lk-arpg · ScuffedNewt · Jan 21, 2026 · Jan 25, 2026 · itinerare · Jan 26, 2026
diff --git a/app/Http/Controllers/Auth/VerificationController.php b/app/Http/Controllers/Auth/VerificationController.php
diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php
@@ -48,7 +48,7 @@ public function getIndex() {
     public function getLink(Request $request) {
         // If the user already has an alias associated with their account, redirect them
         if (Auth::check() && Auth::user()->hasAlias) {
-            redirect()->to('home');
+            return redirect()->route('home');
         }
 
         // Display the login link
@@ -111,7 +111,11 @@ public function getAuthCallback(LinkService $service, $provider) {
     public function getEmail(Request $request) {
         // If the user already has an email associated with their account, redirect them
         if (Auth::check() && Auth::user()->hasEmail) {
-            return redirect()->to('home');
+            return redirect()->route('home');
+        }
+
+        if (config('lorekeeper.settings.allow_unverified_users_to_modify_emails') && $request->is('email/update')) {
+            return view('auth.update_email');
         }
 
         // Step 1: display a login email
@@ -128,7 +132,7 @@ public function postEmail(UserService $service, Request $request) {
         if ($service->updateEmail(['email' => $data], Auth::user())) {
             flash('Email added successfully!');
 
-            return redirect()->to('home');
+            return redirect()->route('home');
         } else {
             foreach ($service->errors()->getMessages()['error'] as $error) {
                 flash($error)->error();

diff --git a/app/Models/Rank/Rank.php b/app/Models/Rank/Rank.php
@@ -73,7 +73,7 @@ public function getDisplayNameAttribute() {
      * @return bool
      */
     public function getIsAdminAttribute() {
-        return $this->attributes['is_admin'];
+        return $this->attributes['is_admin'] || $this->powers()->where('power', 'admin')->exists();
     }
 
     /**********************************************************************************************
@@ -95,6 +95,15 @@ public function canEditRank($rank) {
         }
         if ($this->hasPower('edit_ranks')) {
             if ($this->isAdmin) {
+                // editing a false admin rank
+                if ($rank->powers()->where('power', 'admin')->exists()) {
+                    if ($this->attributes['is_admin']) {
+                        return 3; // must remove admin power to edit more granularly
+                    } else {
+                        return 4; // false admin rank, cannot edit
+                    }
+                }
+
                 if ($rank->id != $this->id) {
                     return 1;
                 } // can edit everything

diff --git a/config/lorekeeper/powers.php b/config/lorekeeper/powers.php
@@ -10,7 +10,10 @@
     | The list of staff powers that can be attached to a user rank.
     |
     */
-
+    'admin' => [
+        'name'        => 'Administrator Access',
+        'description' => 'Grants all powers automatically. Grant this power wisely.',
+    ],
     'edit_site_settings' => [
         'name'        => 'Edit Site Settings',
         'description' => 'Allow rank to modify site settings and upload new images to replace the site layout images.',

diff --git a/config/lorekeeper/settings.php b/config/lorekeeper/settings.php
@@ -429,4 +429,14 @@
     |
     */
     'enable_character_content_warnings'                 => 1,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Allow Unverified Users to Modify their Email Addresses
+    |--------------------------------------------------------------------------
+    |
+    | Allows users who have not yet verified their email addresses
+    | to modify their email address, in order to correct mistakes.
+    */
+    'allow_unverified_users_to_modify_emails'           => 1,
 ];
diff --git a/resources/views/admin/users/_create_edit_rank.blade.php b/resources/views/admin/users/_create_edit_rank.blade.php
@@ -33,22 +33,44 @@
         </div>
     </div>
 
