X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/3d18a04c3932f1724a67152e89619dda42a5e7cf..refs/pull/446/head:/app/Services/SocialAuthService.php diff --git a/app/Services/SocialAuthService.php b/app/Services/SocialAuthService.php index c8f3278c5..2c15e73ce 100644 --- a/app/Services/SocialAuthService.php +++ b/app/Services/SocialAuthService.php @@ -1,56 +1,147 @@ -userRepo = $userRepo; $this->socialite = $socialite; + $this->socialAccount = $socialAccount; } - public function logIn($socialDriver) + + /** + * Start the social login path. + * @param string $socialDriver + * @return \Symfony\Component\HttpFoundation\RedirectResponse + * @throws SocialDriverNotConfigured + */ + public function startLogIn($socialDriver) { $driver = $this->validateDriver($socialDriver); return $this->socialite->driver($driver)->redirect(); } /** - * Get a user from socialite after a oAuth callback. - * + * Start the social registration process + * @param string $socialDriver + * @return \Symfony\Component\HttpFoundation\RedirectResponse + * @throws SocialDriverNotConfigured + */ + public function startRegister($socialDriver) + { + $driver = $this->validateDriver($socialDriver); + return $this->socialite->driver($driver)->redirect(); + } + + /** + * Handle the social registration process on callback. * @param $socialDriver - * @return mixed + * @return \Laravel\Socialite\Contracts\User + * @throws SocialDriverNotConfigured + * @throws UserRegistrationException + */ + public function handleRegistrationCallback($socialDriver) + { + $driver = $this->validateDriver($socialDriver); + + // Get user details from social driver + $socialUser = $this->socialite->driver($driver)->user(); + + // Check social account has not already been used + if ($this->socialAccount->where('driver_id', '=', $socialUser->getId())->exists()) { + throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver]), '/login'); + } + + if ($this->userRepo->getByEmail($socialUser->getEmail())) { + $email = $socialUser->getEmail(); + throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver, 'email' => $email]), '/login'); + } + + return $socialUser; + } + + /** + * Handle the login process on a oAuth callback. + * @param $socialDriver + * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws SocialDriverNotConfigured - * @throws UserNotFound + * @throws SocialSignInException */ - public function getUserFromCallback($socialDriver) + public function handleLoginCallback($socialDriver) { $driver = $this->validateDriver($socialDriver); + // Get user details from social driver $socialUser = $this->socialite->driver($driver)->user(); - $user = $this->userRepo->getByEmail($socialUser->getEmail()); + $socialId = $socialUser->getId(); + + // Get any attached social accounts or users + $socialAccount = $this->socialAccount->where('driver_id', '=', $socialId)->first(); + $isLoggedIn = auth()->check(); + $currentUser = user(); + + // When a user is not logged in and a matching SocialAccount exists, + // Simply log the user into the application. + if (!$isLoggedIn && $socialAccount !== null) { + return $this->logUserIn($socialAccount->user); + } + + // When a user is logged in but the social account does not exist, + // Create the social account and attach it to the user & redirect to the profile page. + if ($isLoggedIn && $socialAccount === null) { + $this->fillSocialAccount($socialDriver, $socialUser); + $currentUser->socialAccounts()->save($this->socialAccount); + session()->flash('success', trans('settings.users_social_connected', ['socialAccount' => title_case($socialDriver)])); + return redirect($currentUser->getEditUrl()); + } + + // When a user is logged in and the social account exists and is already linked to the current user. + if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) { + session()->flash('error', trans('errors.social_account_existing', ['socialAccount' => title_case($socialDriver)])); + return redirect($currentUser->getEditUrl()); + } - // Redirect if the email is not a current user. - if ($user === null) { - throw new UserNotFound('A user with the email ' . $socialUser->getEmail() . ' was not found.', '/login'); + // When a user is logged in, A social account exists but the users do not match. + if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) { + session()->flash('error', trans('errors.social_account_already_used_existing', ['socialAccount' => title_case($socialDriver)])); + return redirect($currentUser->getEditUrl()); } - return $user; + // Otherwise let the user know this social account is not used by anyone. + $message = trans('errors.social_account_not_used', ['socialAccount' => title_case($socialDriver)]); + if (setting('registration-enabled')) { + $message .= trans('errors.social_account_register_instructions', ['socialAccount' => title_case($socialDriver)]); + } + + throw new SocialSignInException($message . '.', '/login'); + } + + + private function logUserIn($user) + { + auth()->login($user); + return redirect('/'); } /** @@ -64,8 +155,8 @@ class SocialAuthService { $driver = trim(strtolower($socialDriver)); - if (!in_array($driver, $this->validSocialDrivers)) abort(404, 'Social Driver Not Found'); - if (!$this->checklDriverConfigured($driver)) throw new SocialDriverNotConfigured; + if (!in_array($driver, $this->validSocialDrivers)) abort(404, trans('errors.social_driver_not_found')); + if (!$this->checkDriverConfigured($driver)) throw new SocialDriverNotConfigured(trans('errors.social_driver_not_configured', ['socialAccount' => title_case($socialDriver)])); return $driver; } @@ -75,11 +166,12 @@ class SocialAuthService * @param $driver * @return bool */ - private function checklDriverConfigured($driver) + private function checkDriverConfigured($driver) { - $upperName = strtoupper($driver); - $config = [env($upperName . '_APP_ID', false), env($upperName . '_APP_SECRET', false), env('APP_URL', false)]; - return (!in_array(false, $config) && !in_array(null, $config)); + $lowerName = strtolower($driver); + $configPrefix = 'services.' . $lowerName . '.'; + $config = [config($configPrefix . 'client_id'), config($configPrefix . 'client_secret'), config('services.callback_url')]; + return !in_array(false, $config) && !in_array(null, $config); } /** @@ -89,13 +181,49 @@ class SocialAuthService public function getActiveDrivers() { $activeDrivers = []; - foreach ($this->validSocialDrivers as $driverName) { - if ($this->checklDriverConfigured($driverName)) { - $activeDrivers[$driverName] = true; + foreach ($this->validSocialDrivers as $driverKey) { + if ($this->checkDriverConfigured($driverKey)) { + $activeDrivers[$driverKey] = $this->getDriverName($driverKey); } } return $activeDrivers; } + /** + * Get the presentational name for a driver. + * @param $driver + * @return mixed + */ + public function getDriverName($driver) + { + return config('services.' . strtolower($driver) . '.name'); + } + + /** + * @param string $socialDriver + * @param \Laravel\Socialite\Contracts\User $socialUser + * @return SocialAccount + */ + public function fillSocialAccount($socialDriver, $socialUser) + { + $this->socialAccount->fill([ + 'driver' => $socialDriver, + 'driver_id' => $socialUser->getId(), + 'avatar' => $socialUser->getAvatar() + ]); + return $this->socialAccount; + } + + /** + * Detach a social account from a user. + * @param $socialDriver + * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + */ + public function detachSocialAccount($socialDriver) + { + user()->socialAccounts()->where('driver', '=', $socialDriver)->delete(); + session()->flash('success', trans('settings.users_social_disconnected', ['socialAccount' => title_case($socialDriver)])); + return redirect(user()->getEditUrl()); + } } \ No newline at end of file