Added optional authentication

2025-12-26 23:21:36 +01:00 · 2020-08-21 17:31:43 +01:00
parent cd87a902a7
commit e10b4dccde
31 changed files with 149588 additions and 107 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -8,11 +8,14 @@ use App\Helpers\EmailVerificationHelper;
 use Illuminate\Support\Facades\Auth;
 use App\Http\Controllers\Controller;
 use App\LoginSession;
+use App\Rules\CurrentPasswordMatches;
 use App\User;
 use DateTime;
+use Hash;
 use Illuminate\Support\Facades\Request as RequestFacade;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Validator;
+use Log;
 use Ramsey\Uuid\Uuid;

 class AuthController extends Controller
@@ -164,6 +167,10 @@ class AuthController extends Controller
            [ 'expires', '>', time() ]
        ])->get();

+        $sessions = $sessions->map(function ($item) {
+            return collect($item)->forget(['token']);
+        });
+
        return response()->json([
            'method' => 'get auth sessions',
            'response' => $sessions
@@ -211,4 +218,36 @@ class AuthController extends Controller
            'success' => true,
        ], 200);
    }
+
+    public function changePassword(Request $request)
+    {
+        $rules = [
+            'currentPassword' => [ 'string', 'required', new CurrentPasswordMatches() ],
+            'newPassword' => [ 'required', 'string', 'confirmed', 'min:8' ],
+            'logoutDevices' => [ 'required', 'bool' ]
+        ];
+
+        $validator = Validator::make($request->all(), $rules);
+        if($validator->fails()) {
+            return response()->json([
+                'method' => 'reset password',
+                'success' => false,
+                'error' => $validator->errors()
+            ], 403);
+        }
+
+        $user = Auth::user();
+
+        $user->password = $request->newPassword;
+        $user->save();
+
+        if($request->logoutDevices == true) {
+            AuthLoginSession::where('user_id', $user->id)->update([ 'active' => false ]);
+        }
+
+        return response()->json([
+            'method' => 'reset password',
+            'success' => true
+        ], 200);
+    }
 }
--- a/app/Http/Controllers/BackupController.php
+++ b/app/Http/Controllers/BackupController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;

 use App\Helpers\BackupHelper;
+use App\Helpers\SettingsHelper;
 use DateTime;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
@@ -12,6 +13,13 @@ use Illuminate\Http\JsonResponse;
 class BackupController extends Controller
 {

+    public function __construct()
+    {
+        if((bool)SettingsHelper::get('auth')->value === true) {
+            $this->middleware('auth:api');
+        }
+    }
+
    /**
     * Get backup of speedtests
     *
--- a/app/Http/Controllers/IntegrationsController.php
+++ b/app/Http/Controllers/IntegrationsController.php
@@ -13,6 +13,13 @@ use Ramsey\Uuid\Exception\InvalidUuidStringException;

 class IntegrationsController extends Controller
 {
+    public function __construct()
+    {
+        if((bool)SettingsHelper::get('auth')->value === true) {
+            $this->middleware('auth:api');
+        }
+    }
+
    /**
     * Test the healthchecks config
     *
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -13,6 +13,13 @@ use Illuminate\Support\Collection;

 class SettingsController extends Controller
 {
+    public function __construct()
+    {
+        if((bool)SettingsHelper::get('auth')->value === true) {
+            $this->middleware('auth:api')
+                 ->except([ 'config' ]);
+        }
+    }

    /**
     * Return all settings
--- a/app/Http/Controllers/SpeedtestController.php
+++ b/app/Http/Controllers/SpeedtestController.php
@@ -2,6 +2,7 @@

 namespace App\Http\Controllers;

+use App\Helpers\SettingsHelper;
 use App\Helpers\SpeedtestHelper;
 use App\Jobs\SpeedtestJob;
 use App\Speedtest;
@@ -15,6 +16,13 @@ use Illuminate\Http\JsonResponse;

 class SpeedtestController extends Controller
 {
+    public function __construct()
+    {
+        if((bool)SettingsHelper::get('auth')->value === true) {
+            $this->middleware('auth:api')
+                 ->only([ 'run', 'delete', 'deleteAll' ]);
+        }
+    }

    /**
     * Returns paginated list of speedtests
--- a/app/Http/Controllers/UpdateController.php
+++ b/app/Http/Controllers/UpdateController.php
@@ -2,6 +2,7 @@

 namespace App\Http\Controllers;

+use App\Helpers\SettingsHelper;
 use Exception;
 use Updater;
 use Illuminate\Http\Request;
@@ -9,6 +10,12 @@ use Illuminate\Http\JsonResponse;

 class UpdateController extends Controller
 {
+    public function __construct()
+    {
+        if((bool)SettingsHelper::get('auth')->value === true) {
+            $this->middleware('auth:api');
+        }
+    }

    /**
     * Check for new update
--- a/app/Http/Middleware/CheckForMaintenanceMode.php
+++ b/app/Http/Middleware/CheckForMaintenanceMode.php