X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/b5a2d3c1c423d81b80fd7034a33ada85863a29ad..refs/pull/1804/head:/app/Http/Controllers/Auth/LoginController.php diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index e011c642f..b1d22d57e 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -2,11 +2,11 @@ namespace BookStack\Http\Controllers\Auth; +use BookStack\Auth\Access\LdapService; +use BookStack\Auth\Access\SocialAuthService; +use BookStack\Auth\UserRepo; use BookStack\Exceptions\AuthException; use BookStack\Http\Controllers\Controller; -use BookStack\Repos\UserRepo; -use BookStack\Services\LdapService; -use BookStack\Services\SocialAuthService; use Illuminate\Contracts\Auth\Authenticatable; use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Http\Request; @@ -43,9 +43,9 @@ class LoginController extends Controller /** * Create a new controller instance. * - * @param SocialAuthService $socialAuthService + * @param \BookStack\Auth\\BookStack\Auth\Access\SocialAuthService $socialAuthService * @param LdapService $ldapService - * @param UserRepo $userRepo + * @param \BookStack\Auth\UserRepo $userRepo */ public function __construct(SocialAuthService $socialAuthService, LdapService $ldapService, UserRepo $userRepo) { @@ -53,8 +53,8 @@ class LoginController extends Controller $this->socialAuthService = $socialAuthService; $this->ldapService = $ldapService; $this->userRepo = $userRepo; - $this->redirectPath = baseUrl('/'); - $this->redirectAfterLogout = baseUrl('/login'); + $this->redirectPath = url('/'); + $this->redirectAfterLogout = url('/https/source.bookstackapp.com/login'); parent::__construct(); } @@ -70,6 +70,7 @@ class LoginController extends Controller * @param Authenticatable $user * @return \Illuminate\Http\RedirectResponse * @throws AuthException + * @throws \BookStack\Exceptions\LdapException */ protected function authenticated(Request $request, Authenticatable $user) { @@ -97,17 +98,16 @@ class LoginController extends Controller $user->save(); $this->userRepo->attachDefaultRole($user); + $this->userRepo->downloadAndAssignUserAvatar($user); auth()->login($user); } // Sync LDAP groups if required if ($this->ldapService->shouldSyncGroups()) { - $this->ldapService->syncGroups($user); + $this->ldapService->syncGroups($user, $request->get($this->username())); } - $path = session()->pull('url.intended', '/'); - $path = baseUrl($path, true); - return redirect($path); + return redirect()->intended('/'); } /** @@ -119,6 +119,7 @@ class LoginController extends Controller { $socialDrivers = $this->socialAuthService->getActiveDrivers(); $authMethod = config('auth.method'); + $samlEnabled = config('saml2.enabled') === true; if ($request->has('email')) { session()->flashInput([ @@ -127,7 +128,11 @@ class LoginController extends Controller ]); } - return view('auth/login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]); + return view('auth.login', [ + 'socialDrivers' => $socialDrivers, + 'authMethod' => $authMethod, + 'samlEnabled' => $samlEnabled, + ]); } /** @@ -141,4 +146,23 @@ class LoginController extends Controller session()->put('social-callback', 'login'); return $this->socialAuthService->startLogIn($socialDriver); } + + /** + * Log the user out of the application. + * + * @param \Illuminate\Http\Request $request + * @return \Illuminate\Http\Response + */ + public function logout(Request $request) + { + if (config('saml2.enabled') && session()->get('last_login_type') === 'saml2') { + return redirect('/saml2/logout'); + } + + $this->guard()->logout(); + + $request->session()->invalidate(); + + return $this->loggedOut($request) ?: redirect('/'); + } }