]> BookStack Code Mirror - bookstack/blob - app/Providers/LdapUserProvider.php
Added crude example of captcha usage
[bookstack] / app / Providers / LdapUserProvider.php
1 <?php
2
3 namespace BookStack\Providers;
4
5 use BookStack\Auth\Access\LdapService;
6 use Illuminate\Contracts\Auth\Authenticatable;
7 use Illuminate\Contracts\Auth\UserProvider;
8
9 class LdapUserProvider implements UserProvider
10 {
11
12     /**
13      * The user model.
14      *
15      * @var string
16      */
17     protected $model;
18
19     /**
20      * @var \BookStack\Auth\LdapService
21      */
22     protected $ldapService;
23
24
25     /**
26      * LdapUserProvider constructor.
27      * @param             $model
28      * @param \BookStack\Auth\LdapService $ldapService
29      */
30     public function __construct($model, LdapService $ldapService)
31     {
32         $this->model = $model;
33         $this->ldapService = $ldapService;
34     }
35
36     /**
37      * Create a new instance of the model.
38      *
39      * @return \Illuminate\Database\Eloquent\Model
40      */
41     public function createModel()
42     {
43         $class = '\\' . ltrim($this->model, '\\');
44         return new $class;
45     }
46
47
48     /**
49      * Retrieve a user by their unique identifier.
50      *
51      * @param  mixed $identifier
52      * @return \Illuminate\Contracts\Auth\Authenticatable|null
53      */
54     public function retrieveById($identifier)
55     {
56         return $this->createModel()->newQuery()->find($identifier);
57     }
58
59     /**
60      * Retrieve a user by their unique identifier and "remember me" token.
61      *
62      * @param  mixed  $identifier
63      * @param  string $token
64      * @return \Illuminate\Contracts\Auth\Authenticatable|null
65      */
66     public function retrieveByToken($identifier, $token)
67     {
68         $model = $this->createModel();
69
70         return $model->newQuery()
71             ->where($model->getAuthIdentifierName(), $identifier)
72             ->where($model->getRememberTokenName(), $token)
73             ->first();
74     }
75
76
77     /**
78      * Update the "remember me" token for the given user in storage.
79      *
80      * @param  \Illuminate\Contracts\Auth\Authenticatable $user
81      * @param  string                                     $token
82      * @return void
83      */
84     public function updateRememberToken(Authenticatable $user, $token)
85     {
86         if ($user->exists) {
87             $user->setRememberToken($token);
88             $user->save();
89         }
90     }
91
92     /**
93      * Retrieve a user by the given credentials.
94      *
95      * @param  array $credentials
96      * @return \Illuminate\Contracts\Auth\Authenticatable|null
97      */
98     public function retrieveByCredentials(array $credentials)
99     {
100         // Get user via LDAP
101         $userDetails = $this->ldapService->getUserDetails($credentials['username']);
102         if ($userDetails === null) {
103             return null;
104         }
105
106         // Search current user base by looking up a uid
107         $model = $this->createModel();
108         $currentUser = $model->newQuery()
109             ->where('external_auth_id', $userDetails['uid'])
110             ->first();
111
112         if ($currentUser !== null) {
113             return $currentUser;
114         }
115
116         $model->name = $userDetails['name'];
117         $model->external_auth_id = $userDetails['uid'];
118         $model->email = $userDetails['email'];
119         $model->email_confirmed = false;
120         return $model;
121     }
122
123     /**
124      * Validate a user against the given credentials.
125      *
126      * @param  \Illuminate\Contracts\Auth\Authenticatable $user
127      * @param  array                                      $credentials
128      * @return bool
129      */
130     public function validateCredentials(Authenticatable $user, array $credentials)
131     {
132         return $this->ldapService->validateUserCredentials($user, $credentials['username'], $credentials['password']);
133     }
134 }