Merge branch 'develop' into feature/-81-Zmena-hesla-používateľa

backend/app/Http/Controllers/Auth/RegisteredUserController.php

@@ -3,6 +3,7 @@
 namespace App\Http\Controllers\Auth;
 
 use App\Http\Controllers\Controller;
+use App\Mail\UserAccountActivated;
 use App\Mail\UserPasswordReset;
 use App\Mail\UserRegistrationCompleted;
 use App\Models\Company;
@@ -25,6 +26,7 @@ class RegisteredUserController extends Controller
     public function store(Request $request): Response
     {
         $password = bin2hex(random_bytes(16));
+        $activation_token = bin2hex(random_bytes(16));
 
         $request->validate([
             'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:' . User::class],
@@ -58,6 +60,7 @@ class RegisteredUserController extends Controller
                 'phone' => $request->phone,
                 'role' => $request->role,
                 'password' => Hash::make($password),
+                'activation_token' => $activation_token
             ]);
 
             if ($user->role === "STUDENT") {
@@ -83,12 +86,33 @@ class RegisteredUserController extends Controller
             throw $e;
         }
 
-        Mail::to($user)->sendNow(new UserRegistrationCompleted($user->name, $password));
+        Mail::to($user)->sendNow(new UserRegistrationCompleted($user->name, $activation_token));
         event(new Registered($user));
 
         return response()->noContent();
     }
 
+    public function activate(Request $request) {
+        $request->validate([
+            'token' => ['required', 'string', 'exists:users,activation_token'],
+            'password' => ['required', 'string', 'min:8'],
+        ]);
+
+        $user = User::where('activation_token', '=', $request->token)->first();
+                
+        if (!$user) {
+            return response()->json(['message' => 'Invalid activation token'], 400);
+        }
+
+        $user->active = true;
+        $user->activation_token = null;
+        $user->password = Hash::make($request->password);
+        $user->save();
+
+        Mail::to($user)->sendNow(new UserAccountActivated($user->name));
+        return response()->noContent();
+    }
+
     public function reset_password(Request $request): Response
     {
         $request->validate([

backend/app/Http/Requests/Auth/LoginRequest.php

@@ -49,6 +49,15 @@ class LoginRequest extends FormRequest
             ]);
         }
 
+        // Check if the authenticated user's account is active
+        if (! Auth::user()->active) {
+            Auth::logout();
+            
+            throw ValidationException::withMessages([
+                'email' => __('auth.inactive_account'),
+            ]);
+        }
+
         RateLimiter::clear($this->throttleKey());
     }
 

backend/app/Mail/UserAccountActivated.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Mail;
+
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+use Illuminate\Queue\SerializesModels;
+
+class UserAccountActivated extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    private string $name;
+
+    /**
+     * Create a new message instance.
+     */
+    public function __construct(string $name)
+    {
+        $this->name = $name;
+    }
+
+    /**
+     * Get the message envelope.
+     */
+    public function envelope(): Envelope
+    {
+        return new Envelope(
+            subject: 'User Account Activated',
+        );
+    }
+
+    /**
+     * Get the message content definition.
+     */
+    public function content(): Content
+    {
+        return new Content(
+            view: 'mail.activation.completed',
+            with: [
+                "name" => $this->name,
+            ]
+        );
+    }
+
+    /**
+     * Get the attachments for the message.
+     *
+     * @return array<int, \Illuminate\Mail\Mailables\Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+}

backend/app/Mail/UserRegistrationCompleted.php

@@ -14,15 +14,15 @@ class UserRegistrationCompleted extends Mailable
     use Queueable, SerializesModels;
 
     private string $name;
-    private string $password;
+    private string $activation_token;
 
     /**
      * Create a new message instance.
      */
-    public function __construct(string $name, string $password)
+    public function __construct(string $name, string $activation_token)
     {
         $this->name = $name;
-        $this->password = $password;
+        $this->activation_token = $activation_token;
     }
 
     /**
@@ -44,7 +44,7 @@ class UserRegistrationCompleted extends Mailable
             view: 'mail.registration.completed',
             with: [
                 "name" => $this->name,
-                "password" => $this->password
+                "activation_token" => $this->activation_token
             ]
         );
     }

backend/app/Models/User.php

@@ -25,6 +25,9 @@ class User extends Authenticatable
         'email',
         'role',
         'password',
+        'active',
+        'needs_password_change',
+        'activation_token',
     ];
 
     /**
@@ -35,6 +38,7 @@ class User extends Authenticatable
     protected $hidden = [
         'password',
         'remember_token',
+        'activation_token',
     ];
 
     /**
@@ -47,6 +51,8 @@ class User extends Authenticatable
         return [
             'email_verified_at' => 'datetime',
             'password' => 'hashed',
+            'active' => 'boolean',
+            'needs_password_change' => 'boolean'
         ];
     }
 

backend/database/factories/UserFactory.php

@@ -36,6 +36,8 @@ class UserFactory extends Factory
             'email_verified_at' => now(),
             'password' => static::$password ??= Hash::make('password'),
             'remember_token' => Str::random(10),
+            'active' => true,
+            'needs_password_change' => false,
         ];
     }
 

backend/database/migrations/0001_01_01_000000_create_users_table.php

@@ -17,6 +17,9 @@ return new class extends Migration
             $table->string('email')->unique();
             $table->timestamp('email_verified_at')->nullable();
             $table->string('password');
+            $table->boolean('active')->default(false);
+            $table->boolean('needs_password_change')->default(false);
+            $table->string('activation_token')->nullable();
             $table->rememberToken();
             $table->timestamps();
         });

backend/resources/views/mail/activation/completed.blade.php

@@ -0,0 +1,8 @@
+@include("parts.header")
+<p>Vážená/ý {{ $name }},</p>
+<p>úspešne ste aktivovali váš účet!</p>
+<br />
+
+<p>s pozdravom</p>
+<p>Systém ISOP UKF</p>
+@include("parts.footer")

backend/resources/views/mail/registration/completed.blade.php

@@ -3,7 +3,12 @@
 <p>vaša registrácia do systému ISOP UKF prebehla úspešne!</p>
 <br />
 
-<p>Vaše heslo je: <em>{{ $password }}</em></p>
+<p>Aktivujte účet pomocou nasledujúceho linku:</p>
+<br />
+<p>
+    <a
+        href="{{ config('app.frontend_url') }}/account/activation/{{ $activation_token }}">{{ config('app.frontend_url') }}/account/activation/{{ $activation_token }}</a>
+</p>
 
 <br />
 

backend/routes/api.php

@@ -22,6 +22,10 @@ Route::middleware(['auth:sanctum'])->get('/user', function (Request $request) {
     return $user;
 });
 
+Route::prefix('/account')->group(function () {
+    Route::post("/activate", [RegisteredUserController::class, 'activate']);
+});
+
 Route::middleware(['auth:sanctum'])->prefix('/students')->group(function () {
     Route::post('/change-password', [RegisteredUserController::class, 'change_password']);
     Route::get('/', [StudentDataController::class, 'all']);