diff --git a/app/Http/Controllers/API/UserController.php b/app/Http/Controllers/API/UserController.php index 8409a0d..7f10014 100644 --- a/app/Http/Controllers/API/UserController.php +++ b/app/Http/Controllers/API/UserController.php @@ -72,13 +72,29 @@ class UserController extends BaseController //If Recptache is enabled check it at the beginning if(Setting::getSettingValue("recaptcha_v2_register")) { $reCaptcha = new ReCaptcha(Setting::getSettingValue("recaptcha_v2_secret")); - $response = $reCaptcha->verify($request->input("g-recaptcha-response")); + $captchaResponse = $reCaptcha->verify($request->input("g-recaptcha-response")); - if(!$response->isSuccess()) { + if(!$captchaResponse->isSuccess()) { throw new HTTPException(400, "Captcha validation failed"); } } + $invite = Invite::query()->where("code", "=", $request->input("invite"))->first(); + if($invite != null) { + if($invite->status != "active") { + throw new HTTPException("Invite code invalide"); + } + if(!empty($invite->username) && $request->input("username") != $invite->username) { + throw new HTTPException("Invalide username for invite"); + } + + } else { + $setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail(); + if(!$setting->value) { + throw new HTTPException("400", "Registration disabled"); + } + } + $this->validate($request, [ 'username' => 'required|max:255|min:5|regex:@^[a-z0-9]*$@|unique:users', 'password' => 'required|min:8', diff --git a/resources/views/account/register.php b/resources/views/account/register.php index 4eddea8..6d50563 100644 --- a/resources/views/account/register.php +++ b/resources/views/account/register.php @@ -1,4 +1,5 @@ +

Register

@@ -27,6 +28,7 @@ E-Mail +
@@ -39,7 +41,7 @@ url: "/api/v1/user/captcha", success: function (res) { captchaConfig = res.data; - if(captchaConfig["