BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/LoginController.php

   1 <?php
   2
   3 namespace BookStack\Http\Controllers\Auth;
   4
   5 use BookStack\Auth\Access\LdapService;
   6 use BookStack\Auth\Access\SocialAuthService;
   7 use BookStack\Auth\UserRepo;
   8 use BookStack\Exceptions\AuthException;
   9 use BookStack\Http\Controllers\Controller;
  10 use Illuminate\Contracts\Auth\Authenticatable;
  11 use Illuminate\Foundation\Auth\AuthenticatesUsers;
  12 use Illuminate\Http\Request;
  13
  14 class LoginController extends Controller
  15 {
  16     /*
  17     |--------------------------------------------------------------------------
  18     | Login Controller
  19     |--------------------------------------------------------------------------
  20     |
  21     | This controller handles authenticating users for the application and
  22     | redirecting them to your home screen. The controller uses a trait
  23     | to conveniently provide its functionality to your applications.
  24     |
  25     */
  26
  27     use AuthenticatesUsers;
  28
  29     /**
  30      * Where to redirect users after login.
  31      *
  32      * @var string
  33      */
  34     protected $redirectTo = '/';
  35
  36     protected $redirectPath = '/';
  37     protected $redirectAfterLogout = '/login';
  38
  39     protected $socialAuthService;
  40     protected $ldapService;
  41     protected $userRepo;
  42
  43     /**
  44      * Create a new controller instance.
  45      *
  46      * @param \BookStack\Auth\\BookStack\Auth\Access\SocialAuthService $socialAuthService
  47      * @param LdapService $ldapService
  48      * @param \BookStack\Auth\UserRepo $userRepo
  49      */
  50     public function __construct(SocialAuthService $socialAuthService, LdapService $ldapService, UserRepo $userRepo)
  51     {
  52         $this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
  53         $this->socialAuthService = $socialAuthService;
  54         $this->ldapService = $ldapService;
  55         $this->userRepo = $userRepo;
  56         $this->redirectPath = baseUrl('/');
  57         $this->redirectAfterLogout = baseUrl('/login');
  58         parent::__construct();
  59     }
  60
  61     public function username()
  62     {
  63         return config('auth.method') === 'standard' ? 'email' : 'username';
  64     }
  65
  66     /**
  67      * Overrides the action when a user is authenticated.
  68      * If the user authenticated but does not exist in the user table we create them.
  69      * @param Request $request
  70      * @param Authenticatable $user
  71      * @return \Illuminate\Http\RedirectResponse
  72      * @throws AuthException
  73      * @throws \BookStack\Exceptions\LdapException
  74      */
  75     protected function authenticated(Request $request, Authenticatable $user)
  76     {
  77         // Explicitly log them out for now if they do no exist.
  78         if (!$user->exists) {
  79             auth()->logout($user);
  80         }
  81
  82         if (!$user->exists && $user->email === null && !$request->filled('email')) {
  83             $request->flash();
  84             session()->flash('request-email', true);
  85             return redirect('/login');
  86         }
  87
  88         if (!$user->exists && $user->email === null && $request->filled('email')) {
  89             $user->email = $request->get('email');
  90         }
  91
  92         if (!$user->exists) {
  93             // Check for users with same email already
  94             $alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0;
  95             if ($alreadyUser) {
  96                 throw new AuthException(trans('errors.error_user_exists_different_creds', ['email' => $user->email]));
  97             }
  98
  99             $user->save();
 100             $this->userRepo->attachDefaultRole($user);
 101             auth()->login($user);
 102         }
 103
 104         // Sync LDAP groups if required
 105         if ($this->ldapService->shouldSyncGroups()) {
 106             $this->ldapService->syncGroups($user, $request->get($this->username()));
 107         }
 108
 109         return redirect()->intended('/');
 110     }
 111
 112     /**
 113      * Show the application login form.
 114      * @param Request $request
 115      * @return \Illuminate\Http\Response
 116      */
 117     public function getLogin(Request $request)
 118     {
 119         $socialDrivers = $this->socialAuthService->getActiveDrivers();
 120         $authMethod = config('auth.method');
 121
 122         if ($request->has('email')) {
 123             session()->flashInput([
 124                 'email' => $request->get('email'),
 125                 'password' => (config('app.env') === 'demo') ? $request->get('password', '') : ''
 126             ]);
 127         }
 128
 129         return view('auth.login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]);
 130     }
 131
 132     /**
 133      * Redirect to the relevant social site.
 134      * @param $socialDriver
 135      * @return \Symfony\Component\HttpFoundation\RedirectResponse
 136      * @throws \BookStack\Exceptions\SocialDriverNotConfigured
 137      */
 138     public function getSocialLogin($socialDriver)
 139     {
 140         session()->put('social-callback', 'login');
 141         return $this->socialAuthService->startLogIn($socialDriver);
 142     }
 143 }