BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/UserInviteController.php

   1 <?php
   2
   3 namespace BookStack\Http\Controllers\Auth;
   4
   5 use BookStack\Actions\ActivityType;
   6 use BookStack\Auth\Access\LoginService;
   7 use BookStack\Auth\Access\UserInviteService;
   8 use BookStack\Auth\UserRepo;
   9 use BookStack\Exceptions\UserTokenExpiredException;
  10 use BookStack\Exceptions\UserTokenNotFoundException;
  11 use BookStack\Facades\Theme;
  12 use BookStack\Http\Controllers\Controller;
  13 use BookStack\Theming\ThemeEvents;
  14 use Exception;
  15 use Illuminate\Http\RedirectResponse;
  16 use Illuminate\Http\Request;
  17 use Illuminate\Routing\Redirector;
  18
  19 class UserInviteController extends Controller
  20 {
  21     protected $inviteService;
  22     protected $loginService;
  23     protected $userRepo;
  24
  25     /**
  26      * Create a new controller instance.
  27      */
  28     public function __construct(UserInviteService $inviteService, LoginService $loginService, UserRepo $userRepo)
  29     {
  30         $this->middleware('guest');
  31         $this->middleware('guard:standard');
  32
  33         $this->inviteService = $inviteService;
  34         $this->loginService = $loginService;
  35         $this->userRepo = $userRepo;
  36     }
  37
  38     /**
  39      * Show the page for the user to set the password for their account.
  40      *
  41      * @throws Exception
  42      */
  43     public function showSetPassword(string $token)
  44     {
  45         try {
  46             $this->inviteService->checkTokenAndGetUserId($token);
  47         } catch (Exception $exception) {
  48             return $this->handleTokenException($exception);
  49         }
  50
  51         return view('auth.invite-set-password', [
  52             'token' => $token,
  53         ]);
  54     }
  55
  56     /**
  57      * Sets the password for an invited user and then grants them access.
  58      *
  59      * @throws Exception
  60      */
  61     public function setPassword(Request $request, string $token)
  62     {
  63         $this->validate($request, [
  64             'password' => 'required|min:8',
  65         ]);
  66
  67         try {
  68             $userId = $this->inviteService->checkTokenAndGetUserId($token);
  69         } catch (Exception $exception) {
  70             return $this->handleTokenException($exception);
  71         }
  72
  73         $user = $this->userRepo->getById($userId);
  74         $user->password = bcrypt($request->get('password'));
  75         $user->email_confirmed = true;
  76         $user->save();
  77
  78         $this->loginService->login($user, auth()->getDefaultDriver());
  79         $this->showSuccessNotification(trans('auth.user_invite_success', ['appName' => setting('app-name')]));
  80         $this->inviteService->deleteByUser($user);
  81
  82         return redirect('/');
  83     }
  84
  85     /**
  86      * Check and validate the exception thrown when checking an invite token.
  87      *
  88      * @throws Exception
  89      *
  90      * @return RedirectResponse|Redirector
  91      */
  92     protected function handleTokenException(Exception $exception)
  93     {
  94         if ($exception instanceof UserTokenNotFoundException) {
  95             return redirect('/');
  96         }
  97
  98         if ($exception instanceof UserTokenExpiredException) {
  99             $this->showErrorNotification(trans('errors.invite_token_expired'));
 100
 101             return redirect('/password/email');
 102         }
 103
 104         throw $exception;
 105     }
 106 }