firefly-iii/app/Http/Controllers/Auth/LoginController.php

<?php
/**
 * LoginController.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
declare(strict_types = 1);

namespace FireflyIII\Http\Controllers\Auth;

use Config;
use FireflyConfig;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Lang;

/**
 * Class LoginController
 *
 * @package FireflyIII\Http\Controllers\Auth
 */
class LoginController extends Controller
{

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login / registration.
     *
     * @var string
     */
    protected $redirectTo = '/';

    /**
     * Create a new controller instance.
     *
     */
    public function __construct()
    {
        parent::__construct();
        $this->middleware('guest', ['except' => 'logout']);
    }

    /**
     * Handle a login request to the application.
     *
     * @param Request $request
     *
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response
     */
    public function login(Request $request)
    {
        $this->validateLogin($request);
        $lockedOut = $this->hasTooManyLoginAttempts($request);
        if ($lockedOut) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }

        $credentials            = $this->credentials($request);
        $credentials['blocked'] = 0; // must not be blocked.

        if ($this->guard()->attempt($credentials, $request->has('remember'))) {
            return $this->sendLoginResponse($request);
        }

        // check if user is blocked:
        $errorMessage = '';
        /** @var User $foundUser */
        $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first();
        if (!is_null($foundUser)) {
            // user exists, but is blocked:
            $code         = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked';
            $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']]));
        }

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        if (!$lockedOut) {
            $this->incrementLoginAttempts($request);
        }

        return $this->sendFailedLoginResponse($request, $errorMessage);
    }

    /**
     * Show the application login form.
     *
     * @param Request $request
     *
     * @return \Illuminate\Http\Response
     */
    public function showLoginForm(Request $request)
    {
        // is allowed to?
        $singleUserMode    = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data;
        $userCount         = User::count();
        $allowRegistration = true;
        if ($singleUserMode === true && $userCount > 0) {
            $allowRegistration = false;
        }

        $email    = $request->old('email');
        $remember = $request->old('remember');

        return view('auth.login', compact('allowRegistration', 'email', 'remember'));
    }

    /**
     * Get the failed login message.
     *
     * @param string $message
     *
     * @return string
     */
    protected function getFailedLoginMessage(string $message)
    {
        if (strlen($message) > 0) {
            return $message;
        }

        return Lang::has('auth.failed') ? Lang::get('auth.failed') : 'These credentials do not match our records.';
    }

    /**
     * Get the failed login response instance.
     *
     * @param \Illuminate\Http\Request $request
     * @param string                   $message
     *
     * @return \Illuminate\Http\RedirectResponse
     */
    protected function sendFailedLoginResponse(Request $request, string $message)
    {
        return redirect()->back()
                         ->withInput($request->only($this->username(), 'remember'))
                         ->withErrors(
                             [
                                 $this->username() => $this->getFailedLoginMessage($message),
                             ]
                         );
    }
}
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`<?php`
Update copyright notices, update German language. 2016-09-17 00:57:32 -05:00			`/**`
			`* LoginController.php`
			`* Copyright (C) 2016 thegrumpydictator@gmail.com`
			`*`
Some code cleanup and copyright cleanup. [skip ci] 2016-10-04 23:52:15 -05:00			`* This software may be modified and distributed under the terms of the`
			`* Creative Commons Attribution-ShareAlike 4.0 International License.`
			`*`
			`* See the LICENSE file for details.`
Update copyright notices, update German language. 2016-09-17 00:57:32 -05:00			`*/`
			`declare(strict_types = 1);`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00
			`namespace FireflyIII\Http\Controllers\Auth;`

Fixing some login routes 2016-09-16 00:22:57 -05:00			`use Config;`
			`use FireflyConfig;`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`use FireflyIII\Http\Controllers\Controller;`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`use FireflyIII\User;`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`use Illuminate\Foundation\Auth\AuthenticatesUsers;`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`use Illuminate\Http\Request;`
			`use Lang;`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00
Fixing some login routes 2016-09-16 00:22:57 -05:00			`/**`
			`* Class LoginController`
			`*`
			`* @package FireflyIII\Http\Controllers\Auth`
			`*/`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`class LoginController extends Controller`
			`{`

