pixelfed/app/Http/Controllers/AccountController.php

<?php

namespace App\Http\Controllers;

use App\EmailVerification;
use App\Follower;
use App\FollowRequest;
use App\Jobs\FollowPipeline\FollowPipeline;
use App\Mail\ConfirmEmail;
use App\Notification;
use App\Profile;
use App\User;
use App\UserFilter;
use Auth;
use Cache;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Mail;
use Redis;
use PragmaRX\Google2FA\Google2FA;

class AccountController extends Controller
{
    protected $filters = [
      'user.mute',
      'user.block',
    ];

    public function __construct()
    {
        $this->middleware('auth');
    }

    public function notifications(Request $request)
    {
        return view('account.activity');
    }

    public function followingActivity(Request $request)
    {
        $this->validate($request, [
          'page' => 'nullable|min:1|max:3',
          'a'    => 'nullable|alpha_dash',
      ]);
        $profile = Auth::user()->profile;
        $action = $request->input('a');
        $allowed = ['like', 'follow'];
        $timeago = Carbon::now()->subMonths(3);
        $following = $profile->following->pluck('id');
        $notifications = Notification::whereIn('actor_id', $following)
          ->whereIn('action', $allowed)
          ->where('actor_id', '<>', $profile->id)
          ->where('profile_id', '<>', $profile->id)
          ->whereDate('created_at', '>', $timeago)
          ->orderBy('notifications.created_at', 'desc')
          ->simplePaginate(30);

        return view('account.following', compact('profile', 'notifications'));
    }

    public function verifyEmail(Request $request)
    {
        return view('account.verify_email');
    }

    public function sendVerifyEmail(Request $request)
    {
        $recentAttempt = EmailVerification::whereUserId(Auth::id())
          ->whereDate('created_at', '>', now()->subHours(12))->count();

        if ($recentAttempt > 0) {
            return redirect()->back()->with('error', 'A verification email has already been sent recently. Please check your email, or try again later.');
        } 

        EmailVerification::whereUserId(Auth::id())->delete();

        $user = User::whereNull('email_verified_at')->find(Auth::id());
        $utoken = str_random(40);
        $rtoken = str_random(128);

        $verify = new EmailVerification();
        $verify->user_id = $user->id;
        $verify->email = $user->email;
        $verify->user_token = $utoken;
        $verify->random_token = $rtoken;
        $verify->save();

        Mail::to($user->email)->send(new ConfirmEmail($verify));

        return redirect()->back()->with('status', 'Verification email sent!');
    }

    public function confirmVerifyEmail(Request $request, $userToken, $randomToken)
    {
        $verify = EmailVerification::where('user_token', $userToken)
          ->where('random_token', $randomToken)
          ->firstOrFail();

        if (Auth::id() === $verify->user_id &&
          $verify->user_token === $userToken &&
          $verify->random_token === $randomToken) {
            $user = User::find(Auth::id());
            $user->email_verified_at = Carbon::now();
            $user->save();

            return redirect('/');
        } else {
            abort(403);
        }
    }

    public function fetchNotifications(int $id)
    {
        $key = config('cache.prefix').":user.{$id}.notifications";
        $redis = Redis::connection();
        $notifications = $redis->lrange($key, 0, 30);
        if (empty($notifications)) {
            $notifications = Notification::whereProfileId($id)
          ->orderBy('id', 'desc')->take(30)->get();
        } else {
            $notifications = $this->hydrateNotifications($notifications);
        }

        return $notifications;
    }

    public function hydrateNotifications($keys)
    {
        $prefix = 'notification.';
        $notifications = collect([]);
        foreach ($keys as $key) {
            $notifications->push(Cache::get("{$prefix}{$key}"));
        }

        return $notifications;
    }

    public function messages()
    {
        return view('account.messages');
    }

    public function direct()
    {
        return view('account.direct');
    }

    public function showMessage(Request $request, $id)
    {
        return view('account.message');
    }

    public function mute(Request $request)
    {
        $this->validate($request, [
          'type' => 'required|alpha_dash',
          'item' => 'required|integer|min:1',
        ]);

