From 1fe8d10c90229587865cf9312385f15a40c5a041 Mon Sep 17 00:00:00 2001
From: root <remcojandijkstra@ziggo.nl>
Date: Wed, 20 May 2026 23:40:18 +0200
Subject: [PATCH] fix: replace route closures with controllers, add Argon2id
 password migration

- Replace closures in web.php and auth.php with dedicated controllers
  (LoginRedirectController, LogoutController, TwoFactorChallengeController,
  EmailVerificationController) to fix route caching issues
- Add migration to increase password column to VARCHAR(255) for Argon2id support
- Fix 500 error caused by route cache incompatibility with closures
---
 .../Auth/EmailVerificationController.php      | 19 +++++++++++++++
 .../Auth/LoginRedirectController.php          | 16 +++++++++++++
 .../Controllers/Auth/LogoutController.php     | 22 +++++++++++++++++
 .../Auth/TwoFactorChallengeController.php     | 16 +++++++++++++
 ...se_password_column_length_for_argon2id.php | 24 +++++++++++++++++++
 routes/auth.php                               | 11 ++++-----
 routes/web.php                                | 12 ++++------
 7 files changed, 106 insertions(+), 14 deletions(-)
 create mode 100755 app/Http/Controllers/Auth/EmailVerificationController.php
 create mode 100755 app/Http/Controllers/Auth/LoginRedirectController.php
 create mode 100755 app/Http/Controllers/Auth/LogoutController.php
 create mode 100755 app/Http/Controllers/Auth/TwoFactorChallengeController.php
 create mode 100755 database/migrations/2026_05_20_210737_increase_password_column_length_for_argon2id.php

diff --git a/app/Http/Controllers/Auth/EmailVerificationController.php b/app/Http/Controllers/Auth/EmailVerificationController.php
new file mode 100755
index 0000000..6108abe
--- /dev/null
+++ b/app/Http/Controllers/Auth/EmailVerificationController.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+
+class EmailVerificationController extends Controller
+{
+    public function __invoke(Request $request): RedirectResponse
+    {
+        $request->user()->sendEmailVerificationNotification();
+
+        return back()->with('status', 'verification-link-sent');
+    }
+}
diff --git a/app/Http/Controllers/Auth/LoginRedirectController.php b/app/Http/Controllers/Auth/LoginRedirectController.php
new file mode 100755
index 0000000..ca0f6ac
--- /dev/null
+++ b/app/Http/Controllers/Auth/LoginRedirectController.php
@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+
+class LoginRedirectController extends Controller
+{
+    public function __invoke(): RedirectResponse
+    {
+        return to_route('welcome');
+    }
+}
diff --git a/app/Http/Controllers/Auth/LogoutController.php b/app/Http/Controllers/Auth/LogoutController.php
new file mode 100755
index 0000000..8fb71ea
--- /dev/null
+++ b/app/Http/Controllers/Auth/LogoutController.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;
+
+class LogoutController extends Controller
+{
+    public function __invoke(): RedirectResponse
+    {
+        Auth::guard('web')->logout();
+        Session::invalidate();
+        Session::regenerateToken();
+
+        return redirect('/');
+    }
+}
diff --git a/app/Http/Controllers/Auth/TwoFactorChallengeController.php b/app/Http/Controllers/Auth/TwoFactorChallengeController.php
new file mode 100755
index 0000000..c4ddf79
--- /dev/null
+++ b/app/Http/Controllers/Auth/TwoFactorChallengeController.php
@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Contracts\View\View;
+
+class TwoFactorChallengeController extends Controller
+{
+    public function __invoke(): View
+    {
+        return view('auth.two-factor-challenge');
+    }
+}
diff --git a/database/migrations/2026_05_20_210737_increase_password_column_length_for_argon2id.php b/database/migrations/2026_05_20_210737_increase_password_column_length_for_argon2id.php
new file mode 100755
index 0000000..ce56688
--- /dev/null
+++ b/database/migrations/2026_05_20_210737_increase_password_column_length_for_argon2id.php
@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('password', 255)->change();
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('password', 60)->change();
+        });
+    }
+};
diff --git a/routes/auth.php b/routes/auth.php
index de85e0c..d18f9fe 100755
--- a/routes/auth.php
+++ b/routes/auth.php
@@ -1,6 +1,8 @@
 <?php
 
+use App\Http\Controllers\Auth\EmailVerificationController;
 use App\Http\Controllers\Auth\SocialAuthController;
+use App\Http\Controllers\Auth\TwoFactorChallengeController;
 use Illuminate\Support\Facades\Route;
 use Laravel\Fortify\Features;
 use Laravel\Fortify\Http\Controllers\RegisteredUserController;
@@ -38,14 +40,11 @@ Route::middleware(['guest', 'throttle:60,1'])->group(function () {
 });
 
 // Two factor challenge login
-Route::get('/two-factor-challenge', static fn () => view('auth.two-factor-challenge'))->name('two-factor.login');
+Route::get('/two-factor-challenge', TwoFactorChallengeController::class)->name('two-factor.login');
 
 // Email verification resend
-Route::post('/email/verification-notification', static function () {
-    request()->user()->sendEmailVerificationNotification();
-
-    return back()->with('status', 'verification-link-sent');
-})->middleware(['auth', 'throttle:6,1'])->name('verification.send');
+Route::post('/email/verification-notification', EmailVerificationController::class)
+    ->middleware(['auth', 'throttle:6,1'])->name('verification.send');
 
 // Two factor challenge with throttle
 if (Features::enabled(Features::twoFactorAuthentication())) {
diff --git a/routes/web.php b/routes/web.php
index 8dbdec5..0e657a6 100755
--- a/routes/web.php
+++ b/routes/web.php
@@ -1,5 +1,7 @@
 <?php
 
+use App\Http\Controllers\Auth\LoginRedirectController;
+use App\Http\Controllers\Auth\LogoutController;
 use App\Http\Controllers\Miscellaneous\HomeController;
 use App\Http\Controllers\Miscellaneous\InstallationController;
 use App\Http\Controllers\Miscellaneous\LocaleController;
@@ -32,19 +34,13 @@ Route::middleware(['maintenance', 'check.ban', 'force.staff.2fa'])->group(functi
 
     // Home routes (guest only)
     Route::middleware(['guest', 'throttle:60,1'])->withoutMiddleware('force.staff.2fa')->group(function () {
-        Route::get('/login', static fn () => to_route('welcome'))->name('login');
+        Route::get('/login', LoginRedirectController::class)->name('login');
         Route::get('/', HomeController::class)->name('welcome');
         Route::get('/home', HomeController::class)->name('home');
     });
 
     // Logout route
-    Route::post('/logout', static function () {
-        auth()->guard('web')->logout();
-        session()->invalidate();
-        session()->regenerateToken();
-
-        return redirect('/');
-    })->name('logout');
+    Route::post('/logout', LogoutController::class)->name('logout');
 
     // Authenticated routes
     Route::middleware('auth')->group(function () {