From 616637d78a1d1bc9705a3d8824f7efe92890c28e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A5=9E=E6=A5=BD=E5=9D=82=20=E7=99=BD?= Date: Wed, 12 Jun 2024 13:17:03 +0800 Subject: [PATCH] disable verify peer && fixbug --- .../Auth/ForgotPasswordController.php | 19 +++++- app/Http/Controllers/MailController.php | 4 +- config/mail.php | 8 +++ .../views/auth/passwords/email.blade.php | 59 ++++++++++++++++++- 4 files changed, 86 insertions(+), 4 deletions(-) diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php index 465c39c..0f3345b 100644 --- a/app/Http/Controllers/Auth/ForgotPasswordController.php +++ b/app/Http/Controllers/Auth/ForgotPasswordController.php @@ -3,7 +3,9 @@ namespace App\Http\Controllers\Auth; use App\Http\Controllers\Controller; +use Coderflex\LaravelTurnstile\Rules\TurnstileCheck; use Illuminate\Foundation\Auth\SendsPasswordResetEmails; +use Illuminate\Http\Request; class ForgotPasswordController extends Controller { @@ -16,7 +18,22 @@ class ForgotPasswordController extends Controller | includes a trait which assists in sending these notifications from | your application to your users. Feel free to explore this trait. | - */ + */ use SendsPasswordResetEmails; + + /** + * Validate the email for the given request. + * + * @param \Illuminate\Http\Request $request + * @return void + */ + protected function validateEmail(Request $request) + { + $request->validate([ + 'email' => 'required|email', + 'cf-turnstile-response' => ['required', new TurnstileCheck()], + ]); + } + } diff --git a/app/Http/Controllers/MailController.php b/app/Http/Controllers/MailController.php index 94aa2c0..4c880da 100644 --- a/app/Http/Controllers/MailController.php +++ b/app/Http/Controllers/MailController.php @@ -94,7 +94,7 @@ function ($attribute, $value, $fail) { $key = Crypt::decryptString($key); $key = json_decode($key, true); if (time() - $key['time'] > 300) { - throw new Exception("The token has expired.", 400); + throw new Exception("The token has expired.", 419); } // if (!empty($key['id'])) { // $where[] = ['id', '>', $key['id']]; @@ -104,7 +104,7 @@ function ($attribute, $value, $fail) { // $where[] = ['received_at', '>', Carbon::now()->subSeconds(60)]; // } } catch (\Throwable $th) { - return abort(400, $th->getMessage()); + return abort($th->getCode(), $th->getMessage()); } $email_list = Mail::where($where) diff --git a/config/mail.php b/config/mail.php index 91aac8b..a083c72 100644 --- a/config/mail.php +++ b/config/mail.php @@ -44,6 +44,14 @@ 'password' => env('MAIL_PASSWORD'), 'timeout' => null, 'local_domain' => env('MAIL_EHLO_DOMAIN'), + 'verify_peer' => false, + 'stream' => [ + 'ssl' => [ + 'allow_self_signed' => true, + 'verify_peer' => false, + 'verify_peer_name' => false, + ], + ], ], 'ses' => [ diff --git a/resources/views/auth/passwords/email.blade.php b/resources/views/auth/passwords/email.blade.php index 94570e9..027729b 100644 --- a/resources/views/auth/passwords/email.blade.php +++ b/resources/views/auth/passwords/email.blade.php @@ -1 +1,58 @@ -@extends('adminlte::auth.passwords.email') \ No newline at end of file +@extends('adminlte::auth.auth-page', ['auth_type' => 'login']) + +@php( $password_email_url = View::getSection('password_email_url') ?? config('adminlte.password_email_url', 'password/email') ) + +@if (config('adminlte.use_route_url', false)) + @php( $password_email_url = $password_email_url ? route($password_email_url) : '' ) +@else + @php( $password_email_url = $password_email_url ? url($password_email_url) : '' ) +@endif + +@section('auth_header', __('adminlte::adminlte.password_reset_message')) + +@section('auth_body') + + @if(session('status')) +
+ {{ session('status') }} +
+ @endif + +
+ @csrf + + {{-- Email field --}} +
+ + +
+
+ +
+
+ + @error('email') + + {{ $message }} + + @enderror +
+
+ + @error('cf-turnstile-response') + + {{ $message }} + + @enderror +
+ + {{-- Send reset link button --}} + + +
+ +@stop