X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/1b736ac0457eb5865bfc9ca33ce0681a0e8ab7de..refs/pull/166/head:/app/Http/Controllers/Auth/AuthController.php diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php index d533c8aeb..2cbc047ce 100644 --- a/app/Http/Controllers/Auth/AuthController.php +++ b/app/Http/Controllers/Auth/AuthController.php @@ -1,7 +1,7 @@ -socialAuthService = $socialAuthService; $this->emailConfirmationService = $emailConfirmationService; $this->userRepo = $userRepo; + $this->redirectPath = baseUrl('/'); + $this->redirectAfterLogout = baseUrl('/login'); + $this->username = config('auth.method') === 'standard' ? 'email' : 'username'; parent::__construct(); } @@ -60,15 +63,15 @@ class AuthController extends Controller protected function validator(array $data) { return Validator::make($data, [ - 'name' => 'required|max:255', - 'email' => 'required|email|max:255|unique:users', + 'name' => 'required|max:255', + 'email' => 'required|email|max:255|unique:users', 'password' => 'required|min:6', ]); } protected function checkRegistrationAllowed() { - if (!\Setting::get('registration-enabled')) { + if (!setting('registration-enabled')) { throw new UserRegistrationException('Registrations are currently disabled.', '/login'); } } @@ -105,6 +108,46 @@ class AuthController extends Controller return $this->registerUser($userData); } + + /** + * Overrides the action when a user is authenticated. + * If the user authenticated but does not exist in the user table we create them. + * @param Request $request + * @param Authenticatable $user + * @return \Illuminate\Http\RedirectResponse + * @throws AuthException + */ + protected function authenticated(Request $request, Authenticatable $user) + { + // Explicitly log them out for now if they do no exist. + if (!$user->exists) auth()->logout($user); + + if (!$user->exists && $user->email === null && !$request->has('email')) { + $request->flash(); + session()->flash('request-email', true); + return redirect('/login'); + } + + if (!$user->exists && $user->email === null && $request->has('email')) { + $user->email = $request->get('email'); + } + + if (!$user->exists) { + + // Check for users with same email already + $alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0; + if ($alreadyUser) { + throw new AuthException('A user with the email ' . $user->email . ' already exists but with different credentials.'); + } + + $user->save(); + $this->userRepo->attachDefaultRole($user); + auth()->login($user); + } + + return redirect()->intended($this->redirectPath()); + } + /** * Register a new user after a registration callback. * @param $socialDriver @@ -118,8 +161,8 @@ class AuthController extends Controller // Create an array of the user data to create a new user instance $userData = [ - 'name' => $socialUser->getName(), - 'email' => $socialUser->getEmail(), + 'name' => $socialUser->getName(), + 'email' => $socialUser->getEmail(), 'password' => str_random(30) ]; return $this->registerUser($userData, $socialAccount); @@ -127,7 +170,7 @@ class AuthController extends Controller /** * The registrations flow for all users. - * @param array $userData + * @param array $userData * @param bool|false|SocialAccount $socialAccount * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException @@ -135,8 +178,8 @@ class AuthController extends Controller */ protected function registerUser(array $userData, $socialAccount = false) { - if (\Setting::get('registration-restrict')) { - $restrictedEmailDomains = explode(',', str_replace(' ', '', \Setting::get('registration-restrict'))); + if (setting('registration-restrict')) { + $restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict'))); $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1); if (!in_array($userEmailDomain, $restrictedEmailDomains)) { throw new UserRegistrationException('That email domain does not have access to this application', '/register'); @@ -148,21 +191,19 @@ class AuthController extends Controller $newUser->socialAccounts()->save($socialAccount); } - if (\Setting::get('registration-confirmation') || \Setting::get('registration-restrict')) { - $newUser->email_confirmed = false; + if (setting('registration-confirmation') || setting('registration-restrict')) { $newUser->save(); $this->emailConfirmationService->sendConfirmation($newUser); return redirect('/register/confirm'); } - $newUser->email_confirmed = true; auth()->login($newUser); session()->flash('success', 'Thanks for signing up! You are now registered and signed in.'); return redirect($this->redirectPath()); } /** - * Show the page to tell the user to check thier email + * Show the page to tell the user to check their email * and confirm their address. */ public function getRegisterConfirmation() @@ -222,7 +263,7 @@ class AuthController extends Controller ]); $user = $this->userRepo->getByEmail($request->get('email')); $this->emailConfirmationService->sendConfirmation($user); - \Session::flash('success', 'Confirmation email resent, Please check your inbox.'); + session()->flash('success', 'Confirmation email resent, Please check your inbox.'); return redirect('/register/confirm'); } @@ -232,13 +273,9 @@ class AuthController extends Controller */ public function getLogin() { - - if (view()->exists('auth.authenticate')) { - return view('auth.authenticate'); - } - $socialDrivers = $this->socialAuthService->getActiveDrivers(); - return view('auth.login', ['socialDrivers' => $socialDrivers]); + $authMethod = config('auth.method'); + return view('auth/login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]); } /** @@ -253,7 +290,7 @@ class AuthController extends Controller } /** - * Redirect to the social site for authentication initended to register. + * Redirect to the social site for authentication intended to register. * @param $socialDriver * @return mixed */