X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/fff5bbcee458992443e3732fbcbbbe34f765fcc3..refs/pull/1143/head:/app/Http/Controllers/Auth/RegisterController.php diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 6bba6de04..cdcca116c 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -2,18 +2,19 @@ namespace BookStack\Http\Controllers\Auth; -use BookStack\Exceptions\ConfirmationEmailException; +use BookStack\Auth\SocialAccount; +use BookStack\Auth\User; +use BookStack\Auth\UserRepo; +use BookStack\Exceptions\SocialSignInAccountNotUsed; +use BookStack\Exceptions\SocialSignInException; use BookStack\Exceptions\UserRegistrationException; -use BookStack\Repos\UserRepo; -use BookStack\Services\EmailConfirmationService; -use BookStack\Services\SocialAuthService; -use BookStack\User; +use BookStack\Http\Controllers\Controller; use Exception; +use Illuminate\Foundation\Auth\RegistersUsers; use Illuminate\Http\Request; use Illuminate\Http\Response; +use Laravel\Socialite\Contracts\User as SocialUser; use Validator; -use BookStack\Http\Controllers\Controller; -use Illuminate\Foundation\Auth\RegistersUsers; class RegisterController extends Controller { @@ -45,13 +46,13 @@ class RegisterController extends Controller /** * Create a new controller instance. * - * @param SocialAuthService $socialAuthService - * @param EmailConfirmationService $emailConfirmationService - * @param UserRepo $userRepo + * @param \BookStack\Auth\Access\SocialAuthService $socialAuthService + * @param \BookStack\Auth\EmailConfirmationService $emailConfirmationService + * @param \BookStack\Auth\UserRepo $userRepo */ - public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo) + public function __construct(\BookStack\Auth\Access\SocialAuthService $socialAuthService, \BookStack\Auth\Access\EmailConfirmationService $emailConfirmationService, UserRepo $userRepo) { - $this->middleware('guest'); + $this->middleware('guest')->only(['getRegister', 'postRegister', 'socialRegister']); $this->socialAuthService = $socialAuthService; $this->emailConfirmationService = $emailConfirmationService; $this->userRepo = $userRepo; @@ -82,13 +83,14 @@ class RegisterController extends Controller protected function checkRegistrationAllowed() { if (!setting('registration-enabled')) { - throw new UserRegistrationException('Registrations are currently disabled.', '/login'); + throw new UserRegistrationException(trans('auth.registrations_disabled'), '/login'); } } /** * Show the application registration form. * @return Response + * @throws UserRegistrationException */ public function getRegister() { @@ -100,20 +102,13 @@ class RegisterController extends Controller /** * Handle a registration request for the application. * @param Request|\Illuminate\Http\Request $request - * @return Response + * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException - * @throws \Illuminate\Foundation\Validation\ValidationException */ public function postRegister(Request $request) { $this->checkRegistrationAllowed(); - $validator = $this->validator($request->all()); - - if ($validator->fails()) { - $this->throwValidationException( - $request, $validator - ); - } + $this->validator($request->all())->validate(); $userData = $request->all(); return $this->registerUser($userData); @@ -122,7 +117,7 @@ class RegisterController extends Controller /** * Create a new user instance after a valid registration. * @param array $data - * @return User + * @return \BookStack\Auth\User */ protected function create(array $data) { @@ -137,26 +132,28 @@ class RegisterController extends Controller * The registrations flow for all users. * @param array $userData * @param bool|false|SocialAccount $socialAccount + * @param bool $emailVerified * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException - * @throws ConfirmationEmailException */ - protected function registerUser(array $userData, $socialAccount = false) + protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false) { - if (setting('registration-restrict')) { - $restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict'))); + $registrationRestrict = setting('registration-restrict'); + + if ($registrationRestrict) { + $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict)); $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1); if (!in_array($userEmailDomain, $restrictedEmailDomains)) { - throw new UserRegistrationException('That email domain does not have access to this application', '/register'); + throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register'); } } - $newUser = $this->userRepo->registerNew($userData); + $newUser = $this->userRepo->registerNew($userData, $emailVerified); if ($socialAccount) { $newUser->socialAccounts()->save($socialAccount); } - if (setting('registration-confirmation') || setting('registration-restrict')) { + if ((setting('registration-confirmation') || $registrationRestrict) && !$emailVerified) { $newUser->save(); try { @@ -169,7 +166,7 @@ class RegisterController extends Controller } auth()->login($newUser); - session()->flash('success', 'Thanks for signing up! You are now registered and signed in.'); + session()->flash('success', trans('auth.register_success')); return redirect($this->redirectPath()); } @@ -229,7 +226,6 @@ class RegisterController extends Controller return redirect('/register/confirm'); } - $this->emailConfirmationService->sendConfirmation($user); session()->flash('success', trans('auth.email_confirm_resent')); return redirect('/register/confirm'); } @@ -238,6 +234,8 @@ class RegisterController extends Controller * Redirect to the social site for authentication intended to register. * @param $socialDriver * @return mixed + * @throws UserRegistrationException + * @throws \BookStack\Exceptions\SocialDriverNotConfigured */ public function socialRegister($socialDriver) { @@ -249,21 +247,45 @@ class RegisterController extends Controller /** * The callback for social login services. * @param $socialDriver + * @param Request $request * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws SocialSignInException + * @throws UserRegistrationException + * @throws \BookStack\Exceptions\SocialDriverNotConfigured */ - public function socialCallback($socialDriver) + public function socialCallback($socialDriver, Request $request) { - if (session()->has('social-callback')) { - $action = session()->pull('social-callback'); - if ($action == 'login') { - return $this->socialAuthService->handleLoginCallback($socialDriver); - } elseif ($action == 'register') { - return $this->socialRegisterCallback($socialDriver); + if (!session()->has('social-callback')) { + throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login'); + } + + // Check request for error information + if ($request->has('error') && $request->has('error_description')) { + throw new SocialSignInException(trans('errors.social_login_bad_response', [ + 'socialAccount' => $socialDriver, + 'error' => $request->get('error_description'), + ]), '/login'); + } + + $action = session()->pull('social-callback'); + + // Attempt login or fall-back to register if allowed. + $socialUser = $this->socialAuthService->getSocialUser($socialDriver); + if ($action == 'login') { + try { + return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser); + } catch (SocialSignInAccountNotUsed $exception) { + if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) { + return $this->socialRegisterCallback($socialDriver, $socialUser); + } + throw $exception; } - } else { - throw new SocialSignInException('No action defined', '/login'); } + + if ($action == 'register') { + return $this->socialRegisterCallback($socialDriver, $socialUser); + } + return redirect()->back(); } @@ -279,14 +301,16 @@ class RegisterController extends Controller /** * Register a new user after a registration callback. - * @param $socialDriver + * @param string $socialDriver + * @param SocialUser $socialUser * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UserRegistrationException */ - protected function socialRegisterCallback($socialDriver) + protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser) { - $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver); + $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser); $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser); + $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver); // Create an array of the user data to create a new user instance $userData = [ @@ -294,8 +318,6 @@ class RegisterController extends Controller 'email' => $socialUser->getEmail(), 'password' => str_random(30) ]; - return $this->registerUser($userData, $socialAccount); + return $this->registerUser($userData, $socialAccount, $emailVerified); } - - -} \ No newline at end of file +}