Implement user management, improve some style, and enhance middleware

Author: Irvan789

app/Http/Middleware/EnsureUserIsAdministrator.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class EnsureUserIsAdministrator
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  Closure(Request): (Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        if ($request->user()->role != 'admin') {
+            return abort(404);
+        }
+
+        return $next($request);
+    }
+}

app/Livewire/Passport/CreateClient.php

@@ -2,9 +2,7 @@
 
 namespace App\Livewire\Passport;
 
-use App\Models\User;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Session;
 use Laravel\Passport\ClientRepository;
 use Livewire\Component;
@@ -33,8 +31,6 @@ public function boot()
 
     public function mount()
     {
-        Gate::allowIf(fn(User $user) => $user->role != 'user');
-
         $this->user = Auth::user();
     }
 

app/Livewire/Passport/Home.php

@@ -5,7 +5,6 @@
 use App\Models\User;
 use Exception;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Gate;
 use Laravel\Passport\Passport;
 use Laravel\Passport\Token;
 use Livewire\Component;
@@ -20,8 +19,6 @@ class Home extends Component
 
     public function mount(): void
     {
-        Gate::allowIf(fn(User $user) => $user->role != 'user');
-
         $this->user = Auth::user();
     }
 

app/Livewire/Profile.php

@@ -116,7 +116,7 @@ public function updateProfileInformation(): void
         ]);
     }
 
-    public function deleteUser(Logout $logout): void
+    public function deleteAccount(Logout $logout): void
     {
         try {
             $this->validate([

app/Livewire/Security/TwoFactor.php

@@ -4,6 +4,7 @@
 
 use Exception;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\RateLimiter;
 use Illuminate\Support\Facades\Session;
 use Laravel\Fortify\Actions\ConfirmTwoFactorAuthentication;
 use Laravel\Fortify\Actions\DisableTwoFactorAuthentication;
@@ -89,7 +90,7 @@ public function render()
         }
 
         return view('livewire.security.two-factor')->layout('layouts::app', [
-            'title' => 'Manage Two-Factor',
+            'title' => 'Two-Factor Authentication',
             'user' => $this->user
         ]);
     }
@@ -136,9 +137,22 @@ public function disableTwoFactor(DisableTwoFactorAuthentication $disableTwoFacto
 
     public function regenerateRecoveryCodes(GenerateNewRecoveryCodes $generateNewRecoveryCodes): void
     {
-        $generateNewRecoveryCodes($this->user);
+        $newRecoveryCodes = RateLimiter::attempt(
+            'regenerate-code.' . $this->user->id,
+            1,
+            function () use ($generateNewRecoveryCodes) {
+                $generateNewRecoveryCodes($this->user);
 
-        $this->loadRecoveryCodes();
+                $this->loadRecoveryCodes();
+            },
+            3600
+        );
+
+        if (!$newRecoveryCodes) {
+            abort(429);
+
+            return;
+        }
     }
 
     private function loadRecoveryCodes(): void

app/Livewire/Users/Home.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Livewire\Users;
+
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;
+use Livewire\Component;
+use Livewire\WithoutUrlPagination;
+use Livewire\WithPagination;
+
+class Home extends Component
+{
+    use WithPagination, WithoutUrlPagination;
+
+    public mixed $user;
+
+    public string $search = '';
+
+    public function mount(): void
+    {
+        $this->user = Auth::user();
+    }
+
+    public function render()
+    {
+        if (Session::has('status') || Session::has('error')) {
+            $this->dispatch('toastify', [
+                'type' => Session::has('error') ? 'error' : 'success',
+                'message' => Session::get('error') ?? Session::get('status')
+            ]);
+        }
+
+        return view('livewire.users.home', [
+            'users' => User::getUsersWithSocialAccounts($this->user)
+                ->when($this->search, function ($query, $search) {
+                    $query->where('name', 'like', "{$search}%");
+                })
+                ->paginate(10)
+                ->onEachSide(1)
+        ])->layout('layouts::app', [
+            'title' => 'Manage Users',
+            'user' => $this->user
+        ]);
+    }
+
+    public function searchUser(): void
+    {
+        $this->resetPage();
+    }
+}

