feat: shop UX polish — password reset / order email / multi-image / customer admin

Shop password reset:
- Configured 'shop_customers' password broker on the existing
  password_reset_tokens table
- ShopCustomer::sendPasswordResetNotification overrides Laravel default to
  send a ShopPasswordResetMail with a tenant-subdomain reset URL
- Routes /shop/password/forgot, /shop/password/email, /shop/password/reset/{token}
  + ShopAuthController showForgotPassword/sendResetLink/showResetPassword/
  resetPassword. Forgot view stays generic ("if it exists, we sent…") to avoid
  email enumeration. Login view links to "Am uitat parola".

Order confirmation email:
- ShopOrderConfirmationMail + nicely formatted HTML email template
- ShopOrderNotifier::placed now also emails customer_email (best-effort,
  warning-only logged on failure) alongside existing Telegram + staff push

Multiple images per Part:
- Part media collection switched from singleFile to multiple (max 8 in form)
- imageUrls() helper for galleries; imageUrl() still returns first for cards
- PartResource form: reorderable multi-upload
- Shop part detail: vertical thumbnails switch the main image via vanilla JS

ShopCustomerResource (tenant Filament, "Magazin" nav group):
- List with name/phone/email/client_id/orders_count/last_login_at
- Edit (no password field exposed)
- "Trimite reset parolă" action uses the new broker
- OrdersRelationManager shows the customer's orders read-only

Tests (7 new):
- forgot sends mail; forgot doesn't disclose unknown email; reset with valid
  token changes password; bad token rejected; order email when customer_email
  set; email skipped without it; Part has imageUrls() collection

Full suite: 130 passed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-03 06:14:45 +00:00
parent fca4f75e9c
commit 3da1f5412a
20 changed files with 703 additions and 8 deletions
@@ -105,11 +105,14 @@ class PartResource extends Resource
\Filament\Forms\Components\SpatieMediaLibraryFileUpload::make('image')
->label('Foto piesă')
->collection('image')
->multiple()
->reorderable()
->image()
->imageEditor()
->maxFiles(8)
->maxSize(2048)
->columnSpanFull()
->helperText('Apare în magazinul online (catalog + pagina piesei). Max 2 MB.'),
->helperText('Galerie de până la 8 imagini. Prima e afișată în catalog. Max 2 MB / imagine.'),
]),
Forms\Components\Textarea::make('notes')->label('Observații')->columnSpanFull()->rows(2),
]);
@@ -0,0 +1,103 @@
<?php
namespace App\Filament\Tenant\Resources;
use App\Filament\Tenant\Resources\ShopCustomerResource\Pages;
use App\Filament\Tenant\Resources\ShopCustomerResource\RelationManagers;
use App\Models\Tenant\ShopCustomer;
use Filament\Actions;
use Filament\Forms;
use Filament\Notifications\Notification;
use Filament\Resources\Resource;
use Filament\Schemas;
use Filament\Schemas\Schema;
use Filament\Tables;
use Filament\Tables\Table;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
class ShopCustomerResource extends Resource
{
protected static ?string $model = ShopCustomer::class;
protected static string|\BackedEnum|null $navigationIcon = 'heroicon-o-user-circle';
protected static ?string $navigationLabel = 'Clienți magazin';
protected static string|\UnitEnum|null $navigationGroup = 'Magazin';
protected static ?string $modelLabel = 'client magazin';
protected static ?string $pluralModelLabel = 'clienți magazin';
protected static ?int $navigationSort = 52;
public static function form(Schema $schema): Schema
{
return $schema->components([
Schemas\Components\Section::make()->columns(2)->schema([
Forms\Components\TextInput::make('name')->label('Nume')->required()->maxLength(160),
Forms\Components\TextInput::make('phone')->label('Telefon')->required()->maxLength(40),
Forms\Components\TextInput::make('email')->label('Email')->email()->maxLength(160),
Forms\Components\Select::make('client_id')
->label('Client legat (CRM)')
->options(fn () => \App\Models\Tenant\Client::pluck('name', 'id'))
->searchable()
->helperText('Legătura cu fișa CRM (opțional). Auto-matched la înregistrare după telefon.'),
]),
]);
}
public static function table(Table $table): Table
{
return $table
->columns([
Tables\Columns\TextColumn::make('name')->searchable()->sortable(),
Tables\Columns\TextColumn::make('phone')->copyable()->searchable(),
Tables\Columns\TextColumn::make('email')->placeholder('—')->copyable()->toggleable(),
Tables\Columns\TextColumn::make('client.name')->label('Client CRM')->placeholder('—')->toggleable(),
Tables\Columns\TextColumn::make('orders_count')->counts('orders')->label('Comenzi')->alignRight(),
Tables\Columns\TextColumn::make('last_login_at')->label('Ultim login')->since()->placeholder('Niciodată'),
Tables\Columns\TextColumn::make('created_at')->label('Înregistrat')->date('d.m.Y')->toggleable(),
])
->actions([
Actions\Action::make('reset_password')
->label('Trimite reset parolă')
->icon('heroicon-m-key')
->color('warning')
->visible(fn (ShopCustomer $r) => ! empty($r->email))
->requiresConfirmation()
->modalDescription('Trimite emailul standard de resetare a parolei către clientul magazinului.')
