invoiceninja/app/Http/Controllers/Auth/AuthController.php

<?php namespace App\Http\Controllers\Auth;

use Auth;
use Event;
use Utils;
use Session;
use Illuminate\Http\Request;
use App\Models\User;
use App\Events\UserLoggedIn;
use App\Http\Controllers\Controller;
use App\Ninja\Repositories\AccountRepository;
use App\Services\AuthService;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\Registrar;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;

class AuthController extends Controller {

	/*
	|--------------------------------------------------------------------------
	| Registration & Login Controller
	|--------------------------------------------------------------------------
	|
	| This controller handles the registration of new users, as well as the
	| authentication of existing users. By default, this controller uses
	| a simple trait to add these behaviors. Why don't you explore it?
	|
	*/

	use AuthenticatesAndRegistersUsers;

    protected $loginPath = '/login';
    protected $redirectTo = '/dashboard';
    protected $authService;
    protected $accountRepo;

	/**
	 * Create a new authentication controller instance.
	 *
	 * @param  \Illuminate\Contracts\Auth\Guard  $auth
	 * @param  \Illuminate\Contracts\Auth\Registrar  $registrar
	 * @return void
	 */
	public function __construct(Guard $auth, Registrar $registrar, AccountRepository $repo, AuthService $authService)
	{
		$this->auth = $auth;
		$this->registrar = $registrar;
        $this->accountRepo = $repo;
        $this->authService = $authService;

		//$this->middleware('guest', ['except' => 'getLogout']);
	}

    public function authLogin($provider, Request $request)
    {
        return $this->authService->execute($provider, $request->has('code'));
    }

    public function authUnlink()
    {
        $this->accountRepo->unlinkUserFromOauth(Auth::user());

        Session::flash('message', trans('texts.updated_settings'));
        return redirect()->to('/settings/' . ACCOUNT_USER_DETAILS);
    }

    public function getLoginWrapper()
    {
        if (!Utils::isNinja() && !User::count()) {
            return redirect()->to('invoice_now');
        }

        return self::getLogin();
    }

    public function postLoginWrapper(Request $request)
    {
        /** If request is from API*/
        if($request->api_secret)
        {
            return $this->postLoginWrapperAPI($request);
        }

        $userId = Auth::check() ? Auth::user()->id : null;
        $user = User::where('email', '=', $request->input('email'))->first();

        if ($user && $user->failed_logins >= 3) {
            Session::flash('error', trans('texts.invalid_credentials'));
            return redirect()->to('login');
        }

        $response = self::postLogin($request);

        if (Auth::check()) {
            Event::fire(new UserLoggedIn());

            $users = false;
            // we're linking a new account
            if ($userId && Auth::user()->id != $userId) {
                $users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);
                Session::flash('warning', trans('texts.associated_accounts'));
            // check if other accounts are linked
            } else {
                $users = $this->accountRepo->loadAccounts(Auth::user()->id);
            }
            Session::put(SESSION_USER_ACCOUNTS, $users);


        } elseif ($user) {
            $user->failed_logins = $user->failed_logins + 1;
            $user->save();
        }

        return $response;
    }

    private function postLoginWrapperAPI(Request $request)
    {
        /**Auth check*/

        /**Success*/
            /* send back user object along with account token if it exists,
            create token only if it does not exist*/

        /**Failure*/
            /* return json with failure message */

        if ($request->create_token) {
            if ( ! env(API_SECRET) || $request->api_secret !== env(API_SECRET)) {
                return 'Invalid secret';
            }
            return $this->accountRepo->createToken($request->token_name);
        }
    }


    public function getLogoutWrapper()
    {
        if (Auth::check() && !Auth::user()->registered) {
            $account = Auth::user()->account;
            $this->accountRepo->unlinkAccount($account);
            $account->forceDelete();
        }

        $response = self::getLogout();

        Session::flush();

        return $response;
    }
}
Update Namespaces 2015-03-23 14:20:33 +10:00			`<?php namespace App\Http\Controllers\Auth;`
Add Files 2015-03-17 07:45:25 +10:00
Reworking events for L5 2015-03-31 20:42:37 +03:00			`use Auth;`
			`use Event;`
Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`use Utils;`
Added multi-company support 2015-06-16 22:35:35 +03:00			`use Session;`
Reworking events for L5 2015-03-31 20:42:37 +03:00			`use Illuminate\Http\Request;`
Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`use App\Models\User;`
Reworking events for L5 2015-03-31 20:42:37 +03:00			`use App\Events\UserLoggedIn;`
Update Namespaces 2015-03-23 14:20:33 +10:00			`use App\Http\Controllers\Controller;`
Added multi-company support 2015-06-16 22:35:35 +03:00			`use App\Ninja\Repositories\AccountRepository;`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`use App\Services\AuthService;`
Add Files 2015-03-17 07:45:25 +10:00			`use Illuminate\Contracts\Auth\Guard;`
			`use Illuminate\Contracts\Auth\Registrar;`
			`use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;`

			`class AuthController extends Controller {`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Registration & Login Controller`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| This controller handles the registration of new users, as well as the`
			`\| authentication of existing users. By default, this controller uses`
			`\| a simple trait to add these behaviors. Why don't you explore it?`
			`\|`
			`*/`

