From ff9146ab915431f960b20ed5d0dcd001e6555d25 Mon Sep 17 00:00:00 2001 From: James Cole Date: Sat, 9 Sep 2017 22:03:27 +0200 Subject: [PATCH] Authentication in separate commit. --- .../Auth/ForgotPasswordController.php | 64 ++---- app/Http/Controllers/Auth/LoginController.php | 190 ++---------------- .../Controllers/Auth/PasswordController.php | 88 -------- .../Controllers/Auth/RegisterController.php | 156 ++++---------- .../Auth/ResetPasswordController.php | 37 ++-- 5 files changed, 85 insertions(+), 450 deletions(-) delete mode 100644 app/Http/Controllers/Auth/PasswordController.php diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php index d1cfdd7832..33e4637060 100644 --- a/app/Http/Controllers/Auth/ForgotPasswordController.php +++ b/app/Http/Controllers/Auth/ForgotPasswordController.php @@ -1,72 +1,32 @@ middleware('guest'); } - - /** - * Send a reset link to the given user. - * - * @param Request $request - * - * @param UserRepositoryInterface $repository - * - * @return \Illuminate\Http\RedirectResponse - */ - public function sendResetLinkEmail(Request $request, UserRepositoryInterface $repository) - { - $this->validate($request, ['email' => 'required|email']); - - // verify if the user is not a demo user. If so, we give him back an error. - $user = User::where('email', $request->get('email'))->first(); - - if (!is_null($user) && $repository->hasRole($user, 'demo')) { - return back()->withErrors(['email' => trans('firefly.cannot_reset_demo_user')]); - } - - $response = $this->broker()->sendResetLink($request->only('email')); - - if ($response === Password::RESET_LINK_SENT) { - return back()->with('status', trans($response)); - } - - // If an error was returned by the password broker, we will get this message - // translated so we can notify a user of the problem. We'll redirect back - // to where the users came from so they can attempt this process again. - return back()->withErrors(['email' => trans($response)]); // @codeCoverageIgnore - } } diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index f74d1a1e7f..d6133b9f57 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -1,191 +1,39 @@ middleware('guest', ['except' => 'logout']); - } - - /** - * Handle a login request to the application. - * - * @param Request $request - * - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response - */ - public function login(Request $request) - { - $this->validateLogin($request); - $lockedOut = $this->hasTooManyLoginAttempts($request); - if ($lockedOut) { - $this->fireLockoutEvent($request); - - return $this->sendLockoutResponse($request); - } - - $credentials = $this->credentials($request); - $credentials['blocked'] = 0; // must not be blocked. - - if ($this->guard()->attempt($credentials, $request->has('remember'))) { - return $this->sendLoginResponse($request); - } - - $errorMessage = $this->getBlockedError($credentials['email']); - - if (!$lockedOut) { - $this->incrementLoginAttempts($request); - } - - return $this->sendFailedLoginResponse($request, $errorMessage); - } - - /** - * @param Request $request - * @param CookieJar $cookieJar - * - * @return $this - */ - public function logout(Request $request, CookieJar $cookieJar) - { - if (intval(getenv('SANDSTORM')) === 1) { - return view('error')->with('message', strval(trans('firefly.sandstorm_not_available'))); - } - - $cookie = $cookieJar->forever('twoFactorAuthenticated', 'false'); - - $this->guard()->logout(); - - $request->session()->flush(); - - $request->session()->regenerate(); - - return redirect('/')->withCookie($cookie); - } - - /** - * @return string - */ - public function redirectTo(): string - { - return route('index'); - } - - /** - * Show the application login form. - * - * @param Request $request - * - * @param CookieJar $cookieJar - * - * @return \Illuminate\Http\Response - */ - public function showLoginForm(Request $request, CookieJar $cookieJar) - { - // forget 2fa cookie: - $cookie = $cookieJar->forever('twoFactorAuthenticated', 'false'); - // is allowed to? - $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; - $userCount = User::count(); - $allowRegistration = true; - if ($singleUserMode === true && $userCount > 0) { - $allowRegistration = false; - } - - $email = $request->old('email'); - $remember = $request->old('remember'); - - return view('auth.login', compact('allowRegistration', 'email', 'remember'))->withCookie($cookie); - } - - /** - * Get the failed login message. - * - * @param string $message - * - * @return string - */ - protected function getFailedLoginMessage(string $message) - { - if (strlen($message) > 0) { - return $message; - } - - return Lang::has('auth.failed') ? Lang::get('auth.failed') : 'These credentials do not match our records.'; - } - - /** - * Get the failed login response instance. - * - * @param \Illuminate\Http\Request $request - * @param string $message - * - * @return \Illuminate\Http\RedirectResponse - */ - protected function sendFailedLoginResponse(Request $request, string $message) - { - return redirect()->back() - ->withInput($request->only($this->username(), 'remember')) - ->withErrors( - [ - $this->username() => $this->getFailedLoginMessage($message), - ] - ); - } - - /** - * @param