        $user = Auth::user()->profile;
        $type = $request->input('type');
        $item = $request->input('item');
        $action = $type . '.mute';

        if (!in_array($action, $this->filters)) {
            return abort(406);
        }
        $filterable = [];
        switch ($type) {
          case 'user':
            $profile = Profile::findOrFail($item);
            if ($profile->id == $user->id) {
                return abort(403);
            }
            $class = get_class($profile);
            $filterable['id'] = $profile->id;
            $filterable['type'] = $class;
            break;

          default:
            // code...
            break;
        }

        $filter = UserFilter::firstOrCreate([
          'user_id'         => $user->id,
          'filterable_id'   => $filterable['id'],
          'filterable_type' => $filterable['type'],
          'filter_type'     => 'mute',
        ]);

        $pid = $user->id;
        Cache::forget("user:filter:list:$pid");
        Cache::forget("feature:discover:posts:$pid");
        Cache::forget("api:local:exp:rec:$pid");

        return redirect()->back();
    }

    public function unmute(Request $request)
    {
        $this->validate($request, [
          'type' => 'required|alpha_dash',
          'item' => 'required|integer|min:1',
        ]);

        $user = Auth::user()->profile;
        $type = $request->input('type');
        $item = $request->input('item');
        $action = $type . '.mute';

        if (!in_array($action, $this->filters)) {
            return abort(406);
        }
        $filterable = [];
        switch ($type) {
          case 'user':
            $profile = Profile::findOrFail($item);
            if ($profile->id == $user->id) {
                return abort(403);
            }
            $class = get_class($profile);
            $filterable['id'] = $profile->id;
            $filterable['type'] = $class;
            break;

          default:
            abort(400);
            break;
        }

        $filter = UserFilter::whereUserId($user->id)
            ->whereFilterableId($filterable['id'])
            ->whereFilterableType($filterable['type'])
            ->whereFilterType('mute')
            ->first();

        if($filter) {
            $filter->delete();
        }

        $pid = $user->id;
        Cache::forget("user:filter:list:$pid");
        Cache::forget("feature:discover:posts:$pid");
        Cache::forget("api:local:exp:rec:$pid");

        if($request->wantsJson()) {
            return response()->json([200]);
        } else {
            return redirect()->back();
        }
    }

    public function block(Request $request)
    {
        $this->validate($request, [
          'type' => 'required|alpha_dash',
          'item' => 'required|integer|min:1',
        ]);

        $user = Auth::user()->profile;
        $type = $request->input('type');
        $item = $request->input('item');
        $action = $type.'.block';
        if (!in_array($action, $this->filters)) {
            return abort(406);
        }
        $filterable = [];
        switch ($type) {
          case 'user':
            $profile = Profile::findOrFail($item);
            if ($profile->id == $user->id) {
                return abort(403);
            }
            $class = get_class($profile);
            $filterable['id'] = $profile->id;
            $filterable['type'] = $class;

            Follower::whereProfileId($profile->id)->whereFollowingId($user->id)->delete();
            Notification::whereProfileId($user->id)->whereActorId($profile->id)->delete();
            break;

          default:
            // code...
            break;
        }

        $filter = UserFilter::firstOrCreate([
          'user_id'         => $user->id,
          'filterable_id'   => $filterable['id'],
          'filterable_type' => $filterable['type'],
          'filter_type'     => 'block',
        ]);

        $pid = $user->id;
        Cache::forget("user:filter:list:$pid");
        Cache::forget("feature:discover:posts:$pid");
        Cache::forget("api:local:exp:rec:$pid");

        return redirect()->back();
    }


    public function unblock(Request $request)
    {
        $this->validate($request, [
          'type' => 'required|alpha_dash',
          'item' => 'required|integer|min:1',
        ]);