->action(function (ShopCustomer $r) {
$status = Password::broker('shop_customers')->sendResetLink(['email' => $r->email]);
Notification::make()
->title($status === Password::RESET_LINK_SENT
? 'Link de resetare trimis la ' . $r->email
: 'Eșec: ' . $status)
->{$status === Password::RESET_LINK_SENT ? 'success' : 'warning'}()
->send();
}),
Actions\EditAction::make(),
Actions\DeleteAction::make(),
])
->emptyStateHeading('Niciun client magazin')
->emptyStateDescription('Aici apar clienții care și-au creat cont în magazinul online (/shop/register).')
->emptyStateIcon('heroicon-o-user-circle')
->defaultSort('created_at', 'desc');
}
public static function getRelations(): array
{
return [
RelationManagers\OrdersRelationManager::class,
];
}
public static function getPages(): array
{
return [
'index' => Pages\ListShopCustomers::route('/'),
'edit' => Pages\EditShopCustomer::route('/{record}/edit'),
];
}
}
@@ -0,0 +1,17 @@
<?php
namespace App\Filament\Tenant\Resources\ShopCustomerResource\Pages;
use App\Filament\Tenant\Resources\ShopCustomerResource;
use Filament\Actions;
use Filament\Resources\Pages\EditRecord;
class EditShopCustomer extends EditRecord
{
protected static string $resource = ShopCustomerResource::class;
protected function getHeaderActions(): array
{
return [Actions\DeleteAction::make()];
}
}
@@ -0,0 +1,11 @@
<?php
namespace App\Filament\Tenant\Resources\ShopCustomerResource\Pages;
use App\Filament\Tenant\Resources\ShopCustomerResource;
use Filament\Resources\Pages\ListRecords;
class ListShopCustomers extends ListRecords
{
protected static string $resource = ShopCustomerResource::class;
}
@@ -0,0 +1,38 @@
<?php
namespace App\Filament\Tenant\Resources\ShopCustomerResource\RelationManagers;
use App\Models\Tenant\OnlineOrder;
use Filament\Resources\RelationManagers\RelationManager;
use Filament\Tables;
use Filament\Tables\Table;
class OrdersRelationManager extends RelationManager
{
protected static string $relationship = 'orders';
protected static ?string $title = 'Comenzi';
public function table(Table $table): Table
{
return $table
->recordTitleAttribute('number')
->columns([
Tables\Columns\TextColumn::make('number')->label('Nr.'),
Tables\Columns\TextColumn::make('created_at')->label('Data')->dateTime('d.m.Y H:i'),
Tables\Columns\TextColumn::make('status')
->formatStateUsing(fn ($s) => OnlineOrder::STATUSES[$s] ?? $s)
->badge()
->colors([
'warning' => ['new'],
'info' => ['confirmed', 'packed'],
'primary' => ['shipped'],
'success' => ['delivered'],
'danger' => ['cancelled'],
]),
Tables\Columns\TextColumn::make('total')->money('MDL')->alignRight(),
])
->defaultSort('created_at', 'desc')
->emptyStateHeading('Nicio comandă încă');
}
}
@@ -5,10 +5,13 @@ namespace App\Http\Controllers;
use App\Models\Tenant\Client;
use App\Models\Tenant\ShopCustomer;
use App\Tenancy\TenantManager;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Auth\Events\Registered;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
class ShopAuthController extends Controller
@@ -117,6 +120,61 @@ class ShopAuthController extends Controller
]);
}
public function showForgotPassword()
{
$tenant = $this->tenantOrFail();
return view('shop.auth.forgot', ['tenant' => $tenant, 'cartCount' => $this->cartCount()]);
}
public function sendResetLink(Request $request)
{
$this->tenantOrFail();
$data = $request->validate(['email' => 'required|email']);
// Send (always returns generic "sent" message — don't disclose if email exists).
