Fixes for payment emails

app/Http/Controllers/PaymentController.php

@@ -613,7 +613,6 @@ class PaymentController extends BaseController
                 // code...
                 break;
             case 'email':
-                //dispatch email to queue
                 $payment->service()->sendEmail();
 
                 if (! $bulk) {

app/Http/Controllers/VendorPortal/VendorContactHashLoginController.php

@@ -0,0 +1,42 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2022. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://www.elastic.co/licensing/elastic-license
+ */
+
+namespace App\Http\Controllers\VendorPortal;
+
+use App\Http\Controllers\Controller;
+use App\Http\ViewComposers\PortalComposer;
+use App\Models\RecurringInvoice;
+use Auth;
+
+class VendorContactHashLoginController extends Controller
+{
+    /**
+     * Logs a user into the client portal using their contact_key
+     * @param  string $contact_key  The contact key
+     * @return Auth|Redirect
+     */
+    public function login(string $contact_key)
+    {
+        return redirect('/vendors/purchase_orders');
+    }
+
+    public function magicLink(string $magic_link)
+    {
+        return redirect($this->setRedirectPath());
+    }
+
+    public function errorPage()
+    {
+        return render('generic.error', ['title' => session()->get('title'), 'notification' => session()->get('notification')]);
+    }
+
+
+}

app/Http/Kernel.php

@@ -42,6 +42,7 @@ use App\Http\Middleware\TrimStrings;
 use App\Http\Middleware\TrustProxies;
 use App\Http\Middleware\UrlSetDb;
 use App\Http\Middleware\UserVerified;
+use App\Http\Middleware\VendorContactKeyLogin;
 use App\Http\Middleware\VendorLocale;
 use App\Http\Middleware\VerifyCsrfToken;
 use App\Http\Middleware\VerifyHash;
@@ -166,6 +167,7 @@ class Kernel extends HttpKernel
         'shop_token_auth' => ShopTokenAuth::class,
         'phantom_secret' => PhantomSecret::class,
         'contact_key_login' => ContactKeyLogin::class,
+        'vendor_contact_key_login' => VendorContactKeyLogin::class,
         'check_client_existence' => CheckClientExistence::class,
         'user_verified' => UserVerified::class,
         'document_db' => SetDocumentDb::class,

