remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: replace route closures with controllers, add Argon2id password migration

Browse Source 
- Replace closures in web.php and auth.php with dedicated controllers
  (LoginRedirectController, LogoutController, TwoFactorChallengeController,
  EmailVerificationController) to fix route caching issues
- Add migration to increase password column to VARCHAR(255) for Argon2id support
- Fix 500 error caused by route cache incompatibility with closures
This commit is contained in:
root
2026-05-20 23:40:18 +02:00
parent 75b78c17fa
commit 1fe8d10c90
7 changed files with 106 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/Auth/EmailVerificationController.php
Executable
+19
View File
@@ -0,0 +1,19 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
class EmailVerificationController extends Controller
{
public function __invoke(Request $request): RedirectResponse
{
$request->user()->sendEmailVerificationNotification();
return back()->with('status', 'verification-link-sent');
}
}
app/Http/Controllers/Auth/LoginRedirectController.php
Executable
+16
View File
@@ -0,0 +1,16 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
class LoginRedirectController extends Controller
{
public function __invoke(): RedirectResponse
{
return to_route('welcome');
}
}
app/Http/Controllers/Auth/LogoutController.php
Executable
+22
View File
@@ -0,0 +1,22 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Session;
class LogoutController extends Controller
{
public function __invoke(): RedirectResponse
{
Auth::guard('web')->logout();
Session::invalidate();
Session::regenerateToken();
return redirect('/');
}
}
app/Http/Controllers/Auth/TwoFactorChallengeController.php
Executable
+16
View File
@@ -0,0 +1,16 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Contracts\View\View;
class TwoFactorChallengeController extends Controller
{
public function __invoke(): View
{
return view('auth.two-factor-challenge');
}
}
database/migrations/2026_05_20_210737_increase_password_column_length_for_argon2id.php
Executable
+24
View File
@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('users', function (Blueprint $table) {
$table->string('password', 255)->change();
});
}
public function down(): void
{
Schema::table('users', function (Blueprint $table) {
$table->string('password', 60)->change();
});
}
};
routes/auth.php
+5 -6
View File
@@ -1,6 +1,8 @@
<?php
use App\Http\Controllers\Auth\EmailVerificationController;
use App\Http\Controllers\Auth\SocialAuthController;
use App\Http\Controllers\Auth\TwoFactorChallengeController;
use Illuminate\Support\Facades\Route;
use Laravel\Fortify\Features;
use Laravel\Fortify\Http\Controllers\RegisteredUserController;
@@ -38,14 +40,11 @@ Route::middleware(['guest', 'throttle:60,1'])->group(function () {
});
// Two factor challenge login
Route::get('/two-factor-challenge', static fn () => view('auth.two-factor-challenge'))->name('two-factor.login');
Route::get('/two-factor-challenge', TwoFactorChallengeController::class)->name('two-factor.login');
// Email verification resend
Route::post('/email/verification-notification', static function () {
request()->user()->sendEmailVerificationNotification();
return back()->with('status', 'verification-link-sent');
})->middleware(['auth', 'throttle:6,1'])->name('verification.send');
Route::post('/email/verification-notification', EmailVerificationController::class)
->middleware(['auth', 'throttle:6,1'])->name('verification.send');
// Two factor challenge with throttle
if (Features::enabled(Features::twoFactorAuthentication())) {
routes/web.php
+4 -8
View File
@@ -1,5 +1,7 @@
<?php
use App\Http\Controllers\Auth\LoginRedirectController;
use App\Http\Controllers\Auth\LogoutController;
use App\Http\Controllers\Miscellaneous\HomeController;
use App\Http\Controllers\Miscellaneous\InstallationController;
use App\Http\Controllers\Miscellaneous\LocaleController;
@@ -32,19 +34,13 @@ Route::middleware(['maintenance', 'check.ban', 'force.staff.2fa'])->group(functi
// Home routes (guest only)
Route::middleware(['guest', 'throttle:60,1'])->withoutMiddleware('force.staff.2fa')->group(function () {
Route::get('/login', static fn () => to_route('welcome'))->name('login');
Route::get('/login', LoginRedirectController::class)->name('login');
Route::get('/', HomeController::class)->name('welcome');
Route::get('/home', HomeController::class)->name('home');
});
// Logout route
Route::post('/logout', static function () {
auth()->guard('web')->logout();
session()->invalidate();
session()->regenerateToken();
return redirect('/');
})->name('logout');
Route::post('/logout', LogoutController::class)->name('logout');
// Authenticated routes
Route::middleware('auth')->group(function () {