From f2378e4c0a6611a12020a2f14caa2840531b1e30 Mon Sep 17 00:00:00 2001 From: thule129 Date: Thu, 21 Aug 2025 07:14:59 +0700 Subject: [PATCH 1/4] first attempt --- .../Controllers/Auth/RegisteredUserController.php | 2 +- app/Http/Controllers/ProfileController.php | 10 ++++++++++ app/Models/User.php | 2 +- resources/views/auth/profile.blade.php | 4 ++-- resources/views/layouts/navigation.blade.php | 9 ++++++--- routes/web.php | 11 +++++++---- 6 files changed, 27 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/Auth/RegisteredUserController.php b/app/Http/Controllers/Auth/RegisteredUserController.php index d8d29eb5..542138c6 100644 --- a/app/Http/Controllers/Auth/RegisteredUserController.php +++ b/app/Http/Controllers/Auth/RegisteredUserController.php @@ -37,7 +37,7 @@ public function store(Request $request) $request->validate([ 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], - 'password' => ['required', 'confirmed', Rules\Password::defaults()], + 'password' => ['required', 'confirmed', Rules\Password::defaults(), 'min:8', 'regex:/[a-zA-Z]/'], ]); $user = User::create([ diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index e0093a49..2aa61b25 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -15,6 +15,16 @@ public function update(ProfileUpdateRequest $request) { // Task: fill in the code here to update name and email // Also, update the password if it is set + $user = Auth::user(); + + $user->email = $request->email; + $user->name = $request->name; + + if ($request->password) { + $user->password = $request->password; + } + + $user->save(); return redirect()->route('profile.show')->with('success', 'Profile updated.'); } diff --git a/app/Models/User.php b/app/Models/User.php index e23e0905..12a2354b 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -8,7 +8,7 @@ use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; -class User extends Authenticatable +class User extends Authenticatable implements MustVerifyEmail { use HasApiTokens, HasFactory, Notifiable; diff --git a/resources/views/auth/profile.blade.php b/resources/views/auth/profile.blade.php index 70e8a8e1..c16e6902 100644 --- a/resources/views/auth/profile.blade.php +++ b/resources/views/auth/profile.blade.php @@ -29,7 +29,7 @@ class="block mt-1 w-full" type="text" name="name" - value="???" + value="{{ auth()->user()->name }}" required /> @@ -40,7 +40,7 @@ class="block mt-1 w-full" class="block mt-1 w-full" type="email" name="email" - value="???" + value="{{ auth()->user()->email }}" required /> diff --git a/resources/views/layouts/navigation.blade.php b/resources/views/layouts/navigation.blade.php index 785936e7..f9f703b2 100644 --- a/resources/views/layouts/navigation.blade.php +++ b/resources/views/layouts/navigation.blade.php @@ -16,9 +16,12 @@ {{ __('Users') }} {{-- Task: this "Profile" link should be visible only to logged-in users --}} - - {{ __('Profile') }} - + @auth + + {{ __('Profile') }} + + @endauth + diff --git a/routes/web.php b/routes/web.php index 71d04297..683ccfac 100644 --- a/routes/web.php +++ b/routes/web.php @@ -20,17 +20,20 @@ Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index'); // Task: profile functionality should be available only for logged-in users -Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show'); -Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update'); +Route::group([middleware => 'auth'], function() { + Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show'); + Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update'); +}); + // Task: this "/secretpage" URL should be visible only for those who VERIFIED their email // Add some middleware here, and change some code in app/Models/User.php to enable this Route::view('/secretpage', 'secretpage') - ->name('secretpage'); + ->name('secretpage')->middleware('verified'); // Task: this "/verysecretpage" URL should ask user for verifying their password once again // You need to add some middleware here Route::view('/verysecretpage', 'verysecretpage') - ->name('verysecretpage'); + ->name('verysecretpage')->middleware('password.confirm'); require __DIR__.'/auth.php'; From c76675f7d0e0c49aebadffdbc8016f6c1abb1187 Mon Sep 17 00:00:00 2001 From: thule129 Date: Thu, 21 Aug 2025 07:17:26 +0700 Subject: [PATCH 2/4] first attempt --- routes/web.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routes/web.php b/routes/web.php index 683ccfac..fe51f627 100644 --- a/routes/web.php +++ b/routes/web.php @@ -20,7 +20,7 @@ Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index'); // Task: profile functionality should be available only for logged-in users -Route::group([middleware => 'auth'], function() { +Route::group(['middleware' => ['auth']], function() { Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show'); Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update'); }); From 5520f639c5aa5534bf7f74b3fd815a42cf9006aa Mon Sep 17 00:00:00 2001 From: thule129 Date: Thu, 21 Aug 2025 07:20:55 +0700 Subject: [PATCH 3/4] fix typo --- app/Http/Controllers/ProfileController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 2aa61b25..03413388 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -15,7 +15,7 @@ public function update(ProfileUpdateRequest $request) { // Task: fill in the code here to update name and email // Also, update the password if it is set - $user = Auth::user(); + $user = auth()->user(); $user->email = $request->email; $user->name = $request->name; From 460b48518078d59337343dbb04a1261a554e60ab Mon Sep 17 00:00:00 2001 From: thule129 Date: Thu, 21 Aug 2025 07:31:34 +0700 Subject: [PATCH 4/4] hash password before save --- app/Http/Controllers/ProfileController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 03413388..398527ed 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -3,6 +3,7 @@ namespace App\Http\Controllers; use App\Http\Requests\ProfileUpdateRequest; +use Illuminate\Support\Facades\Hash; class ProfileController extends Controller { @@ -21,7 +22,7 @@ public function update(ProfileUpdateRequest $request) $user->name = $request->name; if ($request->password) { - $user->password = $request->password; + $user->password = Hash::make($request->password); } $user->save();