Password::broker('shop_customers')->sendResetLink(['email' => $data['email']]);
return back()->with('status', 'Dacă există un cont cu acest email, am trimis un link de resetare.');
}
public function showResetPassword(string $token, Request $request)
{
$tenant = $this->tenantOrFail();
return view('shop.auth.reset', [
'tenant' => $tenant,
'token' => $token,
'email' => $request->query('email'),
'cartCount' => $this->cartCount(),
]);
}
public function resetPassword(Request $request)
{
$this->tenantOrFail();
$data = $request->validate([
'token' => 'required|string',
'email' => 'required|email',
'password' => 'required|string|min:6|confirmed',
]);
$status = Password::broker('shop_customers')->reset(
$data,
function (ShopCustomer $customer, string $password) {
$customer->forceFill([
'password' => Hash::make($password),
'remember_token' => Str::random(60),
])->save();
event(new PasswordReset($customer));
}
);
if ($status === Password::PASSWORD_RESET) {
return redirect('/shop/login')->with('status', 'Parola a fost resetată. Te poți loga acum.');
}
return back()->withErrors(['email' => 'Link invalid sau expirat. Cere unul nou.'])->withInput();
}
private function cartCount(): int
{
$tenant = app(TenantManager::class)->current();
+43
View File
@@ -0,0 +1,43 @@
<?php
namespace App\Mail;
use App\Models\Central\Company;
use App\Models\Tenant\OnlineOrder;
use Illuminate\Bus\Queueable;
use Illuminate\Mail\Mailable;
use Illuminate\Mail\Mailables\Content;
use Illuminate\Mail\Mailables\Envelope;
use Illuminate\Queue\SerializesModels;
class ShopOrderConfirmationMail extends Mailable
{
use Queueable, SerializesModels;
public function __construct(
public OnlineOrder $order,
public Company $company,
) {}
public function envelope(): Envelope
{
$brand = $this->company->display_name ?? $this->company->name;
return new Envelope(
subject: "Comanda #{$this->order->number} primită — {$brand}",
);
}
public function content(): Content
{
return new Content(
view: 'emails.shop.order-confirmation',
with: [
'order' => $this->order,
'company' => $this->company,
'items' => $this->order->items()->get(),
'trackingUrl' => $this->order->trackingUrl(),
'currency' => $this->company->settings['currency'] ?? 'MDL',
],
);
}
}
+42
View File
@@ -0,0 +1,42 @@
<?php
namespace App\Mail;
use App\Models\Central\Company;
use App\Models\Tenant\ShopCustomer;
use Illuminate\Bus\Queueable;
use Illuminate\Mail\Mailable;
use Illuminate\Mail\Mailables\Content;
use Illuminate\Mail\Mailables\Envelope;
use Illuminate\Queue\SerializesModels;
class ShopPasswordResetMail extends Mailable
{
use Queueable, SerializesModels;
public function __construct(
public ShopCustomer $customer,
public Company $company,
public string $resetUrl,
) {}
public function envelope(): Envelope
{
$brand = $this->company->display_name ?? $this->company->name;
return new Envelope(
subject: "Resetare parolă — {$brand}",
);
}
public function content(): Content
{
return new Content(
view: 'emails.shop.password-reset',
with: [
'customer' => $this->customer,
'company' => $this->company,
'resetUrl' => $this->resetUrl,
],
);
}
}
+11 -1
View File
@@ -16,7 +16,8 @@ class Part extends Model implements HasMedia
public function registerMediaCollections(): void
{
$this->addMediaCollection('image')->singleFile();
// Multi-image gallery (catalog uses imageUrl() = first; detail page renders all).