			`use AuthenticatesUsers;`

			`/**`
			`* Where to redirect users after login / registration.`
			`*`
			`* @var string`
			`*/`
Fix some tests. 2016-12-09 09:30:33 -06:00			`protected $redirectTo = '/';`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00
			`/**`
			`* Create a new controller instance.`
			`*`
			`*/`
			`public function __construct()`
			`{`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`parent::__construct();`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`$this->middleware('guest', ['except' => 'logout']);`
			`}`
Fixing some login routes 2016-09-16 00:22:57 -05:00
			`/**`
			`* Handle a login request to the application.`
			`*`
Updated some copyright notices [skip ci] 2016-12-23 00:02:45 -06:00			`* @param Request $request`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`*`
Updated some copyright notices [skip ci] 2016-12-23 00:02:45 -06:00			`* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Http\Response`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`*/`
			`public function login(Request $request)`
			`{`
			`$this->validateLogin($request);`
Various code cleanup. 2016-11-26 02:16:06 -06:00			`$lockedOut = $this->hasTooManyLoginAttempts($request);`
			`if ($lockedOut) {`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`$this->fireLockoutEvent($request);`

			`return $this->sendLockoutResponse($request);`
			`}`

			`$credentials = $this->credentials($request);`
Fix some tests. 2016-12-09 09:30:33 -06:00			`$credentials['blocked'] = 0; // must not be blocked.`
Fixing some login routes 2016-09-16 00:22:57 -05:00
			`if ($this->guard()->attempt($credentials, $request->has('remember'))) {`
			`return $this->sendLoginResponse($request);`
			`}`

			`// check if user is blocked:`
			`$errorMessage = '';`
			`/** @var User $foundUser */`
			`$foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first();`
			`if (!is_null($foundUser)) {`
First set of code for #461 2016-12-13 10:21:28 -06:00			`// user exists, but is blocked:`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`$code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked';`
			`$errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']]));`
First set of code for #461 2016-12-13 10:21:28 -06:00			`}`
Code for #461 2016-12-13 13:37:38 -06:00
Fixing some login routes 2016-09-16 00:22:57 -05:00			`// If the login attempt was unsuccessful we will increment the number of attempts`
			`// to login and redirect the user back to the login form. Of course, when this`
			`// user surpasses their maximum number of attempts they will get locked out.`
			`if (!$lockedOut) {`
			`$this->incrementLoginAttempts($request);`
			`}`

			`return $this->sendFailedLoginResponse($request, $errorMessage);`
			`}`

			`/**`
			`* Show the application login form.`
			`*`
Move some methods around, refactoring. 2016-10-09 00:58:27 -05:00			`* @param Request $request`
			`*`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`* @return \Illuminate\Http\Response`
			`*/`
Various layout updates and tiny upgrade fixes [skip ci] 2016-09-16 06:29:56 -05:00			`public function showLoginForm(Request $request)`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`{`
			`// is allowed to?`
			`$singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data;`
			`$userCount = User::count();`
			`$allowRegistration = true;`
			`if ($singleUserMode === true && $userCount > 0) {`
			`$allowRegistration = false;`
			`}`

Various layout updates and tiny upgrade fixes [skip ci] 2016-09-16 06:29:56 -05:00			`$email = $request->old('email');`
			`$remember = $request->old('remember');`

			`return view('auth.login', compact('allowRegistration', 'email', 'remember'));`
Fixing some login routes 2016-09-16 00:22:57 -05:00			`}`

			`/**`
			`* Get the failed login message.`
			`*`
			`* @param string $message`
			`*`
			`* @return string`
			`*/`
			`protected function getFailedLoginMessage(string $message)`
			`{`
			`if (strlen($message) > 0) {`
			`return $message;`
			`}`

			`return Lang::has('auth.failed') ? Lang::get('auth.failed') : 'These credentials do not match our records.';`
			`}`

			`/**`
			`* Get the failed login response instance.`
			`*`
			`* @param \Illuminate\Http\Request $request`
			`* @param string $message`
			`*`
			`* @return \Illuminate\Http\RedirectResponse`
			`*/`
			`protected function sendFailedLoginResponse(Request $request, string $message)`
			`{`
			`return redirect()->back()`
			`->withInput($request->only($this->username(), 'remember'))`
			`->withErrors(`
			`[`
			`$this->username() => $this->getFailedLoginMessage($message),`
			`]`
			`);`
			`}`
First set of upgrade to 5.3 stuff. 2016-09-15 23:19:40 -05:00			`}`