mirror of
https://github.com/coollabsio/coolify.git
synced 2026-03-11 08:55:47 +00:00
- Fix migration dates from 2025 to 2026 - Add OAuth-only enforcement in Fortify authentication - Prevent OAuth-only users from resetting passwords - Prevent OAuth-only users from updating passwords
36 lines
1.1 KiB
PHP
36 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Actions\Fortify;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Validator;
|
|
use Illuminate\Validation\Rules\Password;
|
|
use Laravel\Fortify\Contracts\UpdatesUserPasswords;
|
|
|
|
class UpdateUserPassword implements UpdatesUserPasswords
|
|
{
|
|
/**
|
|
* Validate and update the user's password.
|
|
*
|
|
* @param array<string, string> $input
|
|
*/
|
|
public function update(User $user, array $input): void
|
|
{
|
|
// Prevent OAuth-only users from updating passwords
|
|
if ($user->oauth_only) {
|
|
throw new \Exception('OAuth-only users cannot update passwords.');
|
|
}
|
|
|
|
Validator::make($input, [
|
|
'current_password' => ['required', 'string', 'current_password:web'],
|
|
'password' => ['required', Password::defaults(), 'confirmed'],
|
|
], [
|
|
'current_password.current_password' => __('The provided password does not match your current password.'),
|
|
])->validateWithBag('updatePassword');
|
|
|
|
$user->forceFill([
|
|
'password' => Hash::make($input['password']),
|
|
])->save();
|
|
}
|
|
}
|