$this->addMediaCollection('image');
}
public function imageUrl(): ?string
@@ -27,6 +28,15 @@ class Part extends Model implements HasMedia
return $m->getUrl();
}
/** @return list<string> All published image URLs (excluding any whose file is missing). */
public function imageUrls(): array
{
return $this->getMedia('image')
->filter(fn ($m) => @file_exists($m->getPath()))
->map(fn ($m) => $m->getUrl())
->values()->all();
}
public const CATEGORIES = [
'Ulei', 'Filtre', 'Frâne', 'Suspensie', 'Lichide',
'Distribuție', 'Anvelope', 'Electrică', 'Caroserie', 'Altele',
+14
View File
@@ -39,4 +39,18 @@ class ShopCustomer extends Authenticatable
{
return 'id';
}
/** Send custom reset mail with a /shop/password/reset URL on the tenant subdomain. */
public function sendPasswordResetNotification($token): void
{
$tenant = \App\Models\Central\Company::withoutGlobalScopes()->find($this->company_id);
if (! $tenant || ! $this->email) return;
$central = config('app.central_domain') ?: config('tenancy.central_domains.0', 'service.mir.md');
$url = "https://{$tenant->slug}.{$central}/shop/password/reset/{$token}?email=" . urlencode($this->email);
\Illuminate\Support\Facades\Mail::to($this->email)->send(
new \App\Mail\ShopPasswordResetMail($this, $tenant, $url)
);
}
}
@@ -54,5 +54,17 @@ class ShopOrderNotifier
$this->telegram->sendMessage($company, (string) $client->telegram_chat_id, $text);
}
}
// ── Customer: email confirmation when address given ──
if ($order->customer_email) {
try {
\Illuminate\Support\Facades\Mail::to($order->customer_email)
->send(new \App\Mail\ShopOrderConfirmationMail($order, $company));
} catch (\Throwable $e) {
\Illuminate\Support\Facades\Log::warning('shop order confirmation mail failed', [
'order' => $order->id, 'err' => $e->getMessage(),
]);
}
}
}
}
+6
View File
@@ -58,6 +58,12 @@ return [
'expire' => 60,
'throttle' => 60,
],
'shop_customers' => [
'provider' => 'shop_customers',
'table' => 'password_reset_tokens',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800),
@@ -0,0 +1,65 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Comandă primită</title>
</head>
<body style="font-family: system-ui, -apple-system, 'Segoe UI', Roboto, sans-serif; max-width: 600px; margin: 0 auto; padding: 24px; color: #1f2937;">
@php $brand = $company->display_name ?? $company->name; @endphp
<h2 style="font-size: 22px; margin-bottom: 4px;">{{ $brand }}</h2>
<p style="color: #6b7280; margin-bottom: 24px;">Comanda ta a fost primită cu succes.</p>
<div style="background: #f9fafb; border-radius: 10px; padding: 18px; margin-bottom: 18px;">
<div style="font-size: 14px; color: #6b7280;">Comanda</div>
<div style="font-size: 22px; font-weight: 700; margin-bottom: 8px;">#{{ $order->number }}</div>
<div style="color: #6b7280; font-size: 13px;">
{{ $order->created_at->isoFormat('D MMM YYYY, HH:mm') }} ·
{{ \App\Models\Tenant\OnlineOrder::DELIVERY[$order->delivery_method] ?? $order->delivery_method }}
</div>
</div>
<h3 style="font-size: 16px; margin-bottom: 8px;">Produsele tale</h3>
<table style="width: 100%; border-collapse: collapse; margin-bottom: 18px; font-size: 14px;">
@foreach ($items as $item)
<tr>
<td style="padding: 8px 0; border-bottom: 1px solid #f3f4f6;">
{{ $item->name }}
<span style="color: #9ca3af;"> × {{ rtrim(rtrim(number_format((float) $item->qty, 2), '0'), '.') }}</span>
</td>
<td style="padding: 8px 0; border-bottom: 1px solid #f3f4f6; text-align: right;">
{{ number_format((float) $item->total, 2) }} {{ $currency }}
</td>
</tr>
@endforeach
@if ((float) $order->delivery_fee > 0)
<tr>
<td style="padding: 8px 0; color: #6b7280;">Livrare</td>
<td style="padding: 8px 0; text-align: right;">{{ number_format((float) $order->delivery_fee, 2) }} {{ $currency }}</td>
</tr>
@endif
<tr>
<td style="padding: 12px 0 4px; font-weight: 700;">Total</td>
<td style="padding: 12px 0 4px; font-weight: 700; font-size: 18px; text-align: right;">
{{ number_format((float) $order->total, 2) }} {{ $currency }}
</td>
</tr>
</table>
@if ($order->address)
<p style="background: #fefce8; border-left: 3px solid #facc15; padding: 10px 12px; font-size: 13px; color: #713f12;">
<strong>Adresă livrare:</strong> {{ $order->address }}
</p>
@endif
<p style="margin: 24px 0;">
<a href="{{ $trackingUrl }}" style="display: inline-block; background: #3b82f6; color: #fff; padding: 12px 24px; border-radius: 8px; text-decoration: none; font-weight: 600;">
Urmărește comanda
</a>
</p>
<p style="color: #9ca3af; font-size: 12px; border-top: 1px solid #e5e7eb; padding-top: 12px; margin-top: 32px;">
Email automat de la {{ $brand }} nu răspunde la el. Pentru întrebări, sună la {{ $company->phone ?? '—' }}.
