Added ability to reset passkey if needed.

public/assets/seria.css

@@ -776,3 +776,34 @@ body {
     font-size: 1.2em;
     padding: 4px 10px;
 }
+
+.settings {}
+
+.settings > div {
+    background: #161616;
+    overflow: hidden;
+    width: 100%;
+    box-shadow: 0 1px 2px rgba(0, 0, 0, .6);
+    text-shadow: 0 1px 4px #000;
+    align-items: center;
+    padding: 2px;
+}
+.settings > div:not(:first-child) {
+    margin-top: 2px;
+}
+.settings > div > h2 {
+    font-size: 1.4em;
+    padding: 5px 10px 2px;
+}
+.settings > div > p {
+    font-size: 0.9em;
+    line-height: 1.5em;
+    padding: 0 10px 5px;
+}
+.settings > div > form {
+    padding: 5px 10px 10px;
+    overflow: auto;
+}
+.settings > div > form > button {
+    padding: 5px 10px;
+}

src/SeriaContext.php

@@ -106,7 +106,7 @@ final class SeriaContext {
 
         $routing->register(new HomeRoutes($this->templating));
         $routing->register(new Users\ProfileRoutes($this->authInfo, $this->torrentsCtx, $this->usersCtx, $this->templating));
-        $routing->register(new Users\SettingsRoutes($this->authInfo, $this->templating));
+        $routing->register(new Users\SettingsRoutes($this->authInfo, $this->usersCtx, $this->csrfp, $this->templating));
         $routing->register(new Torrents\AnnounceRouting($this->torrentsCtx, $this->usersCtx));
         $routing->register(new Torrents\TorrentCreateRouting($this->dbConn, $this->authInfo, $this->torrentsCtx, $this->csrfp, $this->templating));
         $routing->register(new Torrents\TorrentInfoRouting($this->authInfo, $this->torrentsCtx, $this->usersCtx, $this->csrfp, $this->templating));

src/Users/SettingsRoutes.php

@@ -3,23 +3,45 @@ namespace Seria\Users;
 
 use Index\Routing\Route;
 use Index\Routing\RouteHandler;
+use Index\Security\CSRFP;
 use Sasae\SasaeEnvironment;
 use Seria\Auth\AuthInfo;
+use Seria\Users\UsersContext;
 
 class SettingsRoutes extends RouteHandler {
     public function __construct(
         private AuthInfo $authInfo,
+        private UsersContext $usersCtx,
+        private CSRFP $csrfp,
         private ?SasaeEnvironment $templating
     ) {}
 
-    #[Route('GET', '/settings')]
-    public function getIndex($response) {
+    #[Route('/settings')]
+    public function checkLogin($response, $request) {
         if(!$this->authInfo->isLoggedIn())
             return 403;
 
+        if($request->getMethod() === 'POST') {
+            if(!$request->isFormContent())
+                return 400;
+
+            $content = $request->getContent();
+            if(!$this->csrfp->verifyToken((string)$content->getParam('_csrfp')))
+                return 403;
+        }
+    }
+
+    #[Route('GET', '/settings')]
+    public function getIndex($response) {
         return $this->templating->render('settings');
     }
 
+    #[Route('POST', '/settings/passkey')]
+    public function postPasskey($response) {
+        $this->usersCtx->getUsers()->updatePassKey($this->authInfo->getUserInfo());
+        $response->redirect('/settings');
+    }
+
     #[Route('GET', '/settings.php')]
     public function getSettingsPHP($response): void {
         $response->redirect('/settings', true);

templates/settings.twig

@@ -3,5 +3,14 @@
 {% set title = 'Settings' %}
 
 {% block content %}
-    Provide option to reset pass key and shit here, maybe also a nuke tracker profile option but probably not.
+    <div class="settings">
+        <div class="settings-reset">
+            <h2>Reset Passkey</h2>
+            <p>In case you accidentally exposed your passkey to other people. This button will generate a new passkey for you, but that also means any existing torrent you may be seeding or downloading will no longer work and you'll have to redownload the .torrent file.</p>
+            <form action="/settings/passkey" method="post">
+                <input type="hidden" name="_csrfp" value="{{ csrfp_token() }}">
+                <button>Generate a new passkey</button>
+            </form>
+        </div>
+    </div>
 {% endblock %}