        $user = Auth::user()->profile;
        $type = $request->input('type');
        $item = $request->input('item');
        $action = $type . '.block';
        if (!in_array($action, $this->filters)) {
            return abort(406);
        }
        $filterable = [];
        switch ($type) {
          case 'user':
            $profile = Profile::findOrFail($item);
            if ($profile->id == $user->id) {
                return abort(403);
            }
            $class = get_class($profile);
            $filterable['id'] = $profile->id;
            $filterable['type'] = $class;
            break;

          default:
            abort(400);
            break;
        }


        $filter = UserFilter::whereUserId($user->id)
            ->whereFilterableId($filterable['id'])
            ->whereFilterableType($filterable['type'])
            ->whereFilterType('block')
            ->first();

        if($filter) {
            $filter->delete();
        }

        $pid = $user->id;
        Cache::forget("user:filter:list:$pid");
        Cache::forget("feature:discover:posts:$pid");
        Cache::forget("api:local:exp:rec:$pid");
        
        return redirect()->back();
    }

    public function followRequests(Request $request)
    {
        $pid = Auth::user()->profile->id;
        $followers = FollowRequest::whereFollowingId($pid)->orderBy('id','desc')->whereIsRejected(0)->simplePaginate(10);
        return view('account.follow-requests', compact('followers'));
    }

    public function followRequestHandle(Request $request)
    {
        $this->validate($request, [
            'action' => 'required|string|max:10',
            'id' => 'required|integer|min:1'
        ]);

        $pid = Auth::user()->profile->id;
        $action = $request->input('action') === 'accept' ? 'accept' : 'reject';
        $id = $request->input('id');
        $followRequest = FollowRequest::whereFollowingId($pid)->findOrFail($id);
        $follower = $followRequest->follower;

        switch ($action) {
            case 'accept':
                $follow = new Follower();
                $follow->profile_id = $follower->id;
                $follow->following_id = $pid;
                $follow->save();
                FollowPipeline::dispatch($follow);
                $followRequest->delete();
                break;

            case 'reject':
                $followRequest->is_rejected = true;
                $followRequest->save();
                break;
        }

        return response()->json(['msg' => 'success'], 200);
    }

    public function sudoMode(Request $request)
    {
        return view('auth.sudo');
    }

    public function sudoModeVerify(Request $request)
    {
        $this->validate($request, [
            'password' => 'required|string|max:500'
        ]);
        $user = Auth::user();
        $password = $request->input('password');
        $next = $request->session()->get('redirectNext', '/');
        if(password_verify($password, $user->password) === true) {
            $request->session()->put('sudoMode', time());
            return redirect($next);
        } else {
            return redirect()
                ->back()
                ->withErrors(['password' => __('auth.failed')]);
        }
    }

    public function twoFactorCheckpoint(Request $request)
    {
        return view('auth.checkpoint');
    }

    public function twoFactorVerify(Request $request)
    {
        $this->validate($request, [
            'code'  => 'required|string|max:32'
        ]);
        $user = Auth::user();
        $code = $request->input('code');
        $google2fa = new Google2FA();
        $verify = $google2fa->verifyKey($user->{'2fa_secret'}, $code);
        if($verify) {
            $request->session()->push('2fa.session.active', true);
            return redirect('/');
        } else {

            if($this->twoFactorBackupCheck($request, $code, $user)) {
                return redirect('/');
            }

            if($request->session()->has('2fa.attempts')) {
                $count = (int) $request->session()->has('2fa.attempts');
                $request->session()->push('2fa.attempts', $count + 1);
            } else {
                $request->session()->push('2fa.attempts', 1);
            }
            return redirect()->back()->withErrors([
                'code' => 'Invalid code'
            ]);
        }
    }

    protected function twoFactorBackupCheck($request, $code, User $user)
    {
            $backupCodes = $user->{'2fa_backup_codes'};
            if($backupCodes) {
                $codes = json_decode($backupCodes, true);
                foreach ($codes as $c) {
                    if(hash_equals($c, $code)) {
                        // remove code
                        $codes = array_flatten(array_diff($codes, [$code]));
                        $user->{'2fa_backup_codes'} = json_encode($codes);
                        $user->save();
                        $request->session()->push('2fa.session.active', true);
                        return true;
                    } else {
                        return false;
                    }
                }
            } else {
                return false;
            }  
    }

    public function accountRestored(Request $request)
    {
        //
    }
}
Add AccountController 2018-05-26 23:00:07 +00:00			`<?php`

