Merge pull request #65 from dennis-koster/feature/extract-url-transfo…

…rmation-to-separate-methods Extracted the transformation of URL's for email verification and password resets to a separate method
daniel-de-wit · Aug 5, 2021 · d8e4962 · d8e4962
2 parents 44fb5cf + 527b53c
commit d8e4962
Show file tree

Hide file tree

Showing 6 changed files with 91 additions and 16 deletions.
diff --git a/src/Contracts/Services/EmailVerificationServiceInterface.php b/src/Contracts/Services/EmailVerificationServiceInterface.php
@@ -9,6 +9,8 @@
 
 interface EmailVerificationServiceInterface
 {
+    public function transformUrl(MustVerifyEmail $user, string $url): string;
+
     public function setVerificationUrl(string $url): void;
 
     /**

diff --git a/src/Contracts/Services/ResetPasswordServiceInterface.php b/src/Contracts/Services/ResetPasswordServiceInterface.php
@@ -5,10 +5,13 @@
 namespace DanielDeWit\LighthouseSanctum\Contracts\Services;
 
 use Illuminate\Contracts\Auth\Authenticatable;
+use Illuminate\Contracts\Auth\CanResetPassword;
 use Illuminate\Database\Eloquent\Model;
 
 interface ResetPasswordServiceInterface
 {
+    public function transformUrl(CanResetPassword $notifiable, string $token, string $url): string;
+
     public function setResetPasswordUrl(string $url): void;
 
     /**

diff --git a/src/Services/EmailVerificationService.php b/src/Services/EmailVerificationService.php
@@ -26,17 +26,22 @@ public function __construct(SignatureServiceInterface $signatureService, int $ex
         $this->expiresIn        = $expiresIn;
     }
 
+    public function transformUrl(MustVerifyEmail $user, string $url): string
+    {
+        $parameters = $this->createUrlParameters($user);
+
+        return str_replace([
+            '__ID__',
+            '__HASH__',
+            '__EXPIRES__',
+            '__SIGNATURE__',
+        ], $parameters, $url);
+    }
+
     public function setVerificationUrl(string $url): void
     {
-        VerifyEmail::createUrlUsing(function ($user) use ($url) {
-            $parameters = $this->createUrlParameters($user);
-
-            return str_replace([
-                '__ID__',
-                '__HASH__',
-                '__EXPIRES__',
-                '__SIGNATURE__',
-            ], $parameters, $url);
+        VerifyEmail::createUrlUsing(function (MustVerifyEmail $user) use ($url) {
+            return $this->transformUrl($user, $url);
         });
     }
 

diff --git a/src/Services/ResetPasswordService.php b/src/Services/ResetPasswordService.php
@@ -24,16 +24,21 @@ public function __construct(Hasher $hash, Dispatcher $dispatcher)
         $this->dispatcher = $dispatcher;
     }
 
+    public function transformUrl(CanResetPassword $notifiable, string $token, string $url): string
+    {
+        return str_replace([
+            '__EMAIL__',
+            '__TOKEN__',
+        ], [
+            $notifiable->getEmailForPasswordReset(),
+            $token,
+        ], $url);
+    }
+
     public function setResetPasswordUrl(string $url): void
     {
         ResetPasswordNotification::createUrlUsing(function (CanResetPassword $notifiable, string $token) use ($url) {
-            return str_replace([
-                '__EMAIL__',
-                '__TOKEN__',
-            ], [
-                $notifiable->getEmailForPasswordReset(),
-                $token,
-            ], $url);
+            return $this->transformUrl($notifiable, $token, $url);
         });
     }
 

diff --git a/tests/Integration/Services/EmailVerificationServiceTest.php b/tests/Integration/Services/EmailVerificationServiceTest.php
@@ -26,6 +26,49 @@ protected function setUp(): void
         );
     }
 
+    /**
+     * @test
+     */
+    public function it_transforms_a_verification_url(): void
+    {
+        /** @var UserMustVerifyEmail $user */
+        $user = UserMustVerifyEmail::factory()->create([
+            'id'    => 12345,
+            'email' => '[email protected]',
+        ]);
+
+        $url = $this->service->transformUrl(
+            $user,
+            'https://mysite.com/verify-email/__ID__/__HASH__'
+        );
+
+        static::assertSame('https://mysite.com/verify-email/12345/' . sha1('[email protected]'), $url);
+    }
+
+    /**
+     * @test
+     */
+    public function it_transforms_a_signed_verification_url(): void
+    {
+        Carbon::setTestNow(Carbon::createFromTimestamp(1609477200));
+
+        /** @var UserMustVerifyEmail $user */
+        $user = UserMustVerifyEmail::factory()->create([
+            'id'    => 12345,
+            'email' => '[email protected]',
+        ]);
+
+        $url = $this->service->transformUrl($user, 'https://mysite.com/verify-email/__ID__/__HASH__/__EXPIRES__/__SIGNATURE__');
+
+        $signature = hash_hmac('sha256', serialize([
+            'id'      => 12345,
+            'hash'    => sha1('[email protected]'),
+            'expires' => 1609480800,
+        ]), $this->app['config']->get('app.key'));
+
+        static::assertSame('https://mysite.com/verify-email/12345/' . sha1('[email protected]') . '/1609480800/' . $signature, $url);
+    }
+
     /**
      * @test
      */

diff --git a/tests/Integration/Services/ResetPasswordServiceTest.php b/tests/Integration/Services/ResetPasswordServiceTest.php
@@ -30,6 +30,23 @@ protected function setUp(): void
         );
     }
 
+    /**
+     * @test
+     */
+    public function it_transforms_a_reset_password_url(): void
+    {
+        /** @var UserMustVerifyEmail $user */
+        $user = UserMustVerifyEmail::factory()->create([
+            'email' => '[email protected]',
+        ]);
+
+        $token = 'token123';
+
+        $url = $this->service->transformUrl($user, $token, 'https://mysite.com/reset-password/__EMAIL__/__TOKEN__');
+
+        static::assertSame('https://mysite.com/reset-password/[email protected]/token123', $url);
+    }
+
     /**
      * @test
      */