[9.x] Add passwordTimeout to RequirePassword middleware as a parameter (#35531)

Alin Ionut · Alin Musat · taylorotwell · web-flow · commit 7620a54b65ae · 2020-12-08T08:14:14.000-06:00
* add passwordTimeout to RequirePassword middleware as a parameter

* Update RequirePassword.php

Co-authored-by: Alin Musat &lt;alin@boostit.com&gt;
Co-authored-by: Taylor Otwell &lt;taylor@laravel.com&gt;
diff --git a/src/Illuminate/Auth/Middleware/RequirePassword.php b/src/Illuminate/Auth/Middleware/RequirePassword.php
@@ -50,11 +50,12 @@ public function __construct(ResponseFactory $responseFactory, UrlGenerator $urlG
      * @param  \Illuminate\Http\Request  $request
      * @param  \Closure  $next
      * @param  string|null  $redirectToRoute
+     * @param  int|null  $passwordTimeoutSeconds
      * @return mixed
      */
-    public function handle($request, Closure $next, $redirectToRoute = null)
+    public function handle($request, Closure $next, $redirectToRoute = null, $passwordTimeoutSeconds = null)
     {
-        if ($this->shouldConfirmPassword($request)) {
+        if ($this->shouldConfirmPassword($request, $passwordTimeoutSeconds)) {
             if ($request->expectsJson()) {
                 return $this->responseFactory->json([
                     'message' => 'Password confirmation required.',
@@ -73,12 +74,13 @@ public function handle($request, Closure $next, $redirectToRoute = null)
      * Determine if the confirmation timeout has expired.
      *
      * @param  \Illuminate\Http\Request  $request
+     * @param  int|null  $passwordTimeoutSeconds
      * @return bool
      */
-    protected function shouldConfirmPassword($request)
+    protected function shouldConfirmPassword($request, $passwordTimeoutSeconds = null)
     {
         $confirmedAt = time() - $request->session()->get('auth.password_confirmed_at', 0);
 
-        return $confirmedAt > $this->passwordTimeout;
+        return $confirmedAt > ($passwordTimeoutSeconds ?? $this->passwordTimeout);
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -50,11 +50,12 @@ public function __construct(ResponseFactory $responseFactory, UrlGenerator $urlG`
`50`	`50`	`* @param \Illuminate\Http\Request $request`
`51`	`51`	`* @param \Closure $next`
`52`	`52`	`* @param string\|null $redirectToRoute`
	`53`	`+ * @param int\|null $passwordTimeoutSeconds`
`53`	`54`	`* @return mixed`
`54`	`55`	`*/`
`55`		`- public function handle($request, Closure $next, $redirectToRoute = null)`
	`56`	`+ public function handle($request, Closure $next, $redirectToRoute = null, $passwordTimeoutSeconds = null)`
`56`	`57`	`{`
`57`		`- if ($this->shouldConfirmPassword($request)) {`
	`58`	`+ if ($this->shouldConfirmPassword($request, $passwordTimeoutSeconds)) {`
`58`	`59`	`if ($request->expectsJson()) {`
`59`	`60`	`return $this->responseFactory->json([`
`60`	`61`	`'message' => 'Password confirmation required.',`
`@@ -73,12 +74,13 @@ public function handle($request, Closure $next, $redirectToRoute = null)`
`73`	`74`	`* Determine if the confirmation timeout has expired.`
`74`	`75`	`*`
`75`	`76`	`* @param \Illuminate\Http\Request $request`
	`77`	`+ * @param int\|null $passwordTimeoutSeconds`
`76`	`78`	`* @return bool`
`77`	`79`	`*/`
`78`		`- protected function shouldConfirmPassword($request)`
	`80`	`+ protected function shouldConfirmPassword($request, $passwordTimeoutSeconds = null)`
`79`	`81`	`{`
`80`	`82`	`$confirmedAt = time() - $request->session()->get('auth.password_confirmed_at', 0);`
`81`	`83`
`82`		`- return $confirmedAt > $this->passwordTimeout;`
	`84`	`+ return $confirmedAt > ($passwordTimeoutSeconds ?? $this->passwordTimeout);`
`83`	`85`	`}`
`84`	`86`	`}`