			`use AuthenticatesAndRegistersUsers;`

Working on users in L5 2015-03-29 15:37:42 +03:00			`protected $loginPath = '/login';`
			`protected $redirectTo = '/dashboard';`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`protected $authService;`
Added multi-company support 2015-06-16 22:35:35 +03:00			`protected $accountRepo;`
Working on users in L5 2015-03-29 15:37:42 +03:00
Add Files 2015-03-17 07:45:25 +10:00			`/**`
			`* Create a new authentication controller instance.`
			`*`
			`* @param \Illuminate\Contracts\Auth\Guard $auth`
			`* @param \Illuminate\Contracts\Auth\Registrar $registrar`
			`* @return void`
			`*/`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`public function __construct(Guard $auth, Registrar $registrar, AccountRepository $repo, AuthService $authService)`
Add Files 2015-03-17 07:45:25 +10:00			`{`
			`$this->auth = $auth;`
			`$this->registrar = $registrar;`
Added multi-company support 2015-06-16 22:35:35 +03:00			`$this->accountRepo = $repo;`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`$this->authService = $authService;`
Add Files 2015-03-17 07:45:25 +10:00
Added multi-company support 2015-06-16 22:35:35 +03:00			`//$this->middleware('guest', ['except' => 'getLogout']);`
Add Files 2015-03-17 07:45:25 +10:00			`}`

Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`public function authLogin($provider, Request $request)`
			`{`
			`return $this->authService->execute($provider, $request->has('code'));`
			`}`

			`public function authUnlink()`
			`{`
			`$this->accountRepo->unlinkUserFromOauth(Auth::user());`

			`Session::flash('message', trans('texts.updated_settings'));`
Bug fixes 2015-10-20 11:23:38 +03:00			`return redirect()->to('/settings/' . ACCOUNT_USER_DETAILS);`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`}`

Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`public function getLoginWrapper()`
			`{`
			`if (!Utils::isNinja() && !User::count()) {`
			`return redirect()->to('invoice_now');`
			`}`

			`return self::getLogin();`
			`}`

Reworking events for L5 2015-03-31 20:42:37 +03:00			`public function postLoginWrapper(Request $request)`
			`{`
separate API logic 2015-11-02 15:29:38 +11:00			`/** If request is from API*/`
			`if($request->api_secret)`
			`{`
			`return $this->postLoginWrapperAPI($request);`
			`}`

Added multi-company support 2015-06-16 22:35:35 +03:00			`$userId = Auth::check() ? Auth::user()->id : null;`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`$user = User::where('email', '=', $request->input('email'))->first();`

Minor fixes 2015-08-03 22:08:07 +03:00			`if ($user && $user->failed_logins >= 3) {`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`Session::flash('error', trans('texts.invalid_credentials'));`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`return redirect()->to('login');`
			`}`

Reworking events for L5 2015-03-31 20:42:37 +03:00			`$response = self::postLogin($request);`

			`if (Auth::check()) {`
			`Event::fire(new UserLoggedIn());`
Added multi-company support 2015-06-16 22:35:35 +03:00
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`$users = false;`
			`// we're linking a new account`
			`if ($userId && Auth::user()->id != $userId) {`
			`$users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);`
Bug fixes 2015-10-18 10:30:28 +03:00			`Session::flash('warning', trans('texts.associated_accounts'));`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`// check if other accounts are linked`
			`} else {`
			`$users = $this->accountRepo->loadAccounts(Auth::user()->id);`
Added multi-company support 2015-06-16 22:35:35 +03:00			`}`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`Session::put(SESSION_USER_ACCOUNTS, $users);`
Added Fractal 2015-11-02 00:10:20 +02:00
separate API logic 2015-11-02 15:29:38 +11:00
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`} elseif ($user) {`
			`$user->failed_logins = $user->failed_logins + 1;`
			`$user->save();`
Reworking events for L5 2015-03-31 20:42:37 +03:00			`}`

			`return $response;`
			`}`

separate API logic 2015-11-02 15:29:38 +11:00			`private function postLoginWrapperAPI(Request $request)`
			`{`
			`/*Auth check/`

			`/*Success/`
			`/* send back user object along with account token if it exists,`
			`create token only if it does not exist*/`

			`/*Failure/`
			`/* return json with failure message */`

			`if ($request->create_token) {`
			`if ( ! env(API_SECRET) \|\| $request->api_secret !== env(API_SECRET)) {`
			`return 'Invalid secret';`
			`}`
			`return $this->accountRepo->createToken($request->token_name);`
			`}`
			`}`


Added multi-company support 2015-06-16 22:35:35 +03:00			`public function getLogoutWrapper()`
			`{`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`if (Auth::check() && !Auth::user()->registered) {`
			`$account = Auth::user()->account;`
			`$this->accountRepo->unlinkAccount($account);`
			`$account->forceDelete();`
			`}`

Added multi-company support 2015-06-16 22:35:35 +03:00			`$response = self::getLogout();`

			`Session::flush();`

			`return $response;`
			`}`
Add Files 2015-03-17 07:45:25 +10:00			`}`