			`namespace App\Http\Controllers;`

Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`use App\EmailVerification;`
Update AccountController 2018-09-03 04:01:51 +00:00			`use App\Follower;`
			`use App\FollowRequest;`
			`use App\Jobs\FollowPipeline\FollowPipeline;`
Add Email Verification 2018-06-14 05:30:43 +00:00			`use App\Mail\ConfirmEmail;`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`use App\Notification;`
			`use App\Profile;`
			`use App\User;`
			`use App\UserFilter;`
			`use Auth;`
			`use Cache;`
			`use Carbon\Carbon;`
			`use Illuminate\Http\Request;`
			`use Mail;`
			`use Redis;`
Prepare 2FA 2018-09-16 05:15:45 +00:00			`use PragmaRX\Google2FA\Google2FA;`
Add AccountController 2018-05-26 23:00:07 +00:00
			`class AccountController extends Controller`
			`{`
Update AccountController 2018-08-22 06:56:16 +00:00			`protected $filters = [`
			`'user.mute',`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'user.block',`
Update AccountController 2018-08-22 06:56:16 +00:00			`];`

Add AccountController 2018-05-26 23:00:07 +00:00			`public function __construct()`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$this->middleware('auth');`
Add AccountController 2018-05-26 23:00:07 +00:00			`}`

			`public function notifications(Request $request)`
			`{`
Update AccountController 2019-06-05 05:53:48 +00:00			`return view('account.activity');`
Add basic notification support 2018-05-27 03:25:04 +00:00			`}`

Update AccountController 2018-08-10 01:56:50 +00:00			`public function followingActivity(Request $request)`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$this->validate($request, [`
Update AccountController 2018-08-10 01:56:50 +00:00			`'page' => 'nullable\|min:1\|max:3',`
			`'a' => 'nullable\|alpha_dash',`
			`]);`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$profile = Auth::user()->profile;`
			`$action = $request->input('a');`
Update AccountController 2018-11-13 04:46:16 +00:00			`$allowed = ['like', 'follow'];`
Update AccountController 2018-10-10 01:22:09 +00:00			`$timeago = Carbon::now()->subMonths(3);`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$following = $profile->following->pluck('id');`
			`$notifications = Notification::whereIn('actor_id', $following)`
Update AccountController 2018-11-13 04:46:16 +00:00			`->whereIn('action', $allowed)`
			`->where('actor_id', '<>', $profile->id)`
Update AccountController 2018-11-19 04:47:41 +00:00			`->where('profile_id', '<>', $profile->id)`
Update AccountController 2018-08-10 01:56:50 +00:00			`->whereDate('created_at', '>', $timeago)`
Update AccountController 2018-10-10 01:22:09 +00:00			`->orderBy('notifications.created_at', 'desc')`
Update AccountController 2018-08-10 01:56:50 +00:00			`->simplePaginate(30);`

Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`return view('account.following', compact('profile', 'notifications'));`
Update AccountController 2018-08-10 01:56:50 +00:00			`}`

Add Email Verification 2018-06-14 05:30:43 +00:00			`public function verifyEmail(Request $request)`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`return view('account.verify_email');`
Add Email Verification 2018-06-14 05:30:43 +00:00			`}`

			`public function sendVerifyEmail(Request $request)`
			`{`
Update AccountController 2018-07-12 16:34:33 +00:00			`$recentAttempt = EmailVerification::whereUserId(Auth::id())`
Update AccountController 2019-06-05 06:30:32 +00:00			`->whereDate('created_at', '>', now()->subHours(12))->count();`
Update AccountController 2018-07-12 16:34:33 +00:00
Update AccountController 2019-06-05 06:30:32 +00:00			`if ($recentAttempt > 0) {`
Update AccountController 2018-07-12 16:34:33 +00:00			`return redirect()->back()->with('error', 'A verification email has already been sent recently. Please check your email, or try again later.');`
Update AccountController 2019-06-05 06:30:32 +00:00			`}`

