X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/be4f3d62cd37c7b83eb86bbf5fffa00d20acf2ec..refs/heads/captcha_example:/app/Http/Controllers/Auth/RegisterController.php diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 385994324..cbb014bc3 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -2,21 +2,25 @@ namespace BookStack\Http\Controllers\Auth; +use BookStack\Auth\Access\EmailConfirmationService; +use BookStack\Auth\Access\SocialAuthService; +use BookStack\Auth\SocialAccount; +use BookStack\Auth\User; +use BookStack\Auth\UserRepo; +use BookStack\Exceptions\SocialDriverNotConfigured; use BookStack\Exceptions\SocialSignInAccountNotUsed; use BookStack\Exceptions\SocialSignInException; use BookStack\Exceptions\UserRegistrationException; -use BookStack\Repos\UserRepo; -use BookStack\Services\EmailConfirmationService; -use BookStack\Services\SocialAuthService; -use BookStack\SocialAccount; -use BookStack\User; +use BookStack\Http\Controllers\Controller; use Exception; +use GuzzleHttp\Client; +use Illuminate\Foundation\Auth\RegistersUsers; +use Illuminate\Http\RedirectResponse; use Illuminate\Http\Request; use Illuminate\Http\Response; -use Validator; -use BookStack\Http\Controllers\Controller; -use Illuminate\Foundation\Auth\RegistersUsers; +use Illuminate\Routing\Redirector; use Laravel\Socialite\Contracts\User as SocialUser; +use Validator; class RegisterController extends Controller { @@ -58,8 +62,8 @@ class RegisterController extends Controller $this->socialAuthService = $socialAuthService; $this->emailConfirmationService = $emailConfirmationService; $this->userRepo = $userRepo; - $this->redirectTo = baseUrl('/'); - $this->redirectPath = baseUrl('/'); + $this->redirectTo = url('/'); + $this->redirectPath = url('/'); parent::__construct(); } @@ -72,7 +76,7 @@ class RegisterController extends Controller protected function validator(array $data) { return Validator::make($data, [ - 'name' => 'required|max:255', + 'name' => 'required|min:2|max:255', 'email' => 'required|email|max:255|unique:users', 'password' => 'required|min:6', ]); @@ -103,8 +107,8 @@ class RegisterController extends Controller /** * Handle a registration request for the application. - * @param Request|\Illuminate\Http\Request $request - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @param Request|Request $request + * @return RedirectResponse|Redirector * @throws UserRegistrationException */ public function postRegister(Request $request) @@ -112,6 +116,20 @@ class RegisterController extends Controller $this->checkRegistrationAllowed(); $this->validator($request->all())->validate(); + $captcha = $request->get('g-recaptcha-response'); + $resp = (new Client())->post('https://www.google.com/recaptcha/api/siteverify', [ + 'form_params' => [ + 'response' => $captcha, + 'secret' => '%%secret_key%%', + ] + ]); + $respBody = json_decode($resp->getBody()); + if (!$respBody->success) { + return redirect()->back()->withInput()->withErrors([ + 'g-recaptcha-response' => 'Did not pass captcha', + ]); + } + $userData = $request->all(); return $this->registerUser($userData); } @@ -135,7 +153,7 @@ class RegisterController extends Controller * @param array $userData * @param bool|false|SocialAccount $socialAccount * @param bool $emailVerified - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @return RedirectResponse|Redirector * @throws UserRegistrationException */ protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false) @@ -144,7 +162,7 @@ class RegisterController extends Controller if ($registrationRestrict) { $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict)); - $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1); + $userEmailDomain = $domain = mb_substr(mb_strrchr($userData['email'], "@"), 1); if (!in_array($userEmailDomain, $restrictedEmailDomains)) { throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register'); } @@ -155,7 +173,7 @@ class RegisterController extends Controller $newUser->socialAccounts()->save($socialAccount); } - if ((setting('registration-confirmation') || $registrationRestrict) && !$emailVerified) { + if ($this->emailConfirmationService->confirmationRequired() && !$emailVerified) { $newUser->save(); try { @@ -172,72 +190,12 @@ class RegisterController extends Controller return redirect($this->redirectPath()); } - /** - * Show the page to tell the user to check their email - * and confirm their address. - */ - public function getRegisterConfirmation() - { - return view('auth/register-confirm'); - } - - /** - * Confirms an email via a token and logs the user into the system. - * @param $token - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector - * @throws UserRegistrationException - */ - public function confirmEmail($token) - { - $confirmation = $this->emailConfirmationService->getEmailConfirmationFromToken($token); - $user = $confirmation->user; - $user->email_confirmed = true; - $user->save(); - auth()->login($user); - session()->flash('success', trans('auth.email_confirm_success')); - $this->emailConfirmationService->deleteConfirmationsByUser($user); - return redirect($this->redirectPath); - } - - /** - * Shows a notice that a user's email address has not been confirmed, - * Also has the option to re-send the confirmation email. - * @return \Illuminate\View\View - */ - public function showAwaitingConfirmation() - { - return view('auth/user-unconfirmed'); - } - - /** - * Resend the confirmation email - * @param Request $request - * @return \Illuminate\View\View - */ - public function resendConfirmation(Request $request) - { - $this->validate($request, [ - 'email' => 'required|email|exists:users,email' - ]); - $user = $this->userRepo->getByEmail($request->get('email')); - - try { - $this->emailConfirmationService->sendConfirmation($user); - } catch (Exception $e) { - session()->flash('error', trans('auth.email_confirm_send_error')); - return redirect('/register/confirm'); - } - - session()->flash('success', trans('auth.email_confirm_resent')); - return redirect('/register/confirm'); - } - /** * Redirect to the social site for authentication intended to register. * @param $socialDriver * @return mixed * @throws UserRegistrationException - * @throws \BookStack\Exceptions\SocialDriverNotConfigured + * @throws SocialDriverNotConfigured */ public function socialRegister($socialDriver) { @@ -250,10 +208,10 @@ class RegisterController extends Controller * The callback for social login services. * @param $socialDriver * @param Request $request - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @return RedirectResponse|Redirector * @throws SocialSignInException * @throws UserRegistrationException - * @throws \BookStack\Exceptions\SocialDriverNotConfigured + * @throws SocialDriverNotConfigured */ public function socialCallback($socialDriver, Request $request) { @@ -294,7 +252,7 @@ class RegisterController extends Controller /** * Detach a social account from a user. * @param $socialDriver - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @return RedirectResponse|Redirector */ public function detachSocialAccount($socialDriver) { @@ -305,7 +263,7 @@ class RegisterController extends Controller * Register a new user after a registration callback. * @param string $socialDriver * @param SocialUser $socialUser - * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @return RedirectResponse|Redirector * @throws UserRegistrationException */ protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser)