feat: add update, updatePassword & resetPassword to user object

mychidarko · mychidarko · commit b09af3c29166 · 2026-01-28T11:33:05.000Z
diff --git a/src/Auth/User.php b/src/Auth/User.php
@@ -2,11 +2,10 @@
 
 namespace Leaf\Auth;
 
-use Exception;
 use Firebase\JWT\JWT;
-use Leaf\Db;
+use Leaf\Date;
+use Leaf\Helpers\Password;
 use Leaf\Http\Session;
-use Throwable;
 
 /**
  * Auth User
@@ -23,7 +22,7 @@ class User
 
     /**
      * Internal instance of Leaf database
-     * @var Db
+     * @var \Leaf\DB
      */
     protected $db;
 
@@ -43,6 +42,12 @@ class User
      */
     protected array $tokens = [];
 
+    /**
+     * All errors caught
+     * @var array
+     */
+    protected $errorsArray = [];
+
     public function __construct($data, $session = true)
     {
         $this->data = $data;
@@ -72,7 +77,7 @@ public function __construct($data, $session = true)
                     $sessionLifetime = strtotime($sessionLifetime);
 
                     if (!$sessionLifetime) {
-                        throw new Exception('Invalid session lifetime');
+                        throw new \Exception('Invalid session lifetime');
                     }
                 } else {
                     $sessionLifetime = time() + $sessionLifetime;
@@ -103,6 +108,170 @@ public function id()
         return $this->data[Config::get('id.key')] ?? null;
     }
 
+    /**
+     * Update user data
+     * ---
+     * Update user data in the database
+     *
+     * @param array $userData User data
+     * @return bool
+     */
+    public function update(array $userData): bool
+    {
+        $user = $this->get();
+
+        if (!$user) {
+            return false;
+        }
+
+        $idKey = Config::get('id.key');
+        $table = Config::get('db.table');
+
+        if (Config::get('timestamps')) {
+            $userData['updated_at'] = (new Date())->tick()->format(Config::get('timestamps.format'));
+        }
+
+        if (isset($userData['email'])) {
+            $userData['email'] = strtolower($userData['email']);
+        }
+
+        if (\count(Config::get('unique')) > 0) {
+            foreach (Config::get('unique') as $unique) {
+                if (!isset($userData[$unique])) {
+                    continue;
+                }
+
+                $data = $this->db->select($table, Config::get('id.key'))->where($unique, $userData[$unique])->first();
+
+                if ($data && $data[Config::get('id.key')] !== $this->id()) {
+                    $this->errorsArray[$unique] = "$unique already exists";
+                }
+            }
+
+            if (\count($this->errorsArray) > 0) {
+                return false;
+            }
+        }
+
+        try {
+            $query = $this->db->update($table)->params($userData)->where($idKey, $this->id())->execute();
+
+            if (!$query) {
+                $this->errorsArray = array_merge($this->errorsArray, $this->db->errors());
+                return false;
+            }
+        } catch (\Throwable $th) {
+            throw new \Exception($th->getMessage());
+        }
+
+        if (Config::get('session')) {
+            session_regenerate_id();
+        }
+
+        foreach ($userData as $key => $value) {
+            $this->data[$key] = $value;
+        }
+
+        return true;
+    }
+
+    /**
+     * Update user password
+     * ---
+     * Update user password in the database
+     *
+     * @param string $oldPassword Old password
+     * @param string $newPassword New password
+     * @return bool
+     */
+    public function updatePassword(string $oldPassword, string $newPassword): bool
+    {
+        $user = $this->get();
+
+        if (!$user) {
+            return false;
+        }
+
+        $passwordKey = Config::get('password.key');
+
+        if (Config::get('password.verify') !== false && isset($user[$passwordKey])) {
+            $passwordIsValid = (is_callable(Config::get('password.verify')))
+                ? call_user_func(Config::get('password.verify'), $oldPassword, $user[$passwordKey])
+                : Password::verify($oldPassword, $user[$passwordKey]);
+
+            if (!$passwordIsValid) {
+                $this->errorsArray['password'] = Config::get('messages.loginPasswordError');
+                return false;
+            }
+        }
+
+        $newPassword = (Config::get('password.encode') !== false)
+            ? ((is_callable(Config::get('password.encode')))
+                ? call_user_func(Config::get('password.encode'), $newPassword)
+                : Password::hash($newPassword))
+            : $newPassword;
+
+        try {
+            $query = $this->db->update(Config::get('db.table'))
+                ->params([$passwordKey => $newPassword])
+                ->where(Config::get('id.key'), $this->id())
+                ->execute();
+
+            if (!$query) {
+                $this->errorsArray = array_merge($this->errorsArray, $this->db->errors());
+                return false;
+            }
+        } catch (\Throwable $th) {
+            throw new \Exception($th->getMessage());
+        }
+
+        $this->data[$passwordKey] = $newPassword;
+
+        return true;
+    }
+
+    /**
+     * Reset user password
+     * ---
+     * Reset user password in the database
+     *
+     * @param string $newPassword New password
+     * @return bool
+     */
+    public function resetPassword(string $newPassword): bool
+    {
+        $user = $this->get();
+
+        if (!$user) {
+            return false;
+        }
+
+        $passwordKey = Config::get('password.key');
+        $newPassword = (Config::get('password.encode') !== false)
+            ? ((is_callable(Config::get('password.encode')))
+                ? call_user_func(Config::get('password.encode'), $newPassword)
+                : Password::hash($newPassword))
+            : $newPassword;
+
+        try {
+            $query = $this->db->update(Config::get('db.table'))
+                ->params([$passwordKey => $newPassword])
+                ->where(Config::get('id.key'), $this->id())
+                ->execute();
+
+            if (!$query) {
+                $this->errorsArray = array_merge($this->errorsArray, $this->db->errors());
+                return false;
+            }
+        } catch (\Throwable $th) {
+            throw new \Exception($th->getMessage());
+        }
+
+        $this->data[$passwordKey] = $newPassword;
+
+        return true;
+    }
+
     /**
      * Get auth information to be sent to the client
      * @return object
@@ -212,7 +381,7 @@ public function verifyEmail(): bool
                 ->execute();
 
             return true;
-        } catch (Throwable $th) {
+        } catch (\Throwable $th) {
             return false;
         }
     }
@@ -246,7 +415,7 @@ public function get()
 
     /**
      * Set user db instance
-     * @param Db $db
+     * @param \Leaf\Db $db
      * @return User
      */
     public function setDb($db)
@@ -256,6 +425,15 @@ public function setDb($db)
         return $this;
     }
 
+    /**
+     * Get user errors
+     * @return array
+     */
+    public function errors()
+    {
+        return $this->errorsArray;
+    }
+
     public function __toString()
     {
         return json_encode($this->get());
@@ -296,14 +474,14 @@ public function __unset($name)
      *
      * @param mixed $method The table to relate to
      * @param mixed $args
-     * @throws Exception
+     * @throws \Exception
      *
      * @return Model
      */
     public function __call($method, $args)
     {
         if (!class_exists('Leaf\App')) {
-            throw new Exception('Relations are only available in Leaf apps.');
+            throw new \Exception('Relations are only available in Leaf apps.');
         }
 
         return (new Model([
