#99: Started working on e-mail address activation when changed using the user settings page

app/Http/Controllers/Gallery/UserController.php

@@ -8,10 +8,12 @@ use App\Facade\UserConfig;
 use App\Helpers\DbHelper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\SaveUserSettingsRequest;
+use App\Mail\UserChangeEmailRequired;
 use App\User;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Mail;
 use Symfony\Component\HttpFoundation\Request;
 
 class UserController extends Controller
@@ -19,15 +21,36 @@ class UserController extends Controller
     public function saveSettings(SaveUserSettingsRequest $request)
     {
         $data = $request->only(['name', 'email', 'profile_alias', 'enable_profile_page']);
+        $user = $this->getUser();
 
         if (UserConfig::get('require_email_verification'))
         {
             // Can't update the e-mail directly until the new e-mail address has been verified.
             // TODO - send e-mail and handle response, flag e-mail as being "change in-progress"
+            // Send activation e-mail
+
+            // Temporarily change the e-mail address so we can send the activation message
+            $oldEmailAddress = $user->getEmailForPasswordReset();
+            $user->email = $data['email'];
+
+            Mail::to($this->getUser())->send(new UserChangeEmailRequired($this->getUser()));
+            $request->session()->flash('info', trans('auth.change_email_required_message'));
+
+            // Flag the user as a change e-mail in progress
+            $user->new_email_address = $user->email;
+            $user->is_email_change_in_progress = true;
+            $user->email = $oldEmailAddress;
+            $user->save();
+
+            unset($data['email']);
+        }
+
+        // Don't allow e-mail address to be changed if a change is in progress
+        if ($user->is_email_change_in_progress)
+        {
             unset($data['email']);
         }
 
-        $user = $this->getUser();
         $user->fill($data);
         $user->enable_profile_page = (isset($data['enable_profile_page']) && strtolower($data['enable_profile_page']) == 'on');
         $user->save();
@@ -40,6 +63,7 @@ class UserController extends Controller
     public function settings(Request $request)
     {
         return Theme::render('gallery.user_settings', [
+            'info' => $request->session()->get('info'),
             'success' => $request->session()->get('success'),
             'user' => $this->getUser()
         ]);

app/Mail/UserChangeEmailRequired.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Mail;
+
+use App\Facade\Theme;
+use App\Facade\UserConfig;
+use App\User;
+use Illuminate\Bus\Queueable;
+use Illuminate\Mail\Mailable;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Contracts\Queue\ShouldQueue;
+
+class UserChangeEmailRequired extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    private $user;
+
+    /**
+     * Create a new message instance.
+     *
+     * @return void
+     */
+    public function __construct(User $user)
+    {
+        $this->user = $user;
+    }
+
+    /**
+     * Build the message.
+     *
+     * @return $this
+     */
+    public function build()
+    {
+        $subject = trans('email.change_email_required_subject', ['app_name' => UserConfig::get('app_name')]);
+
+        return $this
+            ->subject($subject)
+            ->markdown(Theme::viewName('email.user_change_email_required'))
+            ->with([
+                'subject' => $subject,
+                'user' => $this->user
+            ]);
+    }
+}

database/migrations/2018_09_12_142055_add_user_email_change_columns.php

@@ -0,0 +1,36 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddUserEmailChangeColumns extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table)
+        {
+            $table->boolean('is_email_change_in_progress')->default(false);
+            $table->string('new_email_address')->nullable(true);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table)
+        {
+            $table->dropColumn('is_email_change_in_progress');
+            $table->dropColumn('new_email_address');
+        });
+    }
+}

resources/lang/en/auth.php

@@ -20,6 +20,8 @@ return [
         'and password you provided when you registered.',
     'activation_required_message' => 'An e-mail containing an activation link has been sent to the e-mail address you provided. ' .
         'Please click the link in this e-mail to activate your account.',
+    'change_email_required_message' => 'An e-mail containing an activation link has been sent to the e-mail address you provided. ' .
+    'Please click the link in this e-mail to confirm your new e-mail address.',
     'change_password_action' => 'Change password',
     'change_password_title' => 'Change your password',
     'email_password_login' => 'Alternatively, login with your e-mail address and password:',

resources/lang/en/email.php

@@ -4,6 +4,9 @@ return [
     'activation_required_p2' => 'To confirm your e-mail address and activate your account, please click the link below. ' .
         'You may also need to copy + paste this into your browser\'s address bar if your e-mail reader has split this line.',
     'activation_required_subject' => 'Activate your :app_name account',
+    'change_email_required_p1' => 'A change was requested to your e-mail address on :app_name.',
+    'change_email_required_p2' => 'To confirm this e-mail address is valid and update the e-mail address on your account, please click the button below.',
+    'change_email_required_subject' => 'Confirm the e-mail change to your :app_name account',
     'generic_intro' => 'Hi :user_name,',
     'generic_regards' => 'Regards,',
     'test_email_subject' => 'Test e-mail from :app_name'

resources/lang/en/forms.php

@@ -14,6 +14,7 @@ return [
     'bulk_edit_photos_placeholder' => 'Select an action',
     'cancel_action' => 'Cancel',
     'close_action' => 'Close',
+    'confirm_email_action' => 'Confirm e-mail address',
     'continue_action' => 'Continue',
     'create_action' => 'Create',
     'create_album_label' => 'Create a new album:',

resources/views/themes/base/email/user_change_email_required.blade.php

@@ -0,0 +1,17 @@
+@component('mail::message')
+@lang('email.generic_intro', ['user_name' => $user->name])
+
+
+@lang('email.change_email_required_p1', ['app_name' => UserConfig::get('app_name')])
+
+
+@lang('email.change_email_required_p2')
+
+@component('mail::button', ['url' => route('auth.activate', ['token' => $user->activation_token]), 'color' => 'blue'])
+    @lang('forms.confirm_email_action')
+@endcomponent
+
+@lang('email.generic_regards')<br/>
+{{ UserConfig::get('app_name') }}<br/>
+<a href="{{ route('home') }}">{{ route('home') }}</a>
+@endcomponent

resources/views/themes/base/gallery/user_settings.blade.php

@@ -35,7 +35,7 @@
                                 <label class="col-md-4 col-form-label text-md-right" for="user-email">@lang('forms.email_label')</label>
 
                                 <div class="col-md-6">
-                                    <input type="text" class="form-control{{ $errors->has('email') ? ' is-invalid' : '' }}" id="user-email" name="email" value="{{ old('email', $user->email) }}">
+                                    <input type="text" class="form-control{{ $errors->has('email') ? ' is-invalid' : '' }}" id="user-email" name="email" value="{{ old('email', $user->email) }}"{{ $user->is_email_change_in_progress ? ' readonly="readonly"' : '' }}>
 
                                     @if ($errors->has('email'))
                                         <div class="invalid-feedback">