app/Livewire/Users/Profile.php

@@ -0,0 +1,161 @@
+<?php
+
+namespace App\Livewire\Users;
+
+use App\Concerns\PasswordValidationRules;
+use App\Concerns\ProfileValidationRules;
+use App\Models\Social;
+use App\Models\User;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;
+use Laravel\Fortify\Actions\DisableTwoFactorAuthentication;
+use Laravel\Fortify\Features;
+use Livewire\Attributes\Computed;
+use Livewire\Attributes\Locked;
+use Livewire\Component;
+
+class Profile extends Component
+{
+    use ProfileValidationRules, PasswordValidationRules;
+
+    public $user;
+
+    public string $name = '';
+
+    public string $username = '';
+
+    public string $email = '';
+
+    public string $password = '';
+
+    public mixed $socials_google;
+
+    public mixed $socials_github;
+
+    #[Locked]
+    public bool $canManageTwoFactor;
+
+    #[Locked]
+    public bool $twoFactorEnabled;
+
+    public function boot()
+    {
+        $this->withValidator(function ($validator) {
+            $validator->after(function ($validator) {
+                if ($validator->errors()->count() > 0) {
+                    $this->dispatch('toastify', [
+                        'type' => 'error',
+                        'message' => $validator->errors()->all()[0]
+                    ]);
+                }
+            });
+        });
+    }
+
+    public function mount(string $id)
+    {
+        $this->user = User::getUserWithSocialAccount($id)->first();
+
+        if ($this->user) {
+            if ($this->user->id == Auth::user()->id) {
+                return $this->redirectRoute('profile', navigate: true);
+            }
+
+            $this->name = $this->user->name;
+
+            $this->username = $this->user->username;
+
+            $this->email = $this->user->email;
+
+            $this->socials_google = $this->user->socialAccounts()->where('provider', 'google')->first();
+
+            $this->socials_github = $this->user->socialAccounts()->where('provider', 'github')->first();
+        }
+
+        $this->canManageTwoFactor = Features::canManageTwoFactorAuthentication();
+
+        if ($this->canManageTwoFactor) {
+            $this->twoFactorEnabled = $this->user->hasEnabledTwoFactorAuthentication();
+        }
+    }
+
+    public function render()
+    {
+        return view('livewire.users.profile')->layout('layouts::app', [
+            'title' => $this->name . ' Profile',
+            'user' => Auth::user()
+        ]);
+    }
+
+    #[Computed]
+    public function hasUnverifiedEmail(): bool
+    {
+        return $this->user instanceof MustVerifyEmail && !$this->user->hasVerifiedEmail();
+    }
+
+    public function updateProfileInformation(): void
+    {
+        $validated = $this->validate($this->profileRules($this->user->id));
+
+        $this->user->fill($validated);
+
+        if ($this->user->isDirty('email')) {
+            $this->user->email_verified_at = null;
+        }
+
+        $this->user->save();
+
+        $this->dispatch('toastify', [
+            'type' => 'success',
+            'message' => 'User Profile Updated Successfully!'
+        ]);
+    }
+
+    public function unlinkSocialAccount(string $provider): void
+    {
+        $socialAccontsById = Social::getUserBySocialAccoutsEmail($provider, $this->user->email);
+
+        if ($socialAccontsById->first()) {
+            $socialAccontsById->delete();
+
+            if ($provider == 'google') {
+                $this->socials_google = null;
+            }
+
+            if ($provider == 'github') {
+                $this->socials_github = null;
+            }
+
+            $this->dispatch('toastify', [
+                'type' => 'success',
+                'message' => 'Social Account Unlinked Successfully!'
+            ]);
+        }
+    }
+
+    public function disableTwoFactor(DisableTwoFactorAuthentication $disableTwoFactorAuthentication)
+    {
+        $disableTwoFactorAuthentication($this->user);
+
+        $this->twoFactorEnabled = false;
+
+        $this->dispatch('toastify', [
+            'type' => 'success',
+            'message' => 'Two-Factor Disable Successfully!'
+        ]);
+    }
+
+    public function deleteAccount(): void
+    {
+        $this->user->oauthApps()->delete();
+
+        $this->user->socialAccounts()->delete();
+
+        $this->user->delete();
+
+        Session::flash('status', 'User Deleted Successfully');
+
+        $this->redirectRoute('users.home', navigate: true);
+    }
+}

app/Models/User.php

@@ -6,6 +6,8 @@
 use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Database\Eloquent\Attributes\Fillable;
 use Illuminate\Database\Eloquent\Attributes\Hidden;
+use Illuminate\Database\Eloquent\Attributes\Scope;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Concerns\HasUuids;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -44,4 +46,16 @@ public function socialAccounts(): HasMany
     {
         return $this->hasMany(Social::class, 'user_id', 'id');
     }
+
+    #[Scope]
+    protected function getUserWithSocialAccount(Builder $query, string $id)
+    {
+        return $query->where('id', '=', $id)->with('socialAccounts');
+    }
+
+    #[Scope]
+    protected function getUsersWithSocialAccounts(Builder $query, User $user)
+    {
+        return $query->where('id', '<>', $user->id)->with('socialAccounts')->orderBy('created_at', 'desc');
+    }
 }

bootstrap/app.php

@@ -1,5 +1,6 @@
 <?php
 
+use App\Http\Middleware\EnsureUserIsAdministrator;
 use App\Http\Middleware\PassportMiddleware;
 use Illuminate\Foundation\Application;
 use Illuminate\Foundation\Configuration\Exceptions;
@@ -21,10 +22,12 @@
                 ->group(base_path('routes/web.php'));
         }
     )
-    ->withMiddleware(function (Middleware $middleware): void { 
-        $middleware->append([
-            PassportMiddleware::class
+    ->withMiddleware(function (Middleware $middleware): void {
+        $middleware->alias([
+            'user.admin' => EnsureUserIsAdministrator::class
         ]);
+
+        $middleware->append([PassportMiddleware::class]);
     })
     ->withExceptions(function (Exceptions $exceptions): void {
         //

resources/views/components/input-search.blade.php

@@ -0,0 +1,17 @@
+<div class="relative inline-flex gap-2 text-[#3d3530]">
+  <input
+    type="text"
+    class="rounded-xs min-w-52 inset-ring inset-ring-[#5e6e754d] focus:inset-ring-[#c8b96ea6] w-full bg-[#ffffff73] px-2.5 py-2 text-sm/5 font-normal focus:bg-[#ffffffb3] focus:outline-none"
+    autocomplete="off"
+    name="search"
+    {{ $attributes }}
+  />
+
+  <button
+    type="submit"
+    class="rounded-xs px-2.5 cursor-pointer bg-[#3d3530e6] text-sm/4 text-[#f0ede8] transition-colors duration-300 hover:bg-[#3d3530]"
+  >
+    <span class="icon-[tabler--search] size-4">
+    </span>
+  </button>
+</div>