			`EmailVerification::whereUserId(Auth::id())->delete();`
Update status template 2018-06-14 07:42:47 +00:00
Add Email Verification 2018-06-14 05:30:43 +00:00			`$user = User::whereNull('email_verified_at')->find(Auth::id());`
Update AccountController 2019-06-05 06:30:32 +00:00			`$utoken = str_random(40);`
			`$rtoken = str_random(128);`
Add Email Verification 2018-06-14 05:30:43 +00:00
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$verify = new EmailVerification();`
Add Email Verification 2018-06-14 05:30:43 +00:00			`$verify->user_id = $user->id;`
			`$verify->email = $user->email;`
			`$verify->user_token = $utoken;`
			`$verify->random_token = $rtoken;`
			`$verify->save();`

			`Mail::to($user->email)->send(new ConfirmEmail($verify));`

Fix typo 2018-08-18 21:19:14 +00:00			`return redirect()->back()->with('status', 'Verification email sent!');`
Add Email Verification 2018-06-14 05:30:43 +00:00			`}`

			`public function confirmVerifyEmail(Request $request, $userToken, $randomToken)`
			`{`
Update AccountController 2018-07-12 16:34:33 +00:00			`$verify = EmailVerification::where('user_token', $userToken)`
			`->where('random_token', $randomToken)`
Add Email Verification 2018-06-14 05:30:43 +00:00			`->firstOrFail();`
Update AccountController 2018-07-12 16:34:33 +00:00
Update AccountController 2019-06-05 06:30:32 +00:00			`if (Auth::id() === $verify->user_id &&`
			`$verify->user_token === $userToken &&`
			`$verify->random_token === $randomToken) {`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$user = User::find(Auth::id());`
			`$user->email_verified_at = Carbon::now();`
			`$user->save();`

			`return redirect('/');`
Update AccountController 2019-06-05 06:30:32 +00:00			`} else {`
			`abort(403);`
Add Email Verification 2018-06-14 05:30:43 +00:00			`}`
			`}`

Update AccountController 2019-04-08 03:08:57 +00:00			`public function fetchNotifications(int $id)`
Add basic notification support 2018-05-27 03:25:04 +00:00			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$key = config('cache.prefix').":user.{$id}.notifications";`
			`$redis = Redis::connection();`
			`$notifications = $redis->lrange($key, 0, 30);`
			`if (empty($notifications)) {`
			`$notifications = Notification::whereProfileId($id)`
			`->orderBy('id', 'desc')->take(30)->get();`
			`} else {`
			`$notifications = $this->hydrateNotifications($notifications);`
			`}`

			`return $notifications;`
Add basic notification support 2018-05-27 03:25:04 +00:00			`}`

			`public function hydrateNotifications($keys)`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`$prefix = 'notification.';`
			`$notifications = collect([]);`
			`foreach ($keys as $key) {`
			`$notifications->push(Cache::get("{$prefix}{$key}"));`
			`}`

			`return $notifications;`
Add AccountController 2018-05-26 23:00:07 +00:00			`}`
Update AccountController 2018-07-18 00:06:57 +00:00
Update AccountController 2018-08-22 06:56:16 +00:00			`public function messages()`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`return view('account.messages');`
Update AccountController 2018-08-22 06:56:16 +00:00			`}`

Add Direct view/method 2019-05-28 05:10:56 +00:00			`public function direct()`
			`{`
			`return view('account.direct');`
			`}`

Update AccountController 2018-08-22 06:56:16 +00:00			`public function showMessage(Request $request, $id)`
			`{`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`return view('account.message');`
Update AccountController 2018-08-22 06:56:16 +00:00			`}`

			`public function mute(Request $request)`
			`{`
			`$this->validate($request, [`
Update AccountController 2019-04-08 03:08:57 +00:00			`'type' => 'required\|alpha_dash',`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'item' => 'required\|integer\|min:1',`
Update AccountController 2018-08-22 06:56:16 +00:00			`]);`

