1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-10 13:12:50 +01:00
invoiceninja/app/controllers/UserController.php

266 lines
7.9 KiB
PHP
Raw Normal View History

2013-11-26 13:45:07 +01:00
<?php
/*
|--------------------------------------------------------------------------
| Confide Controller Template
|--------------------------------------------------------------------------
|
| This is the default Confide controller template for controlling user
| authentication. Feel free to change to your needs.
|
*/
class UserController extends BaseController {
2013-12-05 16:23:24 +01:00
public function setTheme()
{
$user = User::find(Auth::user()->id);
$user->theme_id = Input::get('theme_id');
$user->save();
return Redirect::to(Input::get('path'));
}
2013-11-26 13:45:07 +01:00
/**
* Displays the form for account creation
*
*/
public function create()
{
return View::make(Config::get('confide::signup_form'));
}
/**
* Stores new account
*
*/
public function store()
{
$user = new User;
$user->username = Input::get( 'username' );
$user->email = Input::get( 'email' );
$user->password = Input::get( 'password' );
// The password confirmation will be removed from model
// before saving. This field will be used in Ardent's
// auto validation.
$user->password_confirmation = Input::get( 'password_confirmation' );
// Save if valid. Password field will be hashed before save
$user->save();
if ( $user->id )
{
// Redirect with success message, You may replace "Lang::get(..." for your custom message.
return Redirect::action('UserController@login')
->with( 'notice', Lang::get('confide::confide.alerts.account_created') );
}
else
{
// Get validation errors (see Ardent package)
$error = $user->errors()->all(':message');
return Redirect::action('UserController@create')
->withInput(Input::except('password'))
->with( 'error', $error );
}
}
/**
* Displays the login form
*
*/
public function login()
{
if( Confide::user() )
{
2014-01-08 21:09:47 +01:00
Event::fire('user.login');
2014-02-02 21:13:28 +01:00
$invoice = Invoice::scope()->orderBy('id', 'desc')->first();
if ($invoice)
{
return Redirect::to('/invoices/' . $invoice->public_id);
}
else
{
return Redirect::to('/invoices/create');
}
2013-11-26 13:45:07 +01:00
}
else
{
return View::make(Config::get('confide::login_form'));
}
}
/**
* Attempt to do login
*
*/
public function do_login()
{
$input = array(
2014-01-12 19:55:33 +01:00
'email' => Input::get( 'login_email' ), // May be the username too
'username' => Input::get( 'login_email' ), // so we have to pass both
'password' => Input::get( 'login_password' ),
2013-12-07 19:45:00 +01:00
'remember' => true,
2013-11-26 13:45:07 +01:00
);
// If you wish to only allow login from confirmed users, call logAttempt
// with the second parameter as true.
// logAttempt will check if the 'email' perhaps is the username.
// Get the value from the config file instead of changing the controller
2014-01-12 19:55:33 +01:00
if ( Confide::logAttempt( $input, false ) )
2013-12-07 19:45:00 +01:00
{
2013-12-15 13:55:50 +01:00
Event::fire('user.login');
2013-11-26 13:45:07 +01:00
// Redirect the user to the URL they were trying to access before
// caught by the authentication filter IE Redirect::guest('user/login').
// Otherwise fallback to '/'
// Fix pull #145
2013-12-07 19:45:00 +01:00
return Redirect::intended('/clients'); // change it to '/admin', '/dashboard' or something
2013-11-26 13:45:07 +01:00
}
else
{
$user = new User;
// Check if there was too many login attempts
if( Confide::isThrottled( $input ) )
{
$err_msg = Lang::get('confide::confide.alerts.too_many_attempts');
}
2013-12-07 19:45:00 +01:00
/*
2013-11-26 13:45:07 +01:00
elseif( $user->checkUserExists( $input ) and ! $user->isConfirmed( $input ) )
{
$err_msg = Lang::get('confide::confide.alerts.not_confirmed');
}
2013-12-07 19:45:00 +01:00
*/
2013-11-26 13:45:07 +01:00
else
{
$err_msg = Lang::get('confide::confide.alerts.wrong_credentials');
}
2014-01-16 22:12:46 +01:00
return Redirect::action('UserController@login')
2014-01-12 19:55:33 +01:00
->withInput(Input::except('login_password'))
2013-12-07 19:45:00 +01:00
->with( 'error', $err_msg );
2013-11-26 13:45:07 +01:00
}
}
/**
* Attempt to confirm account with code
*
* @param string $code
*/
public function confirm( $code )
{
if ( Confide::confirm( $code ) )
{
$notice_msg = Lang::get('confide::confide.alerts.confirmation');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
}
else
{
$error_msg = Lang::get('confide::confide.alerts.wrong_confirmation');
return Redirect::action('UserController@login')
->with( 'error', $error_msg );
}
}
/**
* Displays the forgot password form
*
*/
public function forgot_password()
{
return View::make(Config::get('confide::forgot_password_form'));
}
/**
* Attempt to send change password link to the given email
*
*/
public function do_forgot_password()
{
2013-12-07 21:33:07 +01:00
Confide::forgotPassword( Input::get( 'email' ) );
$notice_msg = Lang::get('confide::confide.alerts.password_forgot');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
/*
2013-11-26 13:45:07 +01:00
if( Confide::forgotPassword( Input::get( 'email' ) ) )
{
$notice_msg = Lang::get('confide::confide.alerts.password_forgot');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
}
else
{
$error_msg = Lang::get('confide::confide.alerts.wrong_password_forgot');
return Redirect::action('UserController@forgot_password')
->withInput()
->with( 'error', $error_msg );
}
2013-12-07 21:33:07 +01:00
*/
2013-11-26 13:45:07 +01:00
}
/**
* Shows the change password form with the given token
*
*/
public function reset_password( $token )
{
return View::make(Config::get('confide::reset_password_form'))
->with('token', $token);
}
/**
* Attempt change password of the user
*
*/
public function do_reset_password()
{
$input = array(
'token'=>Input::get( 'token' ),
'password'=>Input::get( 'password' ),
'password_confirmation'=>Input::get( 'password_confirmation' ),
);
2014-01-09 20:00:08 +01:00
2013-11-26 13:45:07 +01:00
// By passing an array with the token, password and confirmation
if( Confide::resetPassword( $input ) )
{
$notice_msg = Lang::get('confide::confide.alerts.password_reset');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
}
else
{
$error_msg = Lang::get('confide::confide.alerts.wrong_password_reset');
return Redirect::action('UserController@reset_password', array('token'=>$input['token']))
->withInput()
->with( 'error', $error_msg );
}
}
/**
* Log the user out of the application.
*
*/
public function logout()
{
2014-03-20 23:12:07 +01:00
if (Auth::check())
2013-12-03 23:00:01 +01:00
{
2014-03-20 23:12:07 +01:00
if (!Auth::user()->registered)
{
$account = Auth::user()->account;
$account->forceDelete();
}
2013-12-03 23:00:01 +01:00
}
Confide::logout();
2013-11-26 13:45:07 +01:00
2013-12-03 23:00:01 +01:00
return Redirect::to('/')->with('clearGuestKey', true);
2013-11-26 13:45:07 +01:00
}
}