🐛 Encrypt org passwords

Also adds a command to encrypt existing passwords #38

app/Console/Commands/EncryptOrgPasswords.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Org;
+
+class EncryptOrgPasswords extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'orgmanager:orgpwdcrypt';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Encrypts ORG passwords. For updating from OrgManager v1.1';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+     /**
+      * Execute the console command.
+      *
+      * @return mixed
+      */
+     public function handle()
+     {
+         $orgs = Org::whereNotNull('password')->get();
+         $total = Org::whereNotNull('password')->count();
+         if ($total == 0){
+           $this->error('There aren\'t any password-protected organizations.');
+         } else {
+         if ($this->confirm('Do you want to add encrypt '.$total.' passwords?')) {
+             $this->output->progressStart($total);
+             foreach ($orgs as $org) {
+                 $org->password = bcrypt($org->password);
+                 $org->save();
+                 $this->output->progressAdvance();
+             }
+             $this->output->progressFinish();
+             $this->info('Successfully encrypted '.$total.' passwords.');
+         }
+       }
+     }
+}

app/Console/Kernel.php

@@ -16,6 +16,7 @@ class Kernel extends ConsoleKernel
         \App\Console\Commands\AddToken::class,
         \App\Console\Commands\UpdateOrg::class,
         \App\Console\Commands\JoinOrg::class,
+        \App\Console\Commands\EncryptOrgPasswords::class,
     ];
 
     /**

app/Http/Controllers/DashboardController.php

@@ -37,19 +37,12 @@ public function changePassword(Request $request, $id)
 
             return redirect('dashboard');
         }
-        if (!$request->has('password') || trim($request->password) == '' || $request->password == $org->password) {
-            if ($org->password != '' && $request->password != $org->password) {
-                $org->password = null;
-                $org->save();
-                Toastr::success($org->name.trans('alerts.passwdchange'), trans('alerts.changed'));
-
-                return redirect('dashboard');
-            }
+        if (!$request->has('password') || trim($request->password) == '') {
             Toastr::error(trans('alerts.notchanged'), trans('alerts.error'));
 
             return redirect('dashboard');
         }
-        $org->password = $request->password;
+        $org->password = bcrypt($request->password);
         $org->save();
         Toastr::success($org->name.trans('alerts.passwdchange'), trans('alerts.changed'));
 

resources/views/orgs.blade.php

@@ -30,7 +30,7 @@
                       <td><a href="{{ url('join/'.$org->id) }}" target="_blank">{{ url('join/'.$org->id) }}</td>
                       <form id="password" method="POST" action="{{ url('password/'.$org->id) }}">
                       {{ csrf_field() }}
-                      <td><span class="octicon octicon-lock"@if($org->password) onclick="toggle_visibility('passwordview');" @endif ></span><div id="passwordview" style="display: none">{{ $org->password }}</div><input type="text" name="password" class="password" value="{{ $org->password }}" placeholder="@lang('organizations.passwdtext')"></td>
+                      <td><i class="octicon octicon-lock"></i><input type="text" name="password" class="password" value="{{ old('password') }}" placeholder="@lang('organizations.passwdtext')"></td>
                       <td><button class="btn waves-effect waves-light" type="submit" name="action"><i class="material-icons center">send</i></button></td>
                       </form>
                       <form id="sync" method="POST" action="{{ url('sync/'.$org->id) }}">