			`$user = Auth::user()->profile;`
			`$type = $request->input('type');`
			`$item = $request->input('item');`
Update AccountController 2019-04-08 03:08:57 +00:00			`$action = $type . '.mute';`
Update AccountController 2018-08-22 06:56:16 +00:00
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`if (!in_array($action, $this->filters)) {`
			`return abort(406);`
Update AccountController 2018-08-22 06:56:16 +00:00			`}`
			`$filterable = [];`
			`switch ($type) {`
			`case 'user':`
			`$profile = Profile::findOrFail($item);`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`if ($profile->id == $user->id) {`
			`return abort(403);`
Update AccountController 2018-08-22 06:56:16 +00:00			`}`
			`$class = get_class($profile);`
			`$filterable['id'] = $profile->id;`
			`$filterable['type'] = $class;`
			`break;`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00
Update AccountController 2018-08-22 06:56:16 +00:00			`default:`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`// code...`
Update AccountController 2018-08-22 06:56:16 +00:00			`break;`
			`}`

			`$filter = UserFilter::firstOrCreate([`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'user_id' => $user->id,`
			`'filterable_id' => $filterable['id'],`
Update AccountController 2018-08-22 06:56:16 +00:00			`'filterable_type' => $filterable['type'],`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'filter_type' => 'mute',`
Update AccountController 2018-08-22 06:56:16 +00:00			`]);`

Update AccountController. Fixes #582 2018-11-22 19:30:20 +00:00			`$pid = $user->id;`
Update AccountController 2018-11-25 06:43:06 +00:00			`Cache::forget("user:filter:list:$pid");`
			`Cache::forget("feature:discover:posts:$pid");`
Update AccountController 2019-04-29 03:49:17 +00:00			`Cache::forget("api:local:exp:rec:$pid");`
Update AccountController. Fixes #582 2018-11-22 19:30:20 +00:00
Update AccountController 2018-08-22 06:56:16 +00:00			`return redirect()->back();`
			`}`

Update AccountController 2019-04-08 03:08:57 +00:00			`public function unmute(Request $request)`
			`{`
			`$this->validate($request, [`
			`'type' => 'required\|alpha_dash',`
			`'item' => 'required\|integer\|min:1',`
			`]);`

			`$user = Auth::user()->profile;`
			`$type = $request->input('type');`
			`$item = $request->input('item');`
			`$action = $type . '.mute';`

			`if (!in_array($action, $this->filters)) {`
			`return abort(406);`
			`}`
			`$filterable = [];`
			`switch ($type) {`
			`case 'user':`
			`$profile = Profile::findOrFail($item);`
			`if ($profile->id == $user->id) {`
			`return abort(403);`
			`}`
			`$class = get_class($profile);`
			`$filterable['id'] = $profile->id;`
			`$filterable['type'] = $class;`
			`break;`

			`default:`
			`abort(400);`
			`break;`
			`}`

			`$filter = UserFilter::whereUserId($user->id)`
			`->whereFilterableId($filterable['id'])`
			`->whereFilterableType($filterable['type'])`
			`->whereFilterType('mute')`
			`->first();`

			`if($filter) {`
			`$filter->delete();`
			`}`

			`$pid = $user->id;`
			`Cache::forget("user:filter:list:$pid");`
			`Cache::forget("feature:discover:posts:$pid");`
Update AccountController 2019-04-29 03:49:17 +00:00			`Cache::forget("api:local:exp:rec:$pid");`
Update AccountController 2019-04-08 03:08:57 +00:00
			`if($request->wantsJson()) {`
			`return response()->json([200]);`
			`} else {`
			`return redirect()->back();`
			`}`
			`}`

Update AccountController 2018-08-22 06:56:16 +00:00			`public function block(Request $request)`
			`{`
			`$this->validate($request, [`
Update AccountController 2019-04-08 03:08:57 +00:00			`'type' => 'required\|alpha_dash',`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'item' => 'required\|integer\|min:1',`
Update AccountController 2018-08-22 06:56:16 +00:00			`]);`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00
Update AccountController 2018-08-22 06:56:16 +00:00			`$user = Auth::user()->profile;`
			`$type = $request->input('type');`
			`$item = $request->input('item');`
Update AccountController 2019-04-08 03:08:57 +00:00			`$action = $type.'.block';`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`if (!in_array($action, $this->filters)) {`
			`return abort(406);`
Update AccountController 2018-08-22 06:56:16 +00:00			`}`
			`$filterable = [];`
			`switch ($type) {`
			`case 'user':`
			`$profile = Profile::findOrFail($item);`
Update AccountController. Fixes #582 2018-11-22 19:30:20 +00:00			`if ($profile->id == $user->id) {`
			`return abort(403);`
			`}`
Update AccountController 2018-08-22 06:56:16 +00:00			`$class = get_class($profile);`
			`$filterable['id'] = $profile->id;`
			`$filterable['type'] = $class;`
Update AccountController 2018-11-03 02:41:39 +00:00
			`Follower::whereProfileId($profile->id)->whereFollowingId($user->id)->delete();`
			`Notification::whereProfileId($user->id)->whereActorId($profile->id)->delete();`
Update AccountController 2018-08-22 06:56:16 +00:00			`break;`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00
Update AccountController 2018-08-22 06:56:16 +00:00			`default:`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`// code...`
Update AccountController 2018-08-22 06:56:16 +00:00			`break;`
			`}`

