X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a24f3d7d4759df6b509533daaa1c9686a074e9fe..refs/pull/1025/head:/app/Http/Controllers/Auth/RegisterController.php diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 8b0ef309a..385994324 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -2,12 +2,13 @@ namespace BookStack\Http\Controllers\Auth; -use BookStack\Exceptions\ConfirmationEmailException; +use BookStack\Exceptions\SocialSignInAccountNotUsed; use BookStack\Exceptions\SocialSignInException; use BookStack\Exceptions\UserRegistrationException; use BookStack\Repos\UserRepo; use BookStack\Services\EmailConfirmationService; use BookStack\Services\SocialAuthService; +use BookStack\SocialAccount; use BookStack\User; use Exception; use Illuminate\Http\Request; @@ -15,6 +16,7 @@ use Illuminate\Http\Response; use Validator; use BookStack\Http\Controllers\Controller; use Illuminate\Foundation\Auth\RegistersUsers; +use Laravel\Socialite\Contracts\User as SocialUser; class RegisterController extends Controller { @@ -52,7 +54,7 @@ class RegisterController extends Controller */ public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo) { - $this->middleware('guest')->except(['socialCallback', 'detachSocialAccount']); + $this->middleware('guest')->only(['getRegister', 'postRegister', 'socialRegister']); $this->socialAuthService = $socialAuthService; $this->emailConfirmationService = $emailConfirmationService; $this->userRepo = $userRepo; @@ -90,6 +92,7 @@ class RegisterController extends Controller /** * Show the application registration form. * @return Response + * @throws UserRegistrationException */ public function getRegister() { @@ -101,20 +104,13 @@ class RegisterController extends Controller /** * Handle a registration request for the application. * @param Request|\Illuminate\Http\Request $request - * @return Response + * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException - * @throws \Illuminate\Foundation\Validation\ValidationException */ public function postRegister(Request $request) { $this->checkRegistrationAllowed(); - $validator = $this->validator($request->all()); - - if ($validator->fails()) { - $this->throwValidationException( - $request, $validator - ); - } + $this->validator($request->all())->validate(); $userData = $request->all(); return $this->registerUser($userData); @@ -138,26 +134,28 @@ class RegisterController extends Controller * The registrations flow for all users. * @param array $userData * @param bool|false|SocialAccount $socialAccount + * @param bool $emailVerified * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException - * @throws ConfirmationEmailException */ - protected function registerUser(array $userData, $socialAccount = false) + protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false) { - if (setting('registration-restrict')) { - $restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict'))); + $registrationRestrict = setting('registration-restrict'); + + if ($registrationRestrict) { + $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict)); $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1); if (!in_array($userEmailDomain, $restrictedEmailDomains)) { throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register'); } } - $newUser = $this->userRepo->registerNew($userData); + $newUser = $this->userRepo->registerNew($userData, $emailVerified); if ($socialAccount) { $newUser->socialAccounts()->save($socialAccount); } - if (setting('registration-confirmation') || setting('registration-restrict')) { + if ((setting('registration-confirmation') || $registrationRestrict) && !$emailVerified) { $newUser->save(); try { @@ -230,7 +228,6 @@ class RegisterController extends Controller return redirect('/register/confirm'); } - $this->emailConfirmationService->sendConfirmation($user); session()->flash('success', trans('auth.email_confirm_resent')); return redirect('/register/confirm'); } @@ -239,6 +236,8 @@ class RegisterController extends Controller * Redirect to the social site for authentication intended to register. * @param $socialDriver * @return mixed + * @throws UserRegistrationException + * @throws \BookStack\Exceptions\SocialDriverNotConfigured */ public function socialRegister($socialDriver) { @@ -250,21 +249,45 @@ class RegisterController extends Controller /** * The callback for social login services. * @param $socialDriver + * @param Request $request * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws SocialSignInException + * @throws UserRegistrationException + * @throws \BookStack\Exceptions\SocialDriverNotConfigured */ - public function socialCallback($socialDriver) + public function socialCallback($socialDriver, Request $request) { - if (session()->has('social-callback')) { - $action = session()->pull('social-callback'); - if ($action == 'login') { - return $this->socialAuthService->handleLoginCallback($socialDriver); - } elseif ($action == 'register') { - return $this->socialRegisterCallback($socialDriver); - } - } else { + if (!session()->has('social-callback')) { throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login'); } + + // Check request for error information + if ($request->has('error') && $request->has('error_description')) { + throw new SocialSignInException(trans('errors.social_login_bad_response', [ + 'socialAccount' => $socialDriver, + 'error' => $request->get('error_description'), + ]), '/login'); + } + + $action = session()->pull('social-callback'); + + // Attempt login or fall-back to register if allowed. + $socialUser = $this->socialAuthService->getSocialUser($socialDriver); + if ($action == 'login') { + try { + return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser); + } catch (SocialSignInAccountNotUsed $exception) { + if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) { + return $this->socialRegisterCallback($socialDriver, $socialUser); + } + throw $exception; + } + } + + if ($action == 'register') { + return $this->socialRegisterCallback($socialDriver, $socialUser); + } + return redirect()->back(); } @@ -280,14 +303,16 @@ class RegisterController extends Controller /** * Register a new user after a registration callback. - * @param $socialDriver + * @param string $socialDriver + * @param SocialUser $socialUser * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException */ - protected function socialRegisterCallback($socialDriver) + protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser) { - $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver); + $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser); $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser); + $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver); // Create an array of the user data to create a new user instance $userData = [ @@ -295,7 +320,6 @@ class RegisterController extends Controller 'email' => $socialUser->getEmail(), 'password' => str_random(30) ]; - return $this->registerUser($userData, $socialAccount); + return $this->registerUser($userData, $socialAccount, $emailVerified); } - -} \ No newline at end of file +}