</p>
</body>
</html>
@@ -0,0 +1,26 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Resetare parolă</title>
</head>
<body style="font-family: system-ui, -apple-system, 'Segoe UI', Roboto, sans-serif; max-width: 560px; margin: 0 auto; padding: 24px; color: #1f2937;">
@php $brand = $company->display_name ?? $company->name; @endphp
<h2 style="font-size: 22px; margin-bottom: 16px;">{{ $brand }}</h2>
<p>Salut {{ $customer->name }},</p>
<p>Ai cerut resetarea parolei pentru contul tău de magazin. Apasă linkul de mai jos ca setezi o parolă nouă:</p>
<p style="margin: 24px 0;">
<a href="{{ $resetUrl }}" style="display: inline-block; background: #3b82f6; color: #fff; padding: 12px 24px; border-radius: 8px; text-decoration: none; font-weight: 600;">
Resetează parola
</a>
</p>
<p style="color: #6b7280; font-size: 14px;">Linkul expiră în 60 de minute. Dacă nu ai cerut tu acest reset, ignoră emailul contul tău e în siguranță.</p>
<p style="color: #9ca3af; font-size: 12px; margin-top: 32px; border-top: 1px solid #e5e7eb; padding-top: 12px;">
Email automat de la {{ $brand }} nu răspunde la el.
</p>
</body>
</html>
@@ -0,0 +1,35 @@
@extends('shop.layout')
@section('title', 'Resetare parolă')
@section('content')
<div style="max-width:380px;margin:0 auto;">
<h1 style="font-size:22px;margin-bottom:8px;">Am uitat parola</h1>
<p class="muted" style="margin-bottom:16px;">Introdu emailul cu care te-ai înregistrat îți trimitem un link de resetare.</p>
@if (session('status'))
<div class="card" style="border-color:#bbf7d0;background:#f0fdf4;margin-bottom:14px;color:#166534;font-size:14px;">
{{ session('status') }}
</div>
@endif
@if ($errors->any())
<div class="card" style="border-color:#fca5a5;background:#fef2f2;margin-bottom:14px;">
<ul style="margin:0;padding-left:18px;color:#991b1b;font-size:14px;">
@foreach ($errors->all() as $e)<li>{{ $e }}</li>@endforeach
</ul>
</div>
@endif
<form method="POST" action="/shop/password/email" class="card">
@csrf
<div class="field"><label>Email *</label>
<input type="email" name="email" value="{{ old('email') }}" required autofocus>
</div>
<button type="submit" class="btn block">Trimite link resetare</button>
</form>
<p class="muted" style="text-align:center;margin-top:12px;">
<a href="/shop/login" style="color:inherit;text-decoration:underline;"> Înapoi la login</a>
</p>
</div>
@endsection
+7 -1
View File
@@ -25,7 +25,13 @@
</form>
<p class="muted" style="text-align:center;margin-top:12px;">
Nu ai cont? <a href="/shop/register" style="color:inherit;text-decoration:underline;">Înregistrare</a>
<a href="/shop/password/forgot" style="color:inherit;text-decoration:underline;">Am uitat parola</a>
· Nu ai cont? <a href="/shop/register" style="color:inherit;text-decoration:underline;">Înregistrare</a>
</p>
@if (session('status'))
<div class="card" style="border-color:#bbf7d0;background:#f0fdf4;margin-top:14px;color:#166534;font-size:14px;text-align:center;">
{{ session('status') }}
</div>
@endif
</div>
@endsection
+31
View File
@@ -0,0 +1,31 @@
@extends('shop.layout')
@section('title', 'Parolă nouă')
@section('content')
<div style="max-width:380px;margin:0 auto;">
<h1 style="font-size:22px;margin-bottom:16px;">Setează o parolă nouă</h1>
@if ($errors->any())
<div class="card" style="border-color:#fca5a5;background:#fef2f2;margin-bottom:14px;">
<ul style="margin:0;padding-left:18px;color:#991b1b;font-size:14px;">
@foreach ($errors->all() as $e)<li>{{ $e }}</li>@endforeach
</ul>
</div>
@endif
<form method="POST" action="/shop/password/reset" class="card">
@csrf
<input type="hidden" name="token" value="{{ $token }}">
<div class="field"><label>Email *</label>
