 

resources/views/users/create.blade.php

@@ -1,4 +1,3 @@
-
 @extends('layouts.main')
 @section('title')
 Society Create User
@@ -16,45 +15,45 @@
 <div class="d-flex flex-column justify-content-center align-items-center p-3 pb-3 ">
     <form action="{{ route('users.store') }}" method="POST"   class="d-flex flex-column gap-3" id="user-create" >
         @csrf
-          <input type="textbox" name="name" placeholder="Name"  class="form-control" value={{ old('name')}}>
+            <input type="textbox" name="name" placeholder="Name"  class="form-control" value={{ old('name')}}>
         <div class="error">
         @error('name')
             {{ $message }}
         @enderror
         </div>
-          <input type="tel" name="mobile1" placeholder="Enter your mobile"  class="form-control" value={{ old('mobile1')}}>
+            <input type="tel" name="mobile1" placeholder="Enter your mobile"  class="form-control" value={{ old('mobile1')}}>
         <div class="error">
         @error('mobile1')
             {{ $message }}
         @enderror
         </div>
 
-        <input type="tel" name="mobile2" placeholder="Mobile2"  class="form-control" value={{ old('mobile2')}}>
+            <input type="tel" name="mobile2" placeholder="Mobile2"  class="form-control" value={{ old('mobile2')}}>
         <div class="error">
         @error('mobile2')
             {{ $message }}
         @enderror
         </div>
-        <input type="email" name="email" placeholder="Email"  class="form-control" value={{ old('email')}}>
+            <input type="email" name="email" placeholder="Email"  class="form-control" value={{ old('email')}}>
         <div class="error">
         @error('email')
             {{ $message }}
         @enderror
         </div>
-        <input type="password" id="password" name="password" placeholder="Password" class="form-control" value={{ old('password')}}>
+            <input type="password" id="password" name="password" placeholder="Password" class="form-control" value={{ old('password')}}>
         <div class="error">
         @error('password')
             {{ $message }}
         @enderror
         </div>
-         <input type="password" id="confirmPassword" name="confirmPassword" placeholder="Confirm password" class="form-control" value={{ old('confirmPassword')}}>
+            <input type="password" id="confirmPassword" name="confirmPassword" placeholder="Confirm password" class="form-control" value={{ old('confirmPassword')}}>
         <div class="error">
         @error('confirmPassword')
             {{ $message }}
         @enderror
-        <input type="checkbox"  id="checkbox">Show Password
+            <input type="checkbox"  id="checkbox">Show Password
         </div>
-         <select name="usertype_id" class="form-control user-cursor" value={{ old('usertype_id')}}>
+        <select name="usertype_id" class="form-control user-cursor" value={{ old('usertype_id')}}>
             <option value="">Select User Type</option>
             @foreach($usertypes as $usertype)
                 <option value="{{ $usertype->id }}" {{ old('usertype_id') == $usertype->id ? 'selected' : '' }}>{{ $usertype->role }}</option>

resources/views/users/home.blade.php

@@ -1,7 +1,7 @@
 @extends('layouts.mainWithoutNav')
 @include('users.navbar')
 @section('title')
-Society Home
+Society Home 
 @endsection
 @section('content')
 @endsection

resources/views/users/report.blade.php

@@ -4,18 +4,20 @@
 Society User-Report
 @endsection
 @section('content')
-@php $payments = Auth::user()->payments()->get() @endphp
+@php $payments = Auth::user()->payments()->get()
+@endphp
 <div class="table-report p-4">
     <table class="table table-light table-hover">
         <tr  table-active>
+            <th>ADDRESS</th>
             <th>BILLING MONTH</th>
             <th>PAYMENT MODE</th>
             <th>DATE OF DEPOSIT</th>
             <th>AMOUNT</th>
         </tr>
         <tr>
             @foreach ($payments as $payment)
-                <td>{{ $address }}</td>
+                <td>{{ $payment->houses->full_address }}</td>
                 @foreach ($months as $key => $month)
                 @if($key == $payment->billingmonth)
                     <td>{{ $month }}</td>

routes/api.php

@@ -2,6 +2,7 @@
 
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
+use App\Http\Controllers\HouseController;
 
 /*
 |--------------------------------------------------------------------------
@@ -13,6 +14,11 @@
 | be assigned to the "api" middleware group. Make something great!
 |
 */
+Route::get('/test',function(){
+    return response()->json(['message'=>'Hello World']);
+});
+
+Route::post('/storehouse', [HouseController::class, 'store'])->name('storeHouse');
 
 Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
     return $request->user();