-    @if ($editable != 2)
-        {{-- Powers --}}
-        <div class="form-group">
-            <div class="row">
+    @if ($editable == 2)
+        <div class="card bg-light mb-3">
+            <div class="card-body">Powers for the admin rank cannot be edited. {!! add_help('The admin rank has the ability to edit any editable information on the site, and is always highest-ranked (cannot be edited by any other user).') !!}</div>
+        </div>
+    @elseif ($editable == 3)
+        <div class="card bg-light mb-3">
+            <div class="card-body">
+                This rank has the "Admin" power granted to it, meaning it has all powers. If you want to edit this rank, you must remove the "Admin" power first.
                 @foreach ($powers as $key => $power)
-                    <div class="col-md-6 form-check">
+                    @if ($key != 'admin')
+                        @continue
+                    @endif
+                    <div class="col-md-6 form-group ml-1 mt-2 mb-0">
                         {!! Form::checkbox('powers[' . $key . ']', $key, $rankPowers ? isset($rankPowers[$key]) : false, ['class' => 'form-check-input', 'id' => 'powers[' . $key . ']']) !!}
                         {!! Form::label('powers[' . $key . ']', $power['name'], ['class' => 'form-check-label']) !!}
                         {!! add_help($power['description']) !!}
                     </div>
                 @endforeach
             </div>
         </div>
-    @else
+    @elseif ($editable == 4)
         <div class="card bg-light mb-3">
-            <div class="card-body">Powers for the admin rank cannot be edited. {!! add_help('The admin rank has the ability to edit any editable information on the site, and is always highest-ranked (cannot be edited by any other user).') !!}</div>
+            <div class="card-body">
+                You cannot edit this rank.
+            </div>
+        </div>
+    @else
+        {{-- Powers --}}
+        <div class="row">
+            @foreach ($powers as $key => $power)
+                <div class="col-md-6">
+                    <div class="form-check">
+                        {!! Form::checkbox('powers[' . $key . ']', $key, $rankPowers ? isset($rankPowers[$key]) : false, ['class' => 'form-check-input', 'id' => 'powers[' . $key . ']']) !!}
+                        {!! Form::label('powers[' . $key . ']', $power['name'], ['class' => 'form-check-label']) !!}
+                        {!! add_help($power['description']) !!}
+                    </div>
+                </div>
+            @endforeach
         </div>
     @endif
 

diff --git a/resources/views/auth/update_email.blade.php b/resources/views/auth/update_email.blade.php
@@ -0,0 +1,41 @@
+@extends('layouts.app')
+
+@section('title')
+    Update Email Address
+@endsection
+
+@section('content')
+    <h1>Update Email Address</h1>
+    <p class="mb-1">
+        The currently linked email to your account is:
+    </p>
+    <div class="alert alert-secondary mb-2" role="alert">
+        {{ Auth::user()->email }}
+    </div>
+    <p>
+        If this email address is incorrect, please enter the correct email address below to update it.
+    </p>
+
+
+    {!! Form::open(['url' => 'email/update', 'method' => 'POST']) !!}
+
+    <div class="form-group row">
+        {!! Form::label('email', 'Email Address', ['class' => 'col-md-4 col-form-label text-md-right']) !!}
+        <div class="col-md-6">
+            {!! Form::email('email', old('email'), ['class' => 'form-control' . ($errors->has('email') ? ' is-invalid' : ''), 'required']) !!}
+            @if ($errors->has('email'))
+                <span class="invalid-feedback" role="alert">
+                    <strong>{{ $errors->first('email') }}</strong>
+                </span>
+            @endif
+        </div>
+    </div>
+
+    <div class="form-group row">
+        <div class="col-md-6 offset-md-4">
+            {!! Form::submit('Update Email Address', ['class' => 'btn btn-primary']) !!}
+        </div>
+    </div>
+
+    {!! Form::close() !!}
+@endsection
diff --git a/resources/views/auth/verify.blade.php b/resources/views/auth/verify.blade.php
@@ -20,4 +20,11 @@
             {{ __('click here to request another') }}
         </button>.
     </form>
+
+    @if (config('lorekeeper.settings.allow_unverified_users_to_modify_emails'))
+        <div class="alert alert-warning mt-3" role="alert">
+            {{ __('If you need to change your email address, you can do so') }}
+            <a href="{{ url('email/update') }}">{{ __('here') }}</a>.
+        </div>
+    @endif
 @endsection
diff --git a/routes/web.php b/routes/web.php
@@ -27,6 +27,13 @@
 
 Route::feeds('feeds');
 
+// Updating email from verification notice
+Route::middleware('auth')->group(function () {
+    Route::get('/email/update', 'HomeController@getEmail');
+
+    Route::post('/email/update', 'HomeController@postEmail');
+});
+
 /**************************************************************************************************
     Routes that require login
 **************************************************************************************************/