<input type="email" name="email" value="{{ old('email', $email) }}" required readonly style="background:#f9fafb;">
</div>
<div class="field"><label>Parolă nouă *</label>
<input type="password" name="password" required minlength="6" autofocus>
</div>
<div class="field"><label>Confirmă parola *</label>
<input type="password" name="password_confirmation" required minlength="6">
</div>
<button type="submit" class="btn block">Setează parola</button>
</form>
</div>
@endsection
+32 -5
View File
@@ -1,14 +1,41 @@
@extends('shop.layout')
@section('title', $part->name)
@section('content')
@php $currency = $tenant->settings['currency'] ?? 'MDL'; $stock = (float) $part->qty; $img = $part->imageUrl(); @endphp
@php
$currency = $tenant->settings['currency'] ?? 'MDL';
$stock = (float) $part->qty;
$imgs = $part->imageUrls();
@endphp
<a href="/shop" class="muted"> Înapoi la catalog</a>
@if ($img)
<div class="card" style="margin-top:12px;display:grid;grid-template-columns:260px 1fr;gap:20px;align-items:start;">
<div style="border-radius:10px;overflow:hidden;aspect-ratio:1;background:#f9fafb;border:1px solid #e5e7eb;">
<img src="{{ $img }}" alt="{{ $part->name }}" style="width:100%;height:100%;object-fit:cover;display:block;">
@if (! empty($imgs))
<div class="card" style="margin-top:12px;display:grid;grid-template-columns:280px 1fr;gap:20px;align-items:start;">
<div>
<div style="border-radius:10px;overflow:hidden;aspect-ratio:1;background:#f9fafb;border:1px solid #e5e7eb;">
<img id="gallery-main" src="{{ $imgs[0] }}" alt="{{ $part->name }}" style="width:100%;height:100%;object-fit:cover;display:block;">
</div>
@if (count($imgs) > 1)
<div style="display:flex;gap:6px;margin-top:8px;flex-wrap:wrap;">
@foreach ($imgs as $i => $url)
<button type="button" data-gallery-src="{{ $url }}" data-gallery-index="{{ $i }}"
class="gallery-thumb {{ $i === 0 ? 'thumb-active' : '' }}"
style="width:54px;height:54px;border-radius:6px;overflow:hidden;padding:0;cursor:pointer;background:#f9fafb;border:1px solid #e5e7eb;">
<img src="{{ $url }}" style="width:100%;height:100%;object-fit:cover;display:block;">
</button>
@endforeach
</div>
<style>.thumb-active { border: 2px solid #3b82f6 !important; }</style>
<script>
document.querySelectorAll('.gallery-thumb').forEach(btn => {
btn.addEventListener('click', () => {
document.getElementById('gallery-main').src = btn.dataset.gallerySrc;
document.querySelectorAll('.gallery-thumb').forEach(b => b.classList.remove('thumb-active'));
btn.classList.add('thumb-active');
});
});
</script>
@endif
</div>
<div>
@else
+5
View File
@@ -101,6 +101,11 @@ Route::controller(\App\Http\Controllers\ShopAuthController::class)->prefix('shop
Route::post('/login', 'login');
Route::post('/logout', 'logout')->name('shop.logout');
Route::get('/account', 'account')->name('shop.account');
Route::get('/password/forgot', 'showForgotPassword')->name('shop.password.forgot');
Route::post('/password/email', 'sendResetLink')->name('shop.password.email');
Route::get('/password/reset/{token}', 'showResetPassword')->name('password.reset');
Route::post('/password/reset', 'resetPassword')->name('shop.password.update');
});
// ─── Public WO tracking (no auth, tenant-scoped via subdomain) ──────
+143
View File
@@ -0,0 +1,143 @@
<?php
namespace Tests\Feature;
use App\Mail\ShopOrderConfirmationMail;
use App\Mail\ShopPasswordResetMail;
use App\Models\Central\Company;
use App\Models\Central\Plan;
use App\Models\Tenant\OnlineOrder;
use App\Models\Tenant\ShopCustomer;
use App\Services\Notifications\ShopOrderNotifier;
use App\Services\Notifications\TelegramService;
use App\Services\Notifications\WebPushService;
