]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/UserInviteController.php
Added test for logical-theme-system command registration
[bookstack] / app / Http / Controllers / Auth / UserInviteController.php
1 <?php
2
3 namespace BookStack\Http\Controllers\Auth;
4
5 use BookStack\Auth\Access\UserInviteService;
6 use BookStack\Auth\UserRepo;
7 use BookStack\Exceptions\UserTokenExpiredException;
8 use BookStack\Exceptions\UserTokenNotFoundException;
9 use BookStack\Http\Controllers\Controller;
10 use Exception;
11 use Illuminate\Http\RedirectResponse;
12 use Illuminate\Http\Request;
13 use Illuminate\Routing\Redirector;
14
15 class UserInviteController extends Controller
16 {
17     protected $inviteService;
18     protected $userRepo;
19
20     /**
21      * Create a new controller instance.
22      */
23     public function __construct(UserInviteService $inviteService, UserRepo $userRepo)
24     {
25         $this->middleware('guest');
26         $this->middleware('guard:standard');
27
28         $this->inviteService = $inviteService;
29         $this->userRepo = $userRepo;
30     }
31
32     /**
33      * Show the page for the user to set the password for their account.
34      *
35      * @throws Exception
36      */
37     public function showSetPassword(string $token)
38     {
39         try {
40             $this->inviteService->checkTokenAndGetUserId($token);
41         } catch (Exception $exception) {
42             return $this->handleTokenException($exception);
43         }
44
45         return view('auth.invite-set-password', [
46             'token' => $token,
47         ]);
48     }
49
50     /**
51      * Sets the password for an invited user and then grants them access.
52      *
53      * @throws Exception
54      */
55     public function setPassword(Request $request, string $token)
56     {
57         $this->validate($request, [
58             'password' => ['required', 'min:8'],
59         ]);
60
61         try {
62             $userId = $this->inviteService->checkTokenAndGetUserId($token);
63         } catch (Exception $exception) {
64             return $this->handleTokenException($exception);
65         }
66
67         $user = $this->userRepo->getById($userId);
68         $user->password = bcrypt($request->get('password'));
69         $user->email_confirmed = true;
70         $user->save();
71
72         $this->inviteService->deleteByUser($user);
73         $this->showSuccessNotification(trans('auth.user_invite_success_login', ['appName' => setting('app-name')]));
74
75         return redirect('/login');
76     }
77
78     /**
79      * Check and validate the exception thrown when checking an invite token.
80      *
81      * @throws Exception
82      *
83      * @return RedirectResponse|Redirector
84      */
85     protected function handleTokenException(Exception $exception)
86     {
87         if ($exception instanceof UserTokenNotFoundException) {
88             return redirect('/');
89         }
90
91         if ($exception instanceof UserTokenExpiredException) {
92             $this->showErrorNotification(trans('errors.invite_token_expired'));
93
94             return redirect('/password/email');
95         }
96
97         throw $exception;
98     }
99 }