ファイル

2021-11-10 13:18:46 +09:00 · 2021-11-10 13:18:46 +09:00 · 60a50243f1
--- a/backend/app/Http/Controllers/Api/ChildrenController.php
+++ b/backend/app/Http/Controllers/Api/ChildrenController.php
@ -461,13 +461,16 @@ https://kikikan.jp/c-account/forgot-password/reset/'.$token;
        return ['status_code' => 200, 'success_messages' => ['子の更新に成功しました。']];
    }

-    public function updatePassword (Request $r, $child_id=null) {
-        if (isset($r->child_id)) {
-            $child_id = $r->child_id;
+    public function updatePassword (Request $r, $child_id=null, $token=null) {
+        if (is_null($child_id) && is_null($token)) {
+            return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
        }

-        if (!isset($child_id)) {
-            return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
+        if (!is_null($token)) {
+            if (null === ($child_id = TelActivation::select('child_id')->where('token', $token)->first())) {
+                return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
+            }
+            $child_id = (int)$child_id->child_id;
        }

        // バリデーションエラー
--- a/backend/app/Http/Controllers/Api/FathersController.php
+++ b/backend/app/Http/Controllers/Api/FathersController.php
@ -362,13 +362,16 @@ class FathersController extends Controller {
        return ['status_code' => 200, 'success_messages' => ['親の更新に成功しました。']];
    }

-    public function updatePassword (Request $r, $father_id) {
-        if (isset($r->father_id)) {
-            $father_id = $r->father_id;
+    public function updatePassword (Request $r, $father_id=null, $token=null) {
+        if (is_null($father_id) && is_null($token)) {
+            return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
        }

-        if (!isset($father_id)) {
-            return ['status_code' => 400, 'error_messages' => ['親の更新に失敗しました。']];
+        if (!is_null($token)) {
+            if (null === ($father_id = EmailActivation::select('father_id')->where('token', $token)->first())) {
+                return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
+            }
+            $father_id = (int)$father_id->father_id;
        }

        // バリデーションエラー
--- a/backend/app/Models/Child.php
+++ b/backend/app/Models/Child.php
@ -8,6 +8,6 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
 class Child extends Authenticatable
 {
    use HasFactory;
-    protected $fillable = ['identity', 'tel', 'last_name', 'first_name', 'email', 'password', 'father_id', 'title', 'text', 'memo', 'pdf'];
+    protected $fillable = ['identity', 'tel', 'last_name', 'first_name', 'email', 'password', 'image', 'company'];
    protected $hidden = ['password'];
 }
--- a/backend/routes/api.php
+++ b/backend/routes/api.php
@ -78,7 +78,7 @@ Route::group(['prefix' => 'fathers'], function () {
    Route::post('/registerMain', '\App\Http\Controllers\Api\FathersController@registerMain');
    Route::post('/requestPassword', '\App\Http\Controllers\Api\FathersController@requestPassword');
    Route::post('/login', '\App\Http\Controllers\Api\FathersController@login');
-    Route::put('/updatePassword', '\App\Http\Controllers\Api\FathersController@updatePassword');
+    Route::put('/updatePassword/{token}', '\App\Http\Controllers\Api\FathersController@updatePassword');

    Route::group(['middleware' => 'auth:fathers'], function () {
        Route::put('/updateImage', '\App\Http\Controllers\Api\FathersController@updateImage');
@ -141,7 +141,7 @@ Route::group(['prefix' => 'children'], function () {
    Route::post('/registerMain', '\App\Http\Controllers\Api\ChildrenController@registerMain');
    Route::post('/requestPassword', '\App\Http\Controllers\Api\ChildrenController@requestPassword');
    Route::post('/login', '\App\Http\Controllers\Api\ChildrenController@login');
-    Route::put('/updatePassword', '\App\Http\Controllers\Api\ChildrenController@updatePassword');
+    Route::put('/updatePassword/{token}', '\App\Http\Controllers\Api\ChildrenController@updatePassword');

    Route::group(['middleware' => 'auth:children'], function () {
        Route::get('/detail/{child_id}', '\App\Http\Controllers\Api\ChildrenController@detail');
--- a/backend/routes/web.php
+++ b/backend/routes/web.php
@ -69,7 +69,7 @@ Route::group(['prefix' => 'c-account'],                 function () {
        Route::get('/error/{token}',                    function () { return view('c_account.auth'); });
    });
    Route::group(['prefix' => 'forgot-password'],       function () {
-        Route::get('/',                                 function () { return view('c_account.auth'); });
+        Route::get('/{token}',                          function () { return view('c_account.auth'); });
        Route::get('/reset/{token}',                    function () { return view('c_account.auth'); });
        Route::get('/complete',                         function () { return view('c_account.auth'); });
    });