use App\Tenancy\TenantManager;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Password;
use Tests\TestCase;
class ShopPasswordResetTest extends TestCase
{
use RefreshDatabase;
public function test_forgot_password_sends_reset_mail(): void
{
$this->makeShop('pr');
ShopCustomer::create([
'name' => 'X', 'phone' => '+37377000001',
'email' => 'x@example.com', 'password' => Hash::make('old'),
]);
Mail::fake();
$this->post('http://pr.service.mir.md/shop/password/email', [
'email' => 'x@example.com',
])->assertSessionHas('status');
Mail::assertSent(ShopPasswordResetMail::class, fn ($m) => $m->customer->email === 'x@example.com');
}
public function test_forgot_does_not_disclose_unknown_email(): void
{
$this->makeShop('pru');
Mail::fake();
$this->post('http://pru.service.mir.md/shop/password/email', [
'email' => 'ghost@example.com',
])->assertSessionHas('status'); // same generic status, no error
Mail::assertNothingSent();
}
public function test_reset_with_valid_token_changes_password(): void
{
$this->makeShop('rs');
$cust = ShopCustomer::create([
'name' => 'R', 'phone' => '+37377000002',
'email' => 'r@example.com', 'password' => Hash::make('old'),
]);
$token = Password::broker('shop_customers')->createToken($cust);
$this->post('http://rs.service.mir.md/shop/password/reset', [
'token' => $token,
'email' => 'r@example.com',
'password' => 'newpassword',
'password_confirmation' => 'newpassword',
])->assertRedirect('/shop/login');
$cust->refresh();
$this->assertTrue(Hash::check('newpassword', $cust->password));
}
public function test_reset_with_bad_token_rejected(): void
{
$this->makeShop('bad');
ShopCustomer::create([
'name' => 'B', 'phone' => '+37377000003',
'email' => 'b@example.com', 'password' => Hash::make('old'),
]);
$this->post('http://bad.service.mir.md/shop/password/reset', [
'token' => 'not-a-real-token',
'email' => 'b@example.com',
'password' => 'newpassword',
'password_confirmation' => 'newpassword',
])->assertSessionHasErrors();
}
public function test_order_notifier_sends_email_when_customer_email_present(): void
{
$ctx = $this->makeShop('mail');
Mail::fake();
$order = OnlineOrder::create([
'number' => OnlineOrder::generateNumber($ctx->id),
'customer_name' => 'M', 'customer_phone' => '+37377000004',
'customer_email' => 'm@example.com',
'delivery_method' => 'pickup', 'status' => 'new',
]);
app(ShopOrderNotifier::class)->placed($order);
Mail::assertSent(ShopOrderConfirmationMail::class, fn ($m) => $m->order->id === $order->id);
}
public function test_order_notifier_skips_email_without_customer_email(): void
{
$ctx = $this->makeShop('noeml');
Mail::fake();
$order = OnlineOrder::create([
'number' => OnlineOrder::generateNumber($ctx->id),
'customer_name' => 'N', 'customer_phone' => '+37377000005',
'delivery_method' => 'pickup', 'status' => 'new',
]);
app(ShopOrderNotifier::class)->placed($order);
Mail::assertNotSent(ShopOrderConfirmationMail::class);
}
public function test_part_has_multiple_images_collection(): void
{
$this->makeShop('multi');
$part = \App\Models\Tenant\Part::create([
'name' => 'P', 'sell_price' => 10, 'qty' => 1,
'unit' => 'buc', 'is_active' => true, 'buy_price' => 5,
]);
$this->assertIsArray($part->imageUrls());
$this->assertCount(0, $part->imageUrls());
}
private function makeShop(string $slug): Company
{
$plan = Plan::firstOrCreate(['slug' => 'test'], ['name' => 'T', 'price' => 0, 'features' => []]);
$company = Company::create([
'plan_id' => $plan->id, 'slug' => $slug,
'name' => ucfirst($slug), 'status' => 'active',
'settings' => ['shop' => ['enabled' => true, 'delivery_methods' => ['pickup']]],
]);
app(TenantManager::class)->setCurrent($company);
return $company;
}
}