applicant-site/app/Http/Controllers/UserController.php

<?php

namespace App\Http\Controllers;

use App\Http\Requests\UpdateUserRequest;
use App\Models\User;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Contracts\View\Factory;
use Illuminate\Contracts\View\View;
use Illuminate\Foundation\Application;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;

class UserController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
    }
    public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
    {
        abort_if(!Auth::user('admin'), 403);

        $users = User::all();
        return view('users.index', compact('users'));
    }

    public function store(UpdateUserRequest $request): RedirectResponse
    {
        abort_if(!Auth::user('admin'), 403);

        $validated = $request->validated();

        $user = new User();
        $user->name = $validated['name'];
        $user->password = $validated['password'];
        $user->email = $validated['email'];
        $user->save();

        return redirect()->route('users.index');
    }

    public function create(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
    {
        abort_if(!Auth::user('admin'), 403);

        return view('users.create');
    }

    public function edit(User $user): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
    {
        abort_if(!Auth::user('admin'), 403);

        return view('users.edit', compact('user'));
    }

    public function update(UpdateUserRequest $request, User $user): RedirectResponse
    {
        abort_if(!Auth::user('admin'), 403);

        $validated = $request->validated();

        $user->name = $validated['name'];
        $user->password = Hash::make($validated['password']);
        $user->email = $validated['email'];
        $user->remember_token = Str::random(60);
        $user->save();

        return redirect()->route('users.index');
    }

    public function destroy(User $user): RedirectResponse
    {
        abort_if(!Auth::user('admin'), 403);

        $user->delete();

        return redirect()->route('users.index');
    }
}