Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-05 18:52:44 +01:00
Code Issues Releases Activity

Custom Scopes depending on provider

Browse Source
This commit is contained in:
David Bomba 2019-05-23 08:28:03 +10:00
parent 608f580760
commit 383c04827d
4 changed files with 80 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
app/Http/Controllers/Auth/LoginController.php
View File

@ -106,28 +106,40 @@ class LoginController extends BaseController
if(request()->has('code'))
return $this->handleProviderCallback($provider);
else
return Socialite::driver($provider)->redirect();
return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send','email','profile','openid')->redirect();
}
/**
* Received the returning object from the provider
* which we will use to resolve the user, we return the response in JSON format
*
* @return json
*/
public function handleProviderCallbackApiUser(string $provider)
{
$socialite_user = Socialite::driver($provider)->stateless()->user();
public function redirectToProviderAndCreate(string $provider)
{
if(request()->has('code'))
return $this->handleProviderCallbackAndCreate($provider);
else
return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send','email','profile','openid')->redirect();
//config('services.google.redirect')
}
public function handleProviderCallbackAndCreate(string $provider)
{
$socialite_user = Socialite::driver($provider)
->stateless()
->user();
/* Handle existing users who attempt to create another account with existing OAuth credentials */
if($user = OAuth::handleAuth($socialite_user, $provider))
{
return $this->itemResponse($user);
Auth::login($user, true);
return redirect($this->redirectTo);
}
else if(MultiDB::checkUserEmailExists($socialite_user->getEmail()))
{
Session::flash('error', 'User exists in system, but not with this authentication method'); //todo add translations
return $this->errorResponse(['message'=>'User exists in system, but not with this authentication method'], 400);
return view('auth.login');
}
/** 3. Automagically creating a new account here. */
else {
@ -139,16 +151,21 @@ class LoginController extends BaseController
'last_name' => $name[1],
'password' => '',
'email' => $socialite_user->getEmail(),
'oauth_user_id' => $socialite_user->getId(),
'oauth_provider_id' => $provider
];
$account = CreateAccount::dispatchNow($new_account);
return $this->itemResponse($account->default_company->owner());
Auth::login($account->default_company->owner(), true);
$cookie = cookie('db', $account->default_company->db);
return redirect($this->redirectTo)->withCookie($cookie);
}
}
/**
* We use this function when OAUTHING via the web interface
*
@ -223,4 +240,45 @@ class LoginController extends BaseController
return $this->errorResponse(['message' => 'Invalid credentials'], 401);
}
/**
* Received the returning object from the provider
* which we will use to resolve the user, we return the response in JSON format
*
* @return json
public function handleProviderCallbackApiUser(string $provider)
{
$socialite_user = Socialite::driver($provider)->stateless()->user();
if($user = OAuth::handleAuth($socialite_user, $provider))
{
return $this->itemResponse($user);
}
else if(MultiDB::checkUserEmailExists($socialite_user->getEmail()))
{
return $this->errorResponse(['message'=>'User exists in system, but not with this authentication method'], 400);
}
else {
//todo
$name = OAuth::splitName($socialite_user->getName());
$new_account = [
'first_name' => $name[0],
'last_name' => $name[1],
'password' => '',
'email' => $socialite_user->getEmail(),
];
$account = CreateAccount::dispatchNow($new_account);
return $this->itemResponse($account->default_company->owner());
}
}
*/
}

2
app/Http/Controllers/InvoiceController.php
View File

@ -234,7 +234,7 @@ class InvoiceController extends BaseController
# code...
break;
case 'mark_paid':
if($invoice->balance == 0 || $invoice->status_id == Invoice::STATUS_PAID)
if($invoice->balance <= 0 || $invoice->status_id == Invoice::STATUS_PAID)
return $this->errorResponse(['message' => 'Invoice has no balance owing'], 400);
$invoice = MarkInvoicePaid::dispatchNow($invoice);

6
app/Http/Middleware/SetDb.php
View File

@ -30,8 +30,10 @@ class SetDb
$error['error'] = ['message' => 'Database could not be set'];
if( $request->header('X-API-TOKEN') && (CompanyToken::whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first()) && config('ninja.db.multi_db_enabled'))
// we must have a token passed, that matched a token in the db, and multiDB is enabled.
// todo i don't think we can call the DB prior to setting it???? i think this if statement needs to be rethought
//if( $request->header('X-API-TOKEN') && (CompanyToken::whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first()) && config('ninja.db.multi_db_enabled'))
if( $request->header('X-API-TOKEN') && config('ninja.db.multi_db_enabled'))
{
if(! MultiDB::findAndSetDb($request->header('X-API-TOKEN')))

1
routes/web.php
View File

@ -32,6 +32,7 @@ Route::post('password/reset', 'Auth\ResetPasswordController@reset')->name('passw
*/
Route::get('auth/{provider}', 'Auth\LoginController@redirectToProvider');
Route::get('auth/{provider}/create', 'Auth\LoginController@redirectToProviderAndCreate');
/*
* Authenticated User Routes