Removing 4 word bollocks and fixing rootless supervisor for podman
This commit is contained in:
parent
a22db4ee0f
commit
82ed2e3ce2
8 changed files with 26 additions and 160 deletions
|
|
@ -51,7 +51,9 @@ class MagicLinkController extends Controller
|
|||
// Queue the magic link email
|
||||
Mail::to($email)->queue(new MagicLoginLink($loginUrl, $token->plain_code, 15));
|
||||
|
||||
return back()->with('status', 'Check your email for a login link and code!');
|
||||
return redirect()->route('verify-code')
|
||||
->with('status', 'Check your email for your login code!')
|
||||
->with('email', $email);
|
||||
} catch (ValidationException $e) {
|
||||
throw $e;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ use Illuminate\Database\Eloquent\Builder;
|
|||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Illuminate\Support\Str;
|
||||
|
||||
class MagicLoginToken extends Model
|
||||
{
|
||||
|
|
@ -48,13 +48,13 @@ class MagicLoginToken extends Model
|
|||
public static function generate(string $email, ?string $ip = null, ?string $ua = null): self
|
||||
{
|
||||
$emailHash = User::hashEmail($email);
|
||||
$wordToken = self::generateWordToken();
|
||||
$token = Str::random(64);
|
||||
$code = str_pad((string) random_int(0, 999999), 6, '0', STR_PAD_LEFT);
|
||||
|
||||
return self::create([
|
||||
'email_hash' => $emailHash,
|
||||
'token_hash' => Hash::make($wordToken),
|
||||
'plain_token' => $wordToken,
|
||||
'token_hash' => Hash::make($token),
|
||||
'plain_token' => $token,
|
||||
'code_hash' => Hash::make($code),
|
||||
'plain_code' => $code,
|
||||
'expires_at' => now()->addMinutes(15),
|
||||
|
|
@ -63,27 +63,6 @@ class MagicLoginToken extends Model
|
|||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a unique 4-word token from the word list.
|
||||
*/
|
||||
public static function generateWordToken(): string
|
||||
{
|
||||
$words = explode("\n", trim(Storage::get('words.txt')));
|
||||
|
||||
do {
|
||||
$selectedWords = [];
|
||||
for ($i = 0; $i < 4; $i++) {
|
||||
$selectedWords[] = $words[array_rand($words)];
|
||||
}
|
||||
$token = implode('-', $selectedWords);
|
||||
|
||||
// Check for uniqueness in database
|
||||
$exists = self::where('plain_token', $token)->exists();
|
||||
} while ($exists);
|
||||
|
||||
return $token;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the token is valid (not expired and not used).
|
||||
*/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue