Added ability to escape role "External Auth ID" commas

[bookstack] / app / Http / Controllers / Auth / RegisterController.php

diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index 5b3719bc08ae50f6352959efbd22f0e936fcf691..9399e8b7f53339c373278742800604a3247b5a48 100644 (file)
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -2,17 +2,18 @@
 
 namespace BookStack\Http\Controllers\Auth;
 
 
 namespace BookStack\Http\Controllers\Auth;
 

-use BookStack\Exceptions\ConfirmationEmailException;
+use BookStack\Auth\Access\LoginService;
+use BookStack\Auth\Access\RegistrationService;
+use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Auth\User;
+use BookStack\Exceptions\StoppedAuthenticationException;

 use BookStack\Exceptions\UserRegistrationException;
 use BookStack\Exceptions\UserRegistrationException;

-use BookStack\Repos\UserRepo;
-use BookStack\Services\EmailConfirmationService;
-use BookStack\Services\SocialAuthService;
-use BookStack\User;
-use Illuminate\Http\Request;
-use Illuminate\Http\Response;
-use Validator;

 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\RegistersUsers;
 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\RegistersUsers;

+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rules\Password;

 
 class RegisterController extends Controller
 {
 
 class RegisterController extends Controller
 {


@@ -30,8 +31,8 @@ class RegisterController extends Controller
     use RegistersUsers;
 
     protected $socialAuthService;
     use RegistersUsers;
 
     protected $socialAuthService;

-    protected $emailConfirmationService;
-    protected $userRepo;
+    protected $registrationService;
+    protected $loginService;

 
     /**
      * Where to redirect users after login / registration.
 
     /**
      * Where to redirect users after login / registration.


@@ -43,245 +44,93 @@ class RegisterController extends Controller
 
     /**
      * Create a new controller instance.
 
     /**
      * Create a new controller instance.

-     *
-     * @param SocialAuthService $socialAuthService
-     * @param EmailConfirmationService $emailConfirmationService
-     * @param UserRepo $userRepo

      */
      */

-    public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
-    {
+    public function __construct(
+        SocialAuthService $socialAuthService,
+        RegistrationService $registrationService,
+        LoginService $loginService
+    ) {

         $this->middleware('guest');
         $this->middleware('guest');

+        $this->middleware('guard:standard');
+

         $this->socialAuthService = $socialAuthService;
         $this->socialAuthService = $socialAuthService;

-        $this->emailConfirmationService = $emailConfirmationService;
-        $this->userRepo = $userRepo;
-        $this->redirectTo = baseUrl('/');
-        $this->redirectPath = baseUrl('/');
-        $this->username = config('auth.method') === 'standard' ? 'email' : 'username';
-        parent::__construct();
+        $this->registrationService = $registrationService;
+        $this->loginService = $loginService;
+
+        $this->redirectTo = url('/');
+        $this->redirectPath = url('/');

     }
 
     /**
      * Get a validator for an incoming registration request.
      *
     }
 
     /**
      * Get a validator for an incoming registration request.
      *

-     * @param  array $data

      * @return \Illuminate\Contracts\Validation\Validator
      */
     protected function validator(array $data)
     {
         return Validator::make($data, [
      * @return \Illuminate\Contracts\Validation\Validator
      */
     protected function validator(array $data)
     {
         return Validator::make($data, [

-            'name' => 'required|max:255',
-            'email' => 'required|email|max:255|unique:users',
-            'password' => 'required|min:6',
+            'name'     => ['required', 'min:2', 'max:255'],
+            'email'    => ['required', 'email', 'max:255', 'unique:users'],
+            'password' => ['required', Password::default()],

         ]);
     }
 
         ]);
     }
 

-    /**
-     * Check whether or not registrations are allowed in the app settings.
-     * @throws UserRegistrationException
-     */
-    protected function checkRegistrationAllowed()
-    {
-        if (!setting('registration-enabled')) {
-            throw new UserRegistrationException('Registrations are currently disabled.', '/login');
-        }
-    }
-

     /**
      * Show the application registration form.
     /**
      * Show the application registration form.

-     * @return Response
+     *
+     * @throws UserRegistrationException

      */
     public function getRegister()
     {
      */
     public function getRegister()
     {

-        $this->checkRegistrationAllowed();
+        $this->registrationService->ensureRegistrationAllowed();

         $socialDrivers = $this->socialAuthService->getActiveDrivers();
         $socialDrivers = $this->socialAuthService->getActiveDrivers();

-        return view('auth.register', ['socialDrivers' => $socialDrivers]);
+
+        return view('auth.register', [
+            'socialDrivers' => $socialDrivers,
+        ]);

     }
 
     /**
      * Handle a registration request for the application.
     }
 
     /**
      * Handle a registration request for the application.

-     * @param Request|\Illuminate\Http\Request $request
-     * @return Response
+     *

      * @throws UserRegistrationException
      * @throws UserRegistrationException

-     * @throws \Illuminate\Foundation\Validation\ValidationException
+     * @throws StoppedAuthenticationException

      */
     public function postRegister(Request $request)
     {
      */
     public function postRegister(Request $request)
     {

-        $this->checkRegistrationAllowed();
-        $validator = $this->validator($request->all());
-
-        if ($validator->fails()) {
-            $this->throwValidationException(
-                $request, $validator
-            );
-        }
-
+        $this->registrationService->ensureRegistrationAllowed();
+        $this->validator($request->all())->validate();

         $userData = $request->all();
         $userData = $request->all();

-        return $this->registerUser($userData);
-    }

 
 

-    /**
-     * Create a new user instance after a valid registration.
-     * @param  array  $data
-     * @return User
-     */
-    protected function create(array $data)
-    {
-        return User::create([
-            'name' => $data['name'],
-            'email' => $data['email'],
-            'password' => bcrypt($data['password']),
-        ]);
-    }
-
-    /**
-     * The registrations flow for all users.
-     * @param array $userData
-     * @param bool|false|SocialAccount $socialAccount
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     * @throws UserRegistrationException
-     * @throws ConfirmationEmailException
-     */
-    protected function registerUser(array $userData, $socialAccount = false)
-    {
-        if (setting('registration-restrict')) {
-            $restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict')));
-            $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1);
-            if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
-                throw new UserRegistrationException('That email domain does not have access to this application', '/register');
+        try {
+            $user = $this->registrationService->registerUser($userData);
+            $this->loginService->login($user, auth()->getDefaultDriver());
+        } catch (UserRegistrationException $exception) {
+            if ($exception->getMessage()) {
+                $this->showErrorNotification($exception->getMessage());

             }
             }

-        }

 
 

-        $newUser = $this->userRepo->registerNew($userData);
-        if ($socialAccount) {
-            $newUser->socialAccounts()->save($socialAccount);
+            return redirect($exception->redirectLocation);

         }
 
         }
 

-        if (setting('registration-confirmation') || setting('registration-restrict')) {
-            $newUser->save();
-            $this->emailConfirmationService->sendConfirmation($newUser);
-            return redirect('/register/confirm');
-        }
+        $this->showSuccessNotification(trans('auth.register_success'));

 
 

-        auth()->login($newUser);
-        session()->flash('success', 'Thanks for signing up! You are now registered and signed in.');

         return redirect($this->redirectPath());
     }
 
     /**
         return redirect($this->redirectPath());
     }
 
     /**

-     * Show the page to tell the user to check their email
-     * and confirm their address.
-     */
-    public function getRegisterConfirmation()
-    {
-        return view('auth/register-confirm');
-    }
-
-    /**
-     * Confirms an email via a token and logs the user into the system.
-     * @param $token
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     * @throws UserRegistrationException
-     */
-    public function confirmEmail($token)
-    {
-        $confirmation = $this->emailConfirmationService->getEmailConfirmationFromToken($token);
-        $user = $confirmation->user;
-        $user->email_confirmed = true;
-        $user->save();
-        auth()->login($user);
-        session()->flash('success', 'Your email has been confirmed!');
-        $this->emailConfirmationService->deleteConfirmationsByUser($user);
-        return redirect($this->redirectPath);
-    }
-
-    /**
-     * Shows a notice that a user's email address has not been confirmed,
-     * Also has the option to re-send the confirmation email.
-     * @return \Illuminate\View\View
-     */
-    public function showAwaitingConfirmation()
-    {
-        return view('auth/user-unconfirmed');
-    }
-
-    /**
-     * Resend the confirmation email
-     * @param Request $request
-     * @return \Illuminate\View\View
+     * Create a new user instance after a valid registration.
+     *
+     * @param array $data
+     *
+     * @return User

      */
      */

-    public function resendConfirmation(Request $request)
+    protected function create(array $data)

     {
     {

-        $this->validate($request, [
-            'email' => 'required|email|exists:users,email'
+        return User::create([
+            'name'     => $data['name'],
+            'email'    => $data['email'],
+            'password' => Hash::make($data['password']),

         ]);
         ]);

-        $user = $this->userRepo->getByEmail($request->get('email'));
-        $this->emailConfirmationService->sendConfirmation($user);
-        session()->flash('success', 'Confirmation email resent, Please check your inbox.');
-        return redirect('/register/confirm');
-    }
-
-    /**
-     * Redirect to the social site for authentication intended to register.
-     * @param $socialDriver
-     * @return mixed
-     */
-    public function socialRegister($socialDriver)
-    {
-        $this->checkRegistrationAllowed();
-        session()->put('social-callback', 'register');
-        return $this->socialAuthService->startRegister($socialDriver);

     }
     }

-
-    /**
-     * The callback for social login services.
-     * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     * @throws SocialSignInException
-     */
-    public function socialCallback($socialDriver)
-    {
-        if (session()->has('social-callback')) {
-            $action = session()->pull('social-callback');
-            if ($action == 'login') {
-                return $this->socialAuthService->handleLoginCallback($socialDriver);
-            } elseif ($action == 'register') {
-                return $this->socialRegisterCallback($socialDriver);
-            }
-        } else {
-            throw new SocialSignInException('No action defined', '/login');
-        }
-        return redirect()->back();
-    }
-
-    /**
-     * Detach a social account from a user.
-     * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     */
-    public function detachSocialAccount($socialDriver)
-    {
-        return $this->socialAuthService->detachSocialAccount($socialDriver);
-    }
-
-    /**
-     * Register a new user after a registration callback.
-     * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     * @throws UserRegistrationException
-     */
-    protected function socialRegisterCallback($socialDriver)
-    {
-        $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver);
-        $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
-
-        // Create an array of the user data to create a new user instance
-        $userData = [
-            'name' => $socialUser->getName(),
-            'email' => $socialUser->getEmail(),
-            'password' => str_random(30)
-        ];
-        return $this->registerUser($userData, $socialAccount);
-    }
-
-
-}
\ No newline at end of file
+}