3 namespace BookStack\Http\Controllers\Auth;
5 use BookStack\Auth\Access\EmailConfirmationService;
6 use BookStack\Auth\Access\SocialAuthService;
7 use BookStack\Auth\SocialAccount;
8 use BookStack\Auth\User;
9 use BookStack\Auth\UserRepo;
10 use BookStack\Exceptions\SocialDriverNotConfigured;
11 use BookStack\Exceptions\SocialSignInAccountNotUsed;
12 use BookStack\Exceptions\SocialSignInException;
13 use BookStack\Exceptions\UserRegistrationException;
14 use BookStack\Http\Controllers\Controller;
16 use Illuminate\Foundation\Auth\RegistersUsers;
17 use Illuminate\Http\RedirectResponse;
18 use Illuminate\Http\Request;
19 use Illuminate\Http\Response;
20 use Illuminate\Routing\Redirector;
21 use Laravel\Socialite\Contracts\User as SocialUser;
24 class RegisterController extends Controller
27 |--------------------------------------------------------------------------
29 |--------------------------------------------------------------------------
31 | This controller handles the registration of new users as well as their
32 | validation and creation. By default this controller uses a trait to
33 | provide this functionality without requiring any additional code.
39 protected $socialAuthService;
40 protected $emailConfirmationService;
44 * Where to redirect users after login / registration.
48 protected $redirectTo = '/';
49 protected $redirectPath = '/';
52 * Create a new controller instance.
54 * @param SocialAuthService $socialAuthService
55 * @param EmailConfirmationService $emailConfirmationService
56 * @param UserRepo $userRepo
58 public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
60 $this->middleware('guest')->only(['getRegister', 'postRegister', 'socialRegister']);
61 $this->socialAuthService = $socialAuthService;
62 $this->emailConfirmationService = $emailConfirmationService;
63 $this->userRepo = $userRepo;
64 $this->redirectTo = url('/');
65 $this->redirectPath = url('/');
66 parent::__construct();
70 * Get a validator for an incoming registration request.
73 * @return \Illuminate\Contracts\Validation\Validator
75 protected function validator(array $data)
77 return Validator::make($data, [
78 'name' => 'required|min:2|max:255',
79 'email' => 'required|email|max:255|unique:users',
80 'password' => 'required|min:6',
85 * Check whether or not registrations are allowed in the app settings.
86 * @throws UserRegistrationException
88 protected function checkRegistrationAllowed()
90 if (!setting('registration-enabled')) {
91 throw new UserRegistrationException(trans('auth.registrations_disabled'), '/login');
96 * Show the application registration form.
98 * @throws UserRegistrationException
100 public function getRegister()
102 $this->checkRegistrationAllowed();
103 $socialDrivers = $this->socialAuthService->getActiveDrivers();
104 return view('auth.register', ['socialDrivers' => $socialDrivers]);
108 * Handle a registration request for the application.
109 * @param Request|Request $request
110 * @return RedirectResponse|Redirector
111 * @throws UserRegistrationException
113 public function postRegister(Request $request)
115 $this->checkRegistrationAllowed();
116 $this->validator($request->all())->validate();
118 $userData = $request->all();
119 return $this->registerUser($userData);
123 * Create a new user instance after a valid registration.
127 protected function create(array $data)
129 return User::create([
130 'name' => $data['name'],
131 'email' => $data['email'],
132 'password' => bcrypt($data['password']),
137 * The registrations flow for all users.
138 * @param array $userData
139 * @param bool|false|SocialAccount $socialAccount
140 * @param bool $emailVerified
141 * @return RedirectResponse|Redirector
142 * @throws UserRegistrationException
144 protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false)
146 $registrationRestrict = setting('registration-restrict');
148 if ($registrationRestrict) {
149 $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict));
150 $userEmailDomain = $domain = mb_substr(mb_strrchr($userData['email'], "@"), 1);
151 if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
152 throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register');
156 $newUser = $this->userRepo->registerNew($userData, $emailVerified);
157 if ($socialAccount) {
158 $newUser->socialAccounts()->save($socialAccount);
161 if ($this->emailConfirmationService->confirmationRequired() && !$emailVerified) {
165 $this->emailConfirmationService->sendConfirmation($newUser);
166 } catch (Exception $e) {
167 session()->flash('error', trans('auth.email_confirm_send_error'));
170 return redirect('/register/confirm');
173 auth()->login($newUser);
174 session()->flash('success', trans('auth.register_success'));
175 return redirect($this->redirectPath());
179 * Redirect to the social site for authentication intended to register.
180 * @param $socialDriver
182 * @throws UserRegistrationException
183 * @throws SocialDriverNotConfigured
185 public function socialRegister($socialDriver)
187 $this->checkRegistrationAllowed();
188 session()->put('social-callback', 'register');
189 return $this->socialAuthService->startRegister($socialDriver);
193 * The callback for social login services.
194 * @param $socialDriver
195 * @param Request $request
196 * @return RedirectResponse|Redirector
197 * @throws SocialSignInException
198 * @throws UserRegistrationException
199 * @throws SocialDriverNotConfigured
201 public function socialCallback($socialDriver, Request $request)
203 if (!session()->has('social-callback')) {
204 throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login');
207 // Check request for error information
208 if ($request->has('error') && $request->has('error_description')) {
209 throw new SocialSignInException(trans('errors.social_login_bad_response', [
210 'socialAccount' => $socialDriver,
211 'error' => $request->get('error_description'),
215 $action = session()->pull('social-callback');
217 // Attempt login or fall-back to register if allowed.
218 $socialUser = $this->socialAuthService->getSocialUser($socialDriver);
219 if ($action == 'login') {
221 return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser);
222 } catch (SocialSignInAccountNotUsed $exception) {
223 if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) {
224 return $this->socialRegisterCallback($socialDriver, $socialUser);
230 if ($action == 'register') {
231 return $this->socialRegisterCallback($socialDriver, $socialUser);
234 return redirect()->back();
238 * Detach a social account from a user.
239 * @param $socialDriver
240 * @return RedirectResponse|Redirector
242 public function detachSocialAccount($socialDriver)
244 return $this->socialAuthService->detachSocialAccount($socialDriver);
248 * Register a new user after a registration callback.
249 * @param string $socialDriver
250 * @param SocialUser $socialUser
251 * @return RedirectResponse|Redirector
252 * @throws UserRegistrationException
254 protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser)
256 $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser);
257 $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
258 $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver);
260 // Create an array of the user data to create a new user instance
262 'name' => $socialUser->getName(),
263 'email' => $socialUser->getEmail(),
264 'password' => str_random(30)
266 return $this->registerUser($userData, $socialAccount, $emailVerified);