Merge pull request #15 from cendekia/add-change-password

Add Change Password Feature - closes #14
7 years ago · 253b66ec4e
14 changed files with 229 additions and 2 deletions
--- a/app/Http/Controllers/ChangePasswordController.php
+++ b/app/Http/Controllers/ChangePasswordController.php
@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use App\Http\Requests\Users\UpdatePasswordRequest;
+
+class ChangePasswordController extends Controller
+{
+    public function show()
+    {
+    	return view('users.change-password');
+    }
+
+    public function update(UpdatePasswordRequest $request)
+    {
+    	$user = \Auth::user();
+        $user->password = bcrypt($request->new_password);
+        
+        if ($user->save()) $updateResponse = array('success' => trans('auth.change_password_success'));
+        else $updateResponse = array('error' => trans('auth.change_password_error'));
+
+    	return redirect()->back()->with($updateResponse); 
+    }
+}
--- a/app/Http/Requests/Users/UpdatePasswordRequest.php
+++ b/app/Http/Requests/Users/UpdatePasswordRequest.php
@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Requests\Users;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdatePasswordRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'old_password'  => 'min:6|max:15|current_password',
+            'new_password'  => 'min:6|max:15|same_password|confirmed',
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'old_password.current_password' => trans('passwords.old_password'),
+            'new_password.same_password' => trans('passwords.same_password'),
+        ];
+    }
+}
--- a/app/Http/Requests/Users/UpdateRequest.php
+++ b/app/Http/Requests/Users/UpdateRequest.php
@ -39,4 +39,12 @@ class UpdateRequest extends FormRequest
            'password'  => 'nullable|min:6|max:15',
        ];
    }
+
+    public function messages()
+    {
+        return [
+            'password.current_password'  => trans('passwords.old_password'),
+            'new_password.same_password' => trans('passwords.same_password'),
+        ];
+    }
 }
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -19,6 +19,18 @@ class AppServiceProvider extends ServiceProvider
        if($this->app->environment() === 'production') {
            $this->app['request']->server->set('HTTPS', true);
        }
+
+        \Validator::extend('current_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && \Hash::check($value, $user->password);
+        });
+
+        \Validator::extend('same_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && !\Hash::check($value, $user->password);
+        });
    }

    /**
--- a/resources/lang/en/auth.php
+++ b/resources/lang/en/auth.php
@ -19,6 +19,7 @@ return [
    'password'                  => 'Password',
    'login'                     => 'Login',
    'logout'                    => 'Logout',
+    'back'                      => 'Back',
    'register'                  => 'Create new Account',
    'have_an_account'           => 'I have an Account',
    'need_account'              => 'Need an Account?',
@ -30,4 +31,6 @@ return [
    'new_password'              => 'New Password',
    'new_password_confirmation' => 'Repeat New Password',
    'send_reset_password_link'  => 'Send Reset Password Link',
+    'change_password_success'   => 'Your password has changed',
+    'change_password_error'    => 'Uh-oh, change password failed',
 ];
--- a/resources/lang/en/passwords.php
+++ b/resources/lang/en/passwords.php
@ -18,5 +18,6 @@ return [
    'sent'     => 'We have e-mailed your password reset link!',
    'token'    => 'This password reset token is invalid.',
    'user'     => "We can't find a user with that e-mail address.",
-
+    "old_password" => "Your current password does not matches with the password you provided. Please try again.",
+    "same_password" => "New password cannot be same as your current password. Please choose a different password."
 ];
--- a/resources/lang/id/auth.php
+++ b/resources/lang/id/auth.php
@ -19,6 +19,7 @@ return [
    'password'                  => 'Password',
    'login'                     => 'Login',
    'logout'                    => 'Keluar',
+    'back'                      => 'Kembali',
    'register'                  => 'Buat Akun Baru',
    'have_an_account'           => 'Saya sudah punya Akun',
    'need_account'              => 'Belum punya Akun?',
@ -30,4 +31,6 @@ return [
    'new_password'              => 'Password Baru',
    'new_password_confirmation' => 'Ulangi Password Baru',
    'send_reset_password_link'  => 'Kirim Link Reset Password',
+    'change_password_success'   => 'Password Anda sudah berhasil di ubah.',
+    'change_password_error'     => 'Awww, sistem gagal merubah password Anda',
 ];
--- a/resources/lang/id/passwords.php
+++ b/resources/lang/id/passwords.php
@ -18,5 +18,7 @@ return [
    "sent"      => "Kami sudah mengirim email yang berisi tautan untuk mereset Password Anda!",
    "token"     => "Token Reset Password tidak sah.",
    "user"      => "Kami tidak dapat menemukan pengguna dengan email tersebut.",
+    "old_password" => "Password yang Anda masukan tidak sesuai dengan password yang tersimpan. Silahkan coba kembali.",
+    "same_password" => "Password baru Anda tidak boleh sama dengan password lama. Silahkan pilih password yang berbeda."