string $email - * - * @return string - */ - private function getBlockedError(string $email): string - { - // check if user is blocked: - $errorMessage = ''; - /** @var User $foundUser */ - $foundUser = User::where('email', $email)->where('blocked', 1)->first(); - if (!is_null($foundUser)) { - // user exists, but is blocked: - $code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; - $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $email])); - } - - return $errorMessage; + $this->middleware('guest')->except('logout'); } } diff --git a/app/Http/Controllers/Auth/PasswordController.php b/app/Http/Controllers/Auth/PasswordController.php deleted file mode 100644 index 035b11bb13..0000000000 --- a/app/Http/Controllers/Auth/PasswordController.php +++ /dev/null @@ -1,88 +0,0 @@ -middleware('guest'); - } - - /** - * Send a reset link to the given user. - * @SuppressWarnings(PHPMD.CyclomaticComplexity) // it's 7 but ok - * - * @param \Illuminate\Http\Request $request - * - * @return \Symfony\Component\HttpFoundation\Response - */ - public function sendResetLinkEmail(Request $request) - { - $this->validate($request, ['email' => 'required|email']); - - $user = User::whereEmail($request->get('email'))->first(); - $response = 'passwords.blocked'; - - if (is_null($user)) { - $response = Password::INVALID_USER; - } - - if (!is_null($user) && intval($user->blocked) === 0) { - $response = Password::sendResetLink( - $request->only('email'), function (Message $message) { - $message->subject($this->getEmailSubject()); - } - ); - } - - switch ($response) { - case Password::RESET_LINK_SENT: - return $this->getSendResetLinkEmailSuccessResponse($response); - - case Password::INVALID_USER: - case 'passwords.blocked': - default: - return $this->getSendResetLinkEmailFailureResponse($response); - } - } - -} diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index b91b436c0c..e0430143b3 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -1,43 +1,29 @@ middleware('guest'); } - /** - * @param UserRegistrationRequest|Request $request - * - * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Illuminate\View\View - */ - public function register(UserRegistrationRequest $request) - { - // is allowed to? - $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; - $userCount = User::count(); - if ($singleUserMode === true && $userCount > 0) { - $message = 'Registration is currently not available.'; - - return view('error', compact('message')); - } - - - $validator = $this->validator($request->all()); - - if ($validator->fails()) { - $this->throwValidationException($request, $validator); - } - - $user = $this->create($request->all()); - - // trigger user registration event: - event(new RegisteredUser($user, $request->ip())); - - Auth::login($user); - - Session::flash('success', strval(trans('firefly.registered'))); - Session::flash('gaEventCategory', 'user'); - Session::flash('gaEventAction', 'new-registration'); - - return redirect($this->redirectPath()); - } - - /** - * OLD - * Show the application registration form. - * - * @param Request $request - * - * @return \Illuminate\Http\Response - */ - public function showRegistrationForm(Request $request) - { - // is demo site? - $isDemoSite = FireflyConfig::get('is_demo_site', Config::get('firefly.configuration.is_demo_site'))->data; - - // is allowed to? - $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; - $userCount = User::count(); - if ($singleUserMode === true && $userCount > 0) { - $message = 'Registration is currently not available.'; - - return view('error', compact('message')); - } - - $email = $request->old('email'); - - return view('auth.register', compact('isDemoSite', 'email')); - } - - /** - * Create a new user instance after a valid registration. - * - * @param array $data - * - * @return User - */ - protected function create(array $data) - { - /** @var User $user */ - $user = User::create( - [ - 'email' => $data['email'], - 'password' => bcrypt($data['password']), - ] - ); - - return $user; - } - /** * Get a validator for an incoming registration request. * - * @param array $data - * + * @param array $data * @return \Illuminate\Contracts\Validation\Validator */ protected function validator(array $data) { - return Validator::make( - $data, [ - 'email' => 'required|email|max:255|unique:users', - 'password' => 'required|min:6|confirmed', - ] - ); + return Validator::make($data, [ + 'name' => 'required|string|max:255', + 'email' => 'required|string|email|max:255|unique:users', + 'password' => 'required|string|min:6|confirmed', + ]); + } + + /** + * Create a new user instance after a valid registration. + * + * @param array $data + * @return \FireflyIII\User + */ + protected function create(array $data) + { + return User::create([ + 'name' => $data['name'], + 'email' => $data['email'], + 'password' => bcrypt($data['password']), + ]); } } diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php index 1cdb78b988..edf956e03f 100644 --- a/app/Http/Controllers/Auth/ResetPasswordController.php +++ b/app/Http/Controllers/Auth/ResetPasswordController.php @@ -1,40 +1,39 @@ middleware('guest'); } }