BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/LoginController.php

   1 <?php
   2
   3 namespace BookStack\Http\Controllers\Auth;
   4
   5 use BookStack\Auth\Access\LdapService;
   6 use BookStack\Auth\Access\SocialAuthService;
   7 use BookStack\Auth\UserRepo;
   8 use BookStack\Exceptions\AuthException;
   9 use BookStack\Http\Controllers\Controller;
  10 use Illuminate\Contracts\Auth\Authenticatable;
  11 use Illuminate\Foundation\Auth\AuthenticatesUsers;
  12 use Illuminate\Http\Request;
  13
  14 class LoginController extends Controller
  15 {
  16     /*
  17     |--------------------------------------------------------------------------
  18     | Login Controller
  19     |--------------------------------------------------------------------------
  20     |
  21     | This controller handles authenticating users for the application and
  22     | redirecting them to your home screen. The controller uses a trait
  23     | to conveniently provide its functionality to your applications.
  24     |
  25     */
  26
  27     use AuthenticatesUsers;
  28
  29     /**
  30      * Where to redirect users after login.
  31      *
  32      * @var string
  33      */
  34     protected $redirectTo = '/';
  35
  36     protected $redirectPath = '/';
  37     protected $redirectAfterLogout = '/login';
  38
  39     protected $socialAuthService;
  40     protected $ldapService;
  41     protected $userRepo;
  42
  43     /**
  44      * Create a new controller instance.
  45      *
  46      * @param \BookStack\Auth\\BookStack\Auth\Access\SocialAuthService $socialAuthService
  47      * @param LdapService $ldapService
  48      * @param \BookStack\Auth\UserRepo $userRepo
  49      */
  50     public function __construct(SocialAuthService $socialAuthService, LdapService $ldapService, UserRepo $userRepo)
  51     {
  52         $this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
  53         $this->socialAuthService = $socialAuthService;
  54         $this->ldapService = $ldapService;
  55         $this->userRepo = $userRepo;
  56         $this->redirectPath = url('/');
  57         $this->redirectAfterLogout = url('/login');
  58         parent::__construct();
  59     }
  60
  61     public function username()
  62     {
  63         return config('auth.method') === 'standard' ? 'email' : 'username';
  64     }
  65
  66     /**
  67      * Overrides the action when a user is authenticated.
  68      * If the user authenticated but does not exist in the user table we create them.
  69      * @param Request $request
  70      * @param Authenticatable $user
  71      * @return \Illuminate\Http\RedirectResponse
  72      * @throws AuthException
  73      * @throws \BookStack\Exceptions\LdapException
  74      */
  75     protected function authenticated(Request $request, Authenticatable $user)
  76     {
  77         // Explicitly log them out for now if they do no exist.
  78         if (!$user->exists) {
  79             auth()->logout($user);
  80         }
  81
  82         if (!$user->exists && $user->email === null && !$request->filled('email')) {
  83             $request->flash();
  84             session()->flash('request-email', true);
  85             return redirect('/login');
  86         }
  87
  88         if (!$user->exists && $user->email === null && $request->filled('email')) {
  89             $user->email = $request->get('email');
  90         }
  91
  92         if (!$user->exists) {
  93             // Check for users with same email already
  94             $alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0;
  95             if ($alreadyUser) {
  96                 throw new AuthException(trans('errors.error_user_exists_different_creds', ['email' => $user->email]));
  97             }
  98
  99             $user->save();
 100             $this->userRepo->attachDefaultRole($user);
 101             $this->userRepo->downloadAndAssignUserAvatar($user);
 102             auth()->login($user);
 103         }
 104
 105         // Sync LDAP groups if required
 106         if ($this->ldapService->shouldSyncGroups()) {
 107             $this->ldapService->syncGroups($user, $request->get($this->username()));
 108         }
 109
 110         return redirect()->intended('/');
 111     }
 112
 113     /**
 114      * Show the application login form.
 115      * @param Request $request
 116      * @return \Illuminate\Http\Response
 117      */
 118     public function getLogin(Request $request)
 119     {
 120         $socialDrivers = $this->socialAuthService->getActiveDrivers();
 121         $authMethod = config('auth.method');
 122         $samlEnabled = config('services.saml.enabled') == true;
 123
 124         if ($request->has('email')) {
 125             session()->flashInput([
 126                 'email' => $request->get('email'),
 127                 'password' => (config('app.env') === 'demo') ? $request->get('password', '') : ''
 128             ]);
 129         }
 130
 131         return view('auth.login', [
 132           'socialDrivers' => $socialDrivers,
 133           'authMethod' => $authMethod,
 134           'samlEnabled' => $samlEnabled,
 135         ]);
 136     }
 137
 138     /**
 139      * Redirect to the relevant social site.
 140      * @param $socialDriver
 141      * @return \Symfony\Component\HttpFoundation\RedirectResponse
 142      * @throws \BookStack\Exceptions\SocialDriverNotConfigured
 143      */
 144     public function getSocialLogin($socialDriver)
 145     {
 146         session()->put('social-callback', 'login');
 147         return $this->socialAuthService->startLogIn($socialDriver);
 148     }
 149 }