X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/d640cc1eeef8fe5786f663b13dc3910b3d4d6b2e..refs/pull/1804/head:/app/Http/Controllers/Auth/LoginController.php

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 4c846d0e0..b1d22d57e 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -2,11 +2,11 @@
 
 namespace BookStack\Http\Controllers\Auth;
 
+use BookStack\Auth\Access\LdapService;
+use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Auth\UserRepo;
 use BookStack\Exceptions\AuthException;
 use BookStack\Http\Controllers\Controller;
-use BookStack\Repos\UserRepo;
-use BookStack\Repos\LdapRepo;
-use BookStack\Services\SocialAuthService;
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
@@ -37,21 +37,24 @@ class LoginController extends Controller
     protected $redirectAfterLogout = '/login';
 
     protected $socialAuthService;
+    protected $ldapService;
     protected $userRepo;
 
     /**
      * Create a new controller instance.
      *
-     * @param SocialAuthService $socialAuthService
-     * @param UserRepo $userRepo
+     * @param \BookStack\Auth\\BookStack\Auth\Access\SocialAuthService $socialAuthService
+     * @param LdapService $ldapService
+     * @param \BookStack\Auth\UserRepo $userRepo
      */
-    public function __construct(SocialAuthService $socialAuthService, UserRepo $userRepo)
+    public function __construct(SocialAuthService $socialAuthService, LdapService $ldapService, UserRepo $userRepo)
     {
         $this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
         $this->socialAuthService = $socialAuthService;
+        $this->ldapService = $ldapService;
         $this->userRepo = $userRepo;
-        $this->redirectPath = baseUrl('/');
-        $this->redirectAfterLogout = baseUrl('/login');
+        $this->redirectPath = url('/');
+        $this->redirectAfterLogout = url('/https/source.bookstackapp.com/login');
         parent::__construct();
     }
 
@@ -67,6 +70,7 @@ class LoginController extends Controller
      * @param Authenticatable $user
      * @return \Illuminate\Http\RedirectResponse
      * @throws AuthException
+     * @throws \BookStack\Exceptions\LdapException
      */
     protected function authenticated(Request $request, Authenticatable $user)
     {
@@ -94,19 +98,16 @@ class LoginController extends Controller
 
             $user->save();
             $this->userRepo->attachDefaultRole($user);
+            $this->userRepo->downloadAndAssignUserAvatar($user);
             auth()->login($user);
         }
 
-		// ldap groups refresh
-		if (config('services.ldap.user_to_groups') !== false && $request->filled('username')) {
-			$ldapRepo = new LdapRepo($this->userRepo);
-			$ldapRepo->syncGroups($user,$request->input('username'));
-		}
-
+        // Sync LDAP groups if required
+        if ($this->ldapService->shouldSyncGroups()) {
+            $this->ldapService->syncGroups($user, $request->get($this->username()));
+        }
 
-		$path = session()->pull('url.intended', '/');
-        $path = baseUrl($path, true);
-        return redirect($path);
+        return redirect()->intended('/');
     }
 
     /**
@@ -118,6 +119,7 @@ class LoginController extends Controller
     {
         $socialDrivers = $this->socialAuthService->getActiveDrivers();
         $authMethod = config('auth.method');
+        $samlEnabled = config('saml2.enabled') === true;
 
         if ($request->has('email')) {
             session()->flashInput([
@@ -126,17 +128,41 @@ class LoginController extends Controller
             ]);
         }
 
-        return view('auth/login', ['socialDrivers' => $socialDrivers, 'authMethod' => $authMethod]);
+        return view('auth.login', [
+          'socialDrivers' => $socialDrivers,
+          'authMethod' => $authMethod,
+          'samlEnabled' => $samlEnabled,
+        ]);
     }
 
     /**
      * Redirect to the relevant social site.
      * @param $socialDriver
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
+     * @throws \BookStack\Exceptions\SocialDriverNotConfigured
      */
     public function getSocialLogin($socialDriver)
     {
         session()->put('social-callback', 'login');
         return $this->socialAuthService->startLogIn($socialDriver);
     }
+
+    /**
+     * Log the user out of the application.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function logout(Request $request)
+    {
+        if (config('saml2.enabled') && session()->get('last_login_type') === 'saml2') {
+            return redirect('/saml2/logout');
+        }
+
+        $this->guard()->logout();
+
+        $request->session()->invalidate();
+
+        return $this->loggedOut($request) ?: redirect('/');
+    }
 }