invoiceninja/app/Http/Controllers/Auth/AuthController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Events\UserLoggedIn;
use App\Http\Controllers\Controller;
use App\Models\User;
use App\Ninja\Repositories\AccountRepository;
use App\Services\AuthService;
use Auth;
use Event;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use Illuminate\Http\Request;
use Session;
use Utils;

class AuthController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Registration & Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles the registration of new users, as well as the
    | authentication of existing users. By default, this controller uses
    | a simple trait to add these behaviors. Why don't you explore it?
    |
    */

    use AuthenticatesAndRegistersUsers;

    /**
     * @var string
     */
    protected $redirectTo = '/dashboard';

    /**
     * @var AuthService
     */
    protected $authService;

    /**
     * @var AccountRepository
     */
    protected $accountRepo;

    /**
     * Create a new authentication controller instance.
     *
     * @param AccountRepository $repo
     * @param AuthService       $authService
     *
     * @internal param \Illuminate\Contracts\Auth\Guard $auth
     * @internal param \Illuminate\Contracts\Auth\Registrar $registrar
     */
    public function __construct(AccountRepository $repo, AuthService $authService)
    {
        $this->accountRepo = $repo;
        $this->authService = $authService;
    }

    /**
     * @param array $data
     *
     * @return mixed
     */
    public function validator(array $data)
    {
        return Validator::make($data, [
            'name' => 'required|max:255',
            'email' => 'required|email|max:255|unique:users',
            'password' => 'required|confirmed|min:6',
        ]);
    }

    /**
     * Create a new user instance after a valid registration.
     *
     * @param array $data
     *
     * @return User
     */
    public function create(array $data)
    {
        return User::create([
            'name' => $data['name'],
            'email' => $data['email'],
            'password' => bcrypt($data['password']),
        ]);
    }

    /**
     * @param $provider
     * @param Request $request
     *
     * @return \Illuminate\Http\RedirectResponse
     */
    public function authLogin($provider, Request $request)
    {
        return $this->authService->execute($provider, $request->has('code'));
    }

    /**
     * @return \Illuminate\Http\RedirectResponse
     */
    public function authUnlink()
    {
        $this->accountRepo->unlinkUserFromOauth(Auth::user());

        Session::flash('message', trans('texts.updated_settings'));

        return redirect()->to('/settings/' . ACCOUNT_USER_DETAILS);
    }

    /**
     * @return \Illuminate\Http\Response
     */
    public function getLoginWrapper()
    {
        if (auth()->check()) {
            return redirect('/');
        }

        if (! Utils::isNinja() && ! User::count()) {
            return redirect()->to('/setup');
        }

        if (Utils::isNinja() && ! Utils::isTravis()) {
            // make sure the user is on SITE_URL/login to ensure OAuth works
            $requestURL = request()->url();
            $loginURL = SITE_URL . '/login';
            $subdomain = Utils::getSubdomain(request()->url());
            if ($requestURL != $loginURL && ! strstr($subdomain, 'webapp-')) {
                return redirect()->to($loginURL);
            }
        }

        return self::getLogin();
    }

    /**
     * @param Request $request
     *
     * @return \Illuminate\Http\Response
     */
    public function postLoginWrapper(Request $request)
    {
        $userId = Auth::check() ? Auth::user()->id : null;
        $user = User::where('email', '=', $request->input('email'))->first();

        if ($user && $user->failed_logins >= MAX_FAILED_LOGINS) {
            Session::flash('error', trans('texts.invalid_credentials'));

            return redirect()->to('login');
        }

        $response = self::postLogin($request);

        if (Auth::check()) {
            Event::fire(new UserLoggedIn());

            /*
            $users = false;
            // we're linking a new account
            if ($request->link_accounts && $userId && Auth::user()->id != $userId) {
                $users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);
                Session::flash('message', trans('texts.associated_accounts'));
                // check if other accounts are linked
            } else {
                $users = $this->accountRepo->loadAccounts(Auth::user()->id);
            }
            */

            $users = $this->accountRepo->loadAccounts(Auth::user()->id);
            Session::put(SESSION_USER_ACCOUNTS, $users);
        } elseif ($user) {
            $user->failed_logins = $user->failed_logins + 1;
            $user->save();
        }

        return $response;
    }

    /**
     * @return \Illuminate\Http\Response
     */
    public function getLogoutWrapper()
    {
        if (Auth::check() && ! Auth::user()->registered) {
            if (request()->force_logout) {
                $account = Auth::user()->account;
                $this->accountRepo->unlinkAccount($account);

                if (! $account->hasMultipleAccounts()) {
                    $account->company->forceDelete();
                }
                $account->forceDelete();
            } else {
                return redirect('/');
            }
        }