			`$filter = UserFilter::firstOrCreate([`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'user_id' => $user->id,`
			`'filterable_id' => $filterable['id'],`
Update AccountController 2018-08-22 06:56:16 +00:00			`'filterable_type' => $filterable['type'],`
Apply fixes from StyleCI 2018-08-28 03:07:36 +00:00			`'filter_type' => 'block',`
Update AccountController 2018-08-22 06:56:16 +00:00			`]);`

Update AccountController. Fixes #582 2018-11-22 19:30:20 +00:00			`$pid = $user->id;`
Update AccountController 2018-11-25 06:43:06 +00:00			`Cache::forget("user:filter:list:$pid");`
			`Cache::forget("feature:discover:posts:$pid");`
Update AccountController 2019-04-29 03:49:17 +00:00			`Cache::forget("api:local:exp:rec:$pid");`

Update AccountController 2018-08-22 06:56:16 +00:00			`return redirect()->back();`
			`}`
Update AccountController 2018-09-03 04:01:51 +00:00
Update AccountController 2019-04-08 03:08:57 +00:00
			`public function unblock(Request $request)`
			`{`
			`$this->validate($request, [`
			`'type' => 'required\|alpha_dash',`
			`'item' => 'required\|integer\|min:1',`
			`]);`

			`$user = Auth::user()->profile;`
			`$type = $request->input('type');`
			`$item = $request->input('item');`
			`$action = $type . '.block';`
			`if (!in_array($action, $this->filters)) {`
			`return abort(406);`
			`}`
			`$filterable = [];`
			`switch ($type) {`
			`case 'user':`
			`$profile = Profile::findOrFail($item);`
			`if ($profile->id == $user->id) {`
			`return abort(403);`
			`}`
			`$class = get_class($profile);`
			`$filterable['id'] = $profile->id;`
			`$filterable['type'] = $class;`
			`break;`

			`default:`
			`abort(400);`
			`break;`
			`}`


			`$filter = UserFilter::whereUserId($user->id)`
			`->whereFilterableId($filterable['id'])`
			`->whereFilterableType($filterable['type'])`
			`->whereFilterType('block')`
			`->first();`

			`if($filter) {`
			`$filter->delete();`
			`}`

			`$pid = $user->id;`
			`Cache::forget("user:filter:list:$pid");`
			`Cache::forget("feature:discover:posts:$pid");`
Update AccountController 2019-04-29 03:49:17 +00:00			`Cache::forget("api:local:exp:rec:$pid");`

Update AccountController 2019-04-08 03:08:57 +00:00			`return redirect()->back();`
			`}`

Update AccountController 2018-09-03 04:01:51 +00:00			`public function followRequests(Request $request)`
			`{`
			`$pid = Auth::user()->profile->id;`
			`$followers = FollowRequest::whereFollowingId($pid)->orderBy('id','desc')->whereIsRejected(0)->simplePaginate(10);`
			`return view('account.follow-requests', compact('followers'));`
			`}`

			`public function followRequestHandle(Request $request)`
			`{`
			`$this->validate($request, [`
			`'action' => 'required\|string\|max:10',`
			`'id' => 'required\|integer\|min:1'`
			`]);`

			`$pid = Auth::user()->profile->id;`
			`$action = $request->input('action') === 'accept' ? 'accept' : 'reject';`
			`$id = $request->input('id');`
			`$followRequest = FollowRequest::whereFollowingId($pid)->findOrFail($id);`
			`$follower = $followRequest->follower;`

