mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-09-20 16:31:33 +02:00
209 lines
5.9 KiB
PHP
209 lines
5.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\ClientAuth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\Contact;
|
|
use App\Models\Invitation;
|
|
use Config;
|
|
use Illuminate\Foundation\Auth\ResetsPasswords;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Mail\Message;
|
|
use Illuminate\Support\Facades\Password;
|
|
|
|
class PasswordController extends Controller
|
|
{
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Password Reset Controller
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This controller is responsible for handling password reset requests
|
|
| and uses a simple trait to include this behavior. You're free to
|
|
| explore this trait and override any methods you wish to tweak.
|
|
|
|
|
*/
|
|
|
|
use ResetsPasswords;
|
|
|
|
/**
|
|
* @var string
|
|
*/
|
|
protected $redirectTo = '/client/dashboard';
|
|
|
|
/**
|
|
* Create a new password controller instance.
|
|
*
|
|
* @internal param \Illuminate\Contracts\Auth\Guard $auth
|
|
* @internal param \Illuminate\Contracts\Auth\PasswordBroker $passwords
|
|
*/
|
|
public function __construct()
|
|
{
|
|
$this->middleware('guest');
|
|
Config::set('auth.defaults.passwords', 'client');
|
|
}
|
|
|
|
/**
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
*/
|
|
public function showLinkRequestForm()
|
|
{
|
|
$data = [
|
|
'clientauth' => true,
|
|
];
|
|
$contactKey = session('contact_key');
|
|
if (!$contactKey) {
|
|
return \Redirect::to('/client/sessionexpired');
|
|
}
|
|
|
|
return view('clientauth.password')->with($data);
|
|
}
|
|
|
|
/**
|
|
* Send a reset link to the given user.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function sendResetLinkEmail(Request $request)
|
|
{
|
|
$broker = $this->getBroker();
|
|
|
|
$contactId = null;
|
|
$contactKey = session('contact_key');
|
|
if ($contactKey) {
|
|
$contact = Contact::where('contact_key', '=', $contactKey)->first();
|
|
if ($contact && ! $contact->is_deleted && $contact->email) {
|
|
$contactId = $contact->id;
|
|
}
|
|
}
|
|
|
|
$response = Password::broker($broker)->sendResetLink(['id' => $contactId], function (Message $message) {
|
|
$message->subject($this->getEmailSubject());
|
|
});
|
|
|
|
switch ($response) {
|
|
case Password::RESET_LINK_SENT:
|
|
return $this->getSendResetLinkEmailSuccessResponse($response);
|
|
|
|
case Password::INVALID_USER:
|
|
default:
|
|
return $this->getSendResetLinkEmailFailureResponse($response);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Display the password reset view for the given token.
|
|
*
|
|
* If no token is present, display the link request form.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param string|null $key
|
|
* @param string|null $token
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function showResetForm(Request $request, $key = null, $token = null)
|
|
{
|
|
if (is_null($token)) {
|
|
return $this->getEmail();
|
|
}
|
|
|
|
$data = array(
|
|
'token' => $token,
|
|
'clientauth' => true,
|
|
);
|
|
|
|
if ($key) {
|
|
$contact = Contact::where('contact_key', '=', $key)->first();
|
|
if ($contact && ! $contact->is_deleted) {
|
|
$account = $contact->account;
|
|
$data['contact_key'] = $contact->contact_key;
|
|
} else {
|
|
// Maybe it's an invitation key
|
|
$invitation = Invitation::where('invitation_key', '=', $key)->first();
|
|
if ($invitation && ! $invitation->is_deleted) {
|
|
$account = $invitation->account;
|
|
$data['contact_key'] = $invitation->contact->contact_key;
|
|
}
|
|
}
|
|
|
|
if ( empty($account)) {
|
|
return \Redirect::to('/client/sessionexpired');
|
|
}
|
|
}
|
|
|
|
return view('clientauth.reset')->with($data);
|
|
}
|
|
|
|
/**
|
|
* Display the password reset view for the given token.
|
|
*
|
|
* If no token is present, display the link request form.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param string|null $key
|
|
* @param string|null $token
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function getReset(Request $request, $key = null, $token = null)
|
|
{
|
|
return $this->showResetForm($request, $key, $token);
|
|
}
|
|
|
|
/**
|
|
* Reset the given user's password.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function reset(Request $request)
|
|
{
|
|
$this->validate($request, $this->getResetValidationRules());
|
|
|
|
$credentials = $request->only(
|
|
'password', 'password_confirmation', 'token'
|
|
);
|
|
|
|
$credentials['id'] = null;
|
|
|
|
$contactKey = session('contact_key');
|
|
if ($contactKey) {
|
|
$contact = Contact::where('contact_key', '=', $contactKey)->first();
|
|
if ($contact && ! $contact->is_deleted) {
|
|
$credentials['id'] = $contact->id;
|
|
}
|
|
}
|
|
|
|
$broker = $this->getBroker();
|
|
|
|
$response = Password::broker($broker)->reset($credentials, function ($user, $password) {
|
|
$this->resetPassword($user, $password);
|
|
});
|
|
|
|
switch ($response) {
|
|
case Password::PASSWORD_RESET:
|
|
return $this->getResetSuccessResponse($response);
|
|
|
|
default:
|
|
return $this->getResetFailureResponse($request, $response);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the password reset validation rules.
|
|
*
|
|
* @return array
|
|
*/
|
|
protected function getResetValidationRules()
|
|
{
|
|
return [
|
|
'token' => 'required',
|
|
'password' => 'required|confirmed|min:6',
|
|
];
|
|
}
|
|
}
|