        $response = self::getLogout();

        Session::flush();

        if ($reason = request()->reason) {
            Session::flash('warning', trans("texts.{$reason}_logout"));
        }

        return $response;
    }
}
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`<?php`

			`namespace App\Http\Controllers\Auth;`
Add Files 2015-03-17 07:45:25 +10:00
Reworking events for L5 2015-03-31 20:42:37 +03:00			`use App\Events\UserLoggedIn;`
Update Namespaces 2015-03-23 14:20:33 +10:00			`use App\Http\Controllers\Controller;`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`use App\Models\User;`
Added multi-company support 2015-06-16 22:35:35 +03:00			`use App\Ninja\Repositories\AccountRepository;`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`use App\Services\AuthService;`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`use Auth;`
			`use Event;`
Add Files 2015-03-17 07:45:25 +10:00			`use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`use Illuminate\Http\Request;`
			`use Session;`
			`use Utils;`
Add Files 2015-03-17 07:45:25 +10:00
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`class AuthController extends Controller`
			`{`
			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Registration & Login Controller`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| This controller handles the registration of new users, as well as the`
			`\| authentication of existing users. By default, this controller uses`
			`\| a simple trait to add these behaviors. Why don't you explore it?`
			`\|`
			`*/`

			`use AuthenticatesAndRegistersUsers;`
Add Files 2015-03-17 07:45:25 +10:00
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @var string`
			`*/`
Working on users in L5 2015-03-29 15:37:42 +03:00			`protected $redirectTo = '/dashboard';`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @var AuthService`
			`*/`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`protected $authService;`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @var AccountRepository`
			`*/`
Added multi-company support 2015-06-16 22:35:35 +03:00			`protected $accountRepo;`
Working on users in L5 2015-03-29 15:37:42 +03:00
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* Create a new authentication controller instance.`
			`*`
			`* @param AccountRepository $repo`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`* @param AuthService $authService`
			`*`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`* @internal param \Illuminate\Contracts\Auth\Guard $auth`
			`* @internal param \Illuminate\Contracts\Auth\Registrar $registrar`
			`*/`
			`public function __construct(AccountRepository $repo, AuthService $authService)`
			`{`
Added multi-company support 2015-06-16 22:35:35 +03:00			`$this->accountRepo = $repo;`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`$this->authService = $authService;`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`}`
Add Files 2015-03-17 07:45:25 +10:00
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @param array $data`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`*`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`* @return mixed`
			`*/`
Upgraded to Laravel 5.1 2016-02-22 19:47:19 +02:00			`public function validator(array $data)`
			`{`
			`return Validator::make($data, [`
			`'name' => 'required\|max:255',`
			`'email' => 'required\|email\|max:255\|unique:users',`
			`'password' => 'required\|confirmed\|min:6',`
			`]);`
			`}`

			`/**`
			`* Create a new user instance after a valid registration.`
			`*`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`* @param array $data`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`*`
Upgraded to Laravel 5.1 2016-02-22 19:47:19 +02:00			`* @return User`
			`*/`
			`public function create(array $data)`
			`{`
			`return User::create([`
			`'name' => $data['name'],`
			`'email' => $data['email'],`
			`'password' => bcrypt($data['password']),`
			`]);`
			`}`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @param $provider`
			`* @param Request $request`
			`*`
			`* @return \Illuminate\Http\RedirectResponse`
			`*/`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`public function authLogin($provider, Request $request)`
			`{`
			`return $this->authService->execute($provider, $request->has('code'));`
			`}`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @return \Illuminate\Http\RedirectResponse`
			`*/`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`public function authUnlink()`
			`{`
			`$this->accountRepo->unlinkUserFromOauth(Auth::user());`