 ];
--- a/resources/views/layouts/partials/nav.blade.php
+++ b/resources/views/layouts/partials/nav.blade.php
@ -40,6 +40,7 @@
                        <ul class="dropdown-menu" role="menu">
                            <li><a href="{{ route('backups.index') }}">{{ trans('backup.list') }}</a></li>
                            <li><a href="{{ route('profile') }}">{{ trans('app.my_profile') }}</a></li>
+                            <li><a href="{{ route('profile.change-password.form') }}">{{ trans('auth.change_password') }}</a></li>
                            <li>
                                <a href="{{ route('logout') }}"
                                    onclick="event.preventDefault();
--- a/resources/views/users/change-password.blade.php
+++ b/resources/views/users/change-password.blade.php
@ -0,0 +1,74 @@
+@extends('layouts.app')
+
+@section('content')
+<div class="container">
+    <div class="row">
+        <div class="col-md-8 col-md-offset-2">
+            <div class="panel panel-default">
+                <div class="panel-heading">{{ trans('auth.change_password') }}</div>
+
+                <div class="panel-body">
+                    @if (session('success') or session('error'))
+                        <div class="alert alert-{{ session('success') ? 'success' : 'danger' }}">
+                            {{ session('success') ?: session('error')}}
+                        </div>
+                    @endif
+                    <form class="form-horizontal" role="form" method="POST" action="{{ route('profile.change-password.update') }}">
+                        {{ csrf_field() }}
+                        <div class="form-group{{ $errors->has('old_password') ? ' has-error' : '' }}">
+                            <label for="old_password" class="col-md-4 control-label">{{ trans('auth.old_password') }}</label>
+
+                            <div class="col-md-6">
+                                <input id="old_password" type="password" class="form-control" name="old_password" placeholder="******">
+
+                                @if ($errors->has('old_password'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('old_password') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+
+                        <div class="form-group{{ $errors->has('new_password') ? ' has-error' : '' }}">
+                            <label for="new_password" class="col-md-4 control-label">{{ trans('auth.new_password') }}</label>
+
+                            <div class="col-md-6">
+                                <input id="new_password" type="password" class="form-control" name="new_password" placeholder="******">
+
+                                @if ($errors->has('new_password'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('new_password') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+
+                        <div class="form-group{{ $errors->has('new_password_confirmation') ? ' has-error' : '' }}">
+                            <label for="new_password-confirm" class="col-md-4 control-label">{{ trans('auth.new_password_confirmation') }}</label>
+                            <div class="col-md-6">
+                                <input id="new_password-confirm" type="password" class="form-control" name="new_password_confirmation" placeholder="******">
+
+                                @if ($errors->has('new_password_confirmation'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('new_password_confirmation') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <div class="col-md-6 col-md-offset-4">
+                                <button type="submit" class="btn btn-primary">
+                                    {{ trans('auth.change_password') }}
+                                </button>
+                                <a href="{{ url()->previous() }}" class="btn">
+                                    {{ trans('auth.back') }}
+                                </a>
+                            </div>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+@endsection
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@ -89,7 +89,7 @@
                <div class="panel-heading"><h3 class="panel-title">{{ trans('app.login_account') }}</h3></div>
                <div class="panel-body">
                    {!! FormField::email('email', ['label' => trans('auth.email'), 'placeholder' => trans('app.example').' nama@mail.com']) !!}
-                    {!! FormField::text('password', ['label' => trans('auth.password'), 'placeholder' => '******', 'value' => '']) !!}
+                    {!! FormField::password('password', ['label' => trans('auth.old_password'), 'placeholder' => '******', 'value' => '']) !!}
                </div>
            </div>
            <div class="text-right">
--- a/routes/web.php
+++ b/routes/web.php
@ -24,6 +24,9 @@ Route::post('family-actions/{user}/add-wife', 'FamilyActionsController@addWife')
 Route::post('family-actions/{user}/add-husband', 'FamilyActionsController@addHusband')->name('family-actions.add-husband');
 Route::post('family-actions/{user}/set-parent', 'FamilyActionsController@setParent')->name('family-actions.set-parent');

+Route::get('profile/update-password', 'ChangePasswordController@show')->middleware('auth')->name('profile.change-password.form');
+Route::post('profile/update-password', 'ChangePasswordController@update')->middleware('auth')->name('profile.change-password.update');
+
 Route::get('profile-search', 'UsersController@search')->name('users.search');
 Route::get('users/{user}', 'UsersController@show')->name('users.show');
 Route::get('users/{user}/edit', 'UsersController@edit')->name('users.edit');
--- a/tests/CreatesApplication.php
+++ b/tests/CreatesApplication.php
@ -16,6 +16,7 @@ trait CreatesApplication
        $app = require __DIR__.'/../bootstrap/app.php';

        $app->make(Kernel::class)->bootstrap();
+        \Hash::setRounds(4);

        return $app;
    }
--- a/tests/Feature/ChangePasswordTest.php
+++ b/tests/Feature/ChangePasswordTest.php
@ -0,0 +1,55 @@
+<?php
+
+namespace Tests\Feature\Auth;
+
+use Tests\TestCase;
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+
+class ChangePasswordTest extends TestCase
+{
+    use DatabaseMigrations;
+
+    /** @test */
+    public function user_can_change_password()
+    {
+        $user = $this->loginAsUser(['password' => bcrypt('secret')]);
+
+        $this->visit(route('home'));
+        $this->click(trans('auth.change_password'));
+
+        $this->submitForm(trans('auth.change_password'), [
+            'old_password'              => 'secret',
+            'new_password'              => 'rahasia',
+            'new_password_confirmation' => 'rahasia',
+        ]);
+
+        $this->seeText(trans('auth.change_password_success'));
+
+        $this->assertTrue(
+            app('hash')->check('rahasia', $user->password),
+            'The password should changed!'
+        );
+    }
+
+    /** @test */
+    public function user_cannot_change_password_if_old_password_wrong()
+    {
+        $user = $this->loginAsUser(['password' => bcrypt('secret')]);
+
+        $this->visit(route('home'));
+        $this->click(trans('auth.change_password'));
+
+        $this->submitForm(trans('auth.change_password'), [
+            'old_password'              => 'member1',
+            'new_password'              => 'rahasia',
+            'new_password_confirmation' => 'rahasia',
+        ]);
+
+        $this->seeText(trans('passwords.old_password'));
+
+        $this->assertTrue(
+            app('hash')->check('secret', $user->password),
+            'The password shouldn\'t changed!'
+        );
+    }
+}