app/Http/Middleware/VendorContactKeyLogin.php

@@ -0,0 +1,155 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2022. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://www.elastic.co/licensing/elastic-license
+ */
+
+namespace App\Http\Middleware;
+
+use App\Http\ViewComposers\PortalComposer;
+use App\Libraries\MultiDB;
+use App\Models\Vendor;
+use App\Models\VendorContact;
+use Auth;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Str;
+
+class VendorContactKeyLogin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * Sets a contact LOGGED IN if an appropriate vendor_hash is provided as a query parameter
+     * OR
+     * If the contact_key is provided in the route
+     *
+     * @param  Request  $request
+     * @param Closure $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (Auth::guard('vendor')->check()) {
+            Auth::guard('vendor')->logout();
+            $request->session()->invalidate();
+        }
+
+        if ($request->segment(2) && $request->segment(2) == 'magic_link' && $request->segment(3)) {
+            $payload = Cache::get($request->segment(3));
+
+            if (! $payload) {
+                abort(403, 'Link expired.');
+            }
+
+            $contact_email = $payload['email'];
+
+            if ($vendor_contact = VendorContact::where('email', $contact_email)->where('company_id', $payload['company_id'])->first()) {
+                if (empty($vendor_contact->email)) {
+                    $vendor_contact->email = Str::random(15).'@example.com';
+                }
+                $vendor_contact->save();
+
+                auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
+
+                if ($request->query('redirect') && ! empty($request->query('redirect'))) {
+                    return redirect()->to($request->query('redirect'));
+                }
+
+                return redirect($this->setRedirectPath());
+            }
+        } elseif ($request->segment(3) && config('ninja.db.multi_db_enabled')) {
+            if (MultiDB::findAndSetDbByContactKey($request->segment(3))) {
+                if ($vendor_contact = VendorContact::where('contact_key', $request->segment(3))->first()) {
+                    if (empty($vendor_contact->email)) {
+                        $vendor_contact->email = Str::random(6).'@example.com';
+                    }
+                    $vendor_contact->save();
+
+                    auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
+
+                    if ($request->query('next')) {
+                        return redirect()->to($request->query('next'));
+                    }
+
+                    return redirect($this->setRedirectPath());
+                }
+            }
+        } elseif ($request->segment(2) && $request->segment(2) == 'key_login' && $request->segment(3)) {
+            if ($vendor_contact = VendorContact::where('contact_key', $request->segment(3))->first()) {
+                if (empty($vendor_contact->email)) {
+                    $vendor_contact->email = Str::random(6).'@example.com';
+                    $vendor_contact->save();
+                }
+
+                auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
+
+                if ($request->query('next')) {
+                    return redirect($request->query('next'));
+                }
+
+                return redirect($this->setRedirectPath());
+            }
+        } elseif ($request->has('vendor_hash') && config('ninja.db.multi_db_enabled')) {
+            if (MultiDB::findAndSetDbByClientHash($request->input('vendor_hash'))) {
+                if ($client = Vendor::where('vendor_hash', $request->input('vendor_hash'))->first()) {
+                    $primary_contact = $client->primary_contact()->first();
+
+                    if (empty($primary_contact->email)) {
+                        $primary_contact->email = Str::random(6).'@example.com';
+                    }
+                    $primary_contact->save();
+
+                    auth()->guard('vendor')->loginUsingId($primary_contact->id, true);
+
+                    return redirect($this->setRedirectPath());
+                }
+            }
+        } elseif ($request->has('vendor_hash')) {
+            if ($client = Vendor::where('vendor_hash', $request->input('vendor_hash'))->first()) {
+                $primary_contact = $client->primary_contact()->first();
+
+                if (empty($primary_contact->email)) {
+                    $primary_contact->email = Str::random(6).'@example.com';
+                }
+                $primary_contact->save();
+
+                auth()->guard('vendor')->loginUsingId($primary_contact->id, true);
+
+                return redirect($this->setRedirectPath());
+            }
+        } elseif ($request->segment(3)) {
+            if ($vendor_contact = VendorContact::where('contact_key', $request->segment(3))->first()) {
+                if (empty($vendor_contact->email)) {
+                    $vendor_contact->email = Str::random(6).'@example.com';
+                    $vendor_contact->save();
+                }
+
+                auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
+
+                if ($request->query('next')) {
+                    return redirect($request->query('next'));
+                }
+
+                return redirect($this->setRedirectPath());
+            }
+        }
+        //28-02-2022 middleware should not allow this to progress as we should have redirected by this stage.
+        abort(404, 'Unable to authenticate.');
+
+        return $next($request);
+    }
+
+    private function setRedirectPath()
+    {
+
+        return 'vendors/purchase_orders';
+        
+    }
+}

app/Models/VendorContact.php

@@ -154,4 +154,13 @@ class VendorContact extends Authenticatable implements HasLocalePreference
     {
         return $this->hasMany(PurchaseOrderInvitation::class);
     }
+
+    public function getLoginLink()
+    {
+
+        $domain = isset($this->company->portal_domain) ? $this->company->portal_domain : $this->company->domain();
+
+        return $domain.'/vendors/key_login/'.$this->contact_key;
+
+    }
 }

app/Services/Payment/SendEmail.php

@@ -34,10 +34,10 @@ class SendEmail
     {
         $this->payment->load('company', 'client.contacts');
 
-        $this->payment->client->contacts->each(function ($contact) {
+        $contact = $this->payment->client->contacts()->first();
-            if ($contact->email) {
+
+        if ($contact->email)
             EmailPayment::dispatch($this->payment, $this->payment->company, $contact);
-            }
+         
-        });
     }
 }

app/Transformers/VendorContactTransformer.php

@@ -42,6 +42,7 @@ class VendorContactTransformer extends EntityTransformer
             'custom_value2' => $vendor->custom_value2 ?: '',
             'custom_value3' => $vendor->custom_value3 ?: '',
             'custom_value4' => $vendor->custom_value4 ?: '',
+            'link' => $vendor->getLoginLink(),
         ];
     }
 }

routes/vendor.php

@@ -15,9 +15,11 @@ use App\Http\Controllers\VendorPortal\InvitationController;
 use App\Http\Controllers\VendorPortal\PurchaseOrderController;
 use App\Http\Controllers\VendorPortal\UploadController;
 use App\Http\Controllers\VendorPortal\VendorContactController;
+use App\Http\Controllers\VendorPortal\VendorContactHashLoginController;
 use Illuminate\Support\Facades\Route;
 
 Route::get('vendors', [VendorContactLoginController::class, 'catch'])->name('vendor.catchall')->middleware(['domain_db', 'contact_account','vendor_locale']); //catch all
+Route::get('vendor/key_login/{contact_key}', [VendorContactHashLoginController::class, 'login'])->name('contact_login')->middleware(['domain_db','contact_key_login']);
 
 Route::group(['middleware' => ['invite_db'], 'prefix' => 'vendor', 'as' => 'vendor.'], function () {
     /*Invitation catches*/