			`Session::flash('message', trans('texts.updated_settings'));`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00
Bug fixes 2015-10-20 11:23:38 +03:00			`return redirect()->to('/settings/' . ACCOUNT_USER_DETAILS);`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`}`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @return \Illuminate\Http\Response`
			`*/`
Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`public function getLoginWrapper()`
			`{`
Redirect /login and /recover_password if logged in 2017-09-07 21:51:40 +03:00			`if (auth()->check()) {`
			`return redirect('/');`
			`}`

php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`if (! Utils::isNinja() && ! User::count()) {`
Working on tests 2017-04-18 16:53:00 +03:00			`return redirect()->to('/setup');`
Fix for Laravel\Socialite\Two\InvalidStateException 2017-04-18 15:44:08 +03:00			`}`
Working on tests 2017-04-18 17:04:44 +03:00
			`if (Utils::isNinja() && ! Utils::isTravis()) {`
Fix for Laravel\Socialite\Two\InvalidStateException 2017-04-18 15:44:08 +03:00			`// make sure the user is on SITE_URL/login to ensure OAuth works`
			`$requestURL = request()->url();`
			`$loginURL = SITE_URL . '/login';`
			`$subdomain = Utils::getSubdomain(request()->url());`
			`if ($requestURL != $loginURL && ! strstr($subdomain, 'webapp-')) {`
			`return redirect()->to($loginURL);`
			`}`
Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`}`
Working on tests 2017-04-18 17:04:44 +03:00
Added support for custom subdomains 2015-04-28 23:13:52 +03:00			`return self::getLogin();`
			`}`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @param Request $request`
			`*`
			`* @return \Illuminate\Http\Response`
			`*/`
Reworking events for L5 2015-03-31 20:42:37 +03:00			`public function postLoginWrapper(Request $request)`
			`{`
Added multi-company support 2015-06-16 22:35:35 +03:00			`$userId = Auth::check() ? Auth::user()->id : null;`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`$user = User::where('email', '=', $request->input('email'))->first();`

Minor improvements 2015-11-21 23:10:26 +02:00			`if ($user && $user->failed_logins >= MAX_FAILED_LOGINS) {`
Added custom invoice text fields 2015-10-11 17:41:09 +03:00			`Session::flash('error', trans('texts.invalid_credentials'));`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`return redirect()->to('login');`
			`}`

Reworking events for L5 2015-03-31 20:42:37 +03:00			`$response = self::postLogin($request);`

			`if (Auth::check()) {`
			`Event::fire(new UserLoggedIn());`
Added multi-company support 2015-06-16 22:35:35 +03:00
Simplify new company process 2016-12-29 22:24:11 +02:00			`/*`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`$users = false;`
			`// we're linking a new account`
Bug fixes 2015-11-03 13:20:49 +02:00			`if ($request->link_accounts && $userId && Auth::user()->id != $userId) {`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`$users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);`
Bug fixes 2015-11-03 13:20:49 +02:00			`Session::flash('message', trans('texts.associated_accounts'));`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`// check if other accounts are linked`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`} else {`
			`$users = $this->accountRepo->loadAccounts(Auth::user()->id);`
Added multi-company support 2015-06-16 22:35:35 +03:00			`}`
Simplify new company process 2016-12-29 22:24:11 +02:00			`*/`

			`$users = $this->accountRepo->loadAccounts(Auth::user()->id);`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`Session::put(SESSION_USER_ACCOUNTS, $users);`
			`} elseif ($user) {`
			`$user->failed_logins = $user->failed_logins + 1;`
			`$user->save();`
Reworking events for L5 2015-03-31 20:42:37 +03:00			`}`

			`return $response;`
			`}`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
			`* @return \Illuminate\Http\Response`
			`*/`
Added multi-company support 2015-06-16 22:35:35 +03:00			`public function getLogoutWrapper()`
			`{`
php-cs-fixer cleanup 2017-01-30 21:40:43 +02:00			`if (Auth::check() && ! Auth::user()->registered) {`
Add extra logout delete check 2017-03-24 16:44:01 +03:00			`if (request()->force_logout) {`
			`$account = Auth::user()->account;`
			`$this->accountRepo->unlinkAccount($account);`

			`if (! $account->hasMultipleAccounts()) {`
			`$account->company->forceDelete();`
			`}`
			`$account->forceDelete();`
			`} else {`
			`return redirect('/');`
Finalize multi-plan support * Allow admins to change plan * Check features instead of plans * Support linking/unlinking accounts * Support creating/deleting accounts 2016-04-18 22:35:18 -04:00			`}`
Improvments to multi-account switching 2015-07-07 23:08:16 +03:00			`}`

Added multi-company support 2015-06-16 22:35:35 +03:00			`$response = self::getLogout();`

			`Session::flush();`

Auto logout after inactivity 2017-01-31 13:09:25 +02:00			`if ($reason = request()->reason) {`
			`Session::flash('warning', trans("texts.{$reason}_logout"));`
			`}`

Added multi-company support 2015-06-16 22:35:35 +03:00			`return $response;`
			`}`
Add Files 2015-03-17 07:45:25 +10:00			`}`