			`switch ($action) {`
			`case 'accept':`
			`$follow = new Follower();`
			`$follow->profile_id = $follower->id;`
			`$follow->following_id = $pid;`
			`$follow->save();`
			`FollowPipeline::dispatch($follow);`
			`$followRequest->delete();`
			`break;`

			`case 'reject':`
			`$followRequest->is_rejected = true;`
			`$followRequest->save();`
			`break;`
			`}`

			`return response()->json(['msg' => 'success'], 200);`
			`}`
Update AccountController 2018-09-09 20:22:15 +00:00
			`public function sudoMode(Request $request)`
			`{`
			`return view('auth.sudo');`
			`}`

			`public function sudoModeVerify(Request $request)`
			`{`
			`$this->validate($request, [`
			`'password' => 'required\|string\|max:500'`
			`]);`
			`$user = Auth::user();`
			`$password = $request->input('password');`
Update DangerZone middleware to use session instead of cookie 2018-09-10 03:44:51 +00:00			`$next = $request->session()->get('redirectNext', '/');`
Update AccountController 2018-09-09 20:22:15 +00:00			`if(password_verify($password, $user->password) === true) {`
Update DangerZone middleware to use session instead of cookie 2018-09-10 03:44:51 +00:00			`$request->session()->put('sudoMode', time());`
			`return redirect($next);`
Update AccountController, fix #456 2018-09-13 03:45:08 +00:00			`} else {`
			`return redirect()`
			`->back()`
			`->withErrors(['password' => __('auth.failed')]);`
Update AccountController 2018-09-09 20:22:15 +00:00			`}`
			`}`
Prepare 2FA 2018-09-16 05:15:45 +00:00
			`public function twoFactorCheckpoint(Request $request)`
			`{`
			`return view('auth.checkpoint');`
			`}`

			`public function twoFactorVerify(Request $request)`
			`{`
			`$this->validate($request, [`
			`'code' => 'required\|string\|max:32'`
			`]);`
			`$user = Auth::user();`
			`$code = $request->input('code');`
			`$google2fa = new Google2FA();`
			`$verify = $google2fa->verifyKey($user->{'2fa_secret'}, $code);`
			`if($verify) {`
			`$request->session()->push('2fa.session.active', true);`
			`return redirect('/');`
			`} else {`
Update AccountController, allow 2FA backup codes 2018-12-28 04:34:51 +00:00
			`if($this->twoFactorBackupCheck($request, $code, $user)) {`
			`return redirect('/');`
			`}`

Update 2fa, logout user after two failed attempts 2018-10-26 01:49:35 +00:00			`if($request->session()->has('2fa.attempts')) {`
			`$count = (int) $request->session()->has('2fa.attempts');`
			`$request->session()->push('2fa.attempts', $count + 1);`
			`} else {`
			`$request->session()->push('2fa.attempts', 1);`
			`}`
Prepare 2FA 2018-09-16 05:15:45 +00:00			`return redirect()->back()->withErrors([`
			`'code' => 'Invalid code'`
			`]);`
			`}`
			`}`
Update AccountController, allow 2FA backup codes 2018-12-28 04:34:51 +00:00
			`protected function twoFactorBackupCheck($request, $code, User $user)`
			`{`
			`$backupCodes = $user->{'2fa_backup_codes'};`
			`if($backupCodes) {`
			`$codes = json_decode($backupCodes, true);`
			`foreach ($codes as $c) {`
			`if(hash_equals($c, $code)) {`
			`// remove code`
			`$codes = array_flatten(array_diff($codes, [$code]));`
			`$user->{'2fa_backup_codes'} = json_encode($codes);`
			`$user->save();`
			`$request->session()->push('2fa.session.active', true);`
			`return true;`
			`} else {`
			`return false;`
			`}`
			`}`
			`} else {`
			`return false;`
			`}`
			`}`

			`public function accountRestored(Request $request)`
			`{`
			`//`
			`}`
Add AccountController 2018-05-26 23:00:07 +00:00			`}`