1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-30 07:32:39 +01:00
BookStack/app/Access/Controllers/UserInviteController.php

102 lines
2.8 KiB
PHP
Raw Normal View History

2019-08-18 14:11:30 +02:00
<?php
2023-05-17 18:56:55 +02:00
namespace BookStack\Access\Controllers;
2019-08-18 14:11:30 +02:00
2023-05-17 18:56:55 +02:00
use BookStack\Access\UserInviteService;
2019-08-18 14:11:30 +02:00
use BookStack\Exceptions\UserTokenExpiredException;
use BookStack\Exceptions\UserTokenNotFoundException;
use BookStack\Http\Controllers\Controller;
2023-05-17 18:56:55 +02:00
use BookStack\Users\UserRepo;
2019-08-18 14:11:30 +02:00
use Exception;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Routing\Redirector;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules\Password;
2019-08-18 14:11:30 +02:00
class UserInviteController extends Controller
{
protected UserInviteService $inviteService;
protected UserRepo $userRepo;
2019-08-18 14:11:30 +02:00
/**
* Create a new controller instance.
*/
public function __construct(UserInviteService $inviteService, UserRepo $userRepo)
2019-08-18 14:11:30 +02:00
{
$this->middleware('guest');
$this->middleware('guard:standard');
2019-08-18 14:11:30 +02:00
$this->inviteService = $inviteService;
$this->userRepo = $userRepo;
}
/**
* Show the page for the user to set the password for their account.
2021-06-26 17:23:15 +02:00
*
2019-08-18 14:11:30 +02:00
* @throws Exception
*/
public function showSetPassword(string $token)
{
try {
$this->inviteService->checkTokenAndGetUserId($token);
} catch (Exception $exception) {
return $this->handleTokenException($exception);
}
return view('auth.invite-set-password', [
'token' => $token,
]);
}
/**
* Sets the password for an invited user and then grants them access.
2021-06-26 17:23:15 +02:00
*
2019-08-18 14:11:30 +02:00
* @throws Exception
*/
public function setPassword(Request $request, string $token)
2019-08-18 14:11:30 +02:00
{
$this->validate($request, [
'password' => ['required', Password::default()],
2019-08-18 14:11:30 +02:00
]);
try {
$userId = $this->inviteService->checkTokenAndGetUserId($token);
} catch (Exception $exception) {
return $this->handleTokenException($exception);
}
$user = $this->userRepo->getById($userId);
$user->password = Hash::make($request->get('password'));
2019-08-18 14:11:30 +02:00
$user->email_confirmed = true;
$user->save();
$this->inviteService->deleteByUser($user);
$this->showSuccessNotification(trans('auth.user_invite_success_login', ['appName' => setting('app-name')]));
2019-08-18 14:11:30 +02:00
return redirect('/login');
2019-08-18 14:11:30 +02:00
}
/**
* Check and validate the exception thrown when checking an invite token.
2021-06-26 17:23:15 +02:00
*
2019-08-18 14:11:30 +02:00
* @throws Exception
2021-06-26 17:23:15 +02:00
*
* @return RedirectResponse|Redirector
2019-08-18 14:11:30 +02:00
*/
protected function handleTokenException(Exception $exception)
{
if ($exception instanceof UserTokenNotFoundException) {
return redirect('/');
}
if ($exception instanceof UserTokenExpiredException) {
$this->showErrorNotification(trans('errors.invite_token_expired'));
2021-06-26 17:23:15 +02:00
2019-08-18 14:11:30 +02:00
return redirect('/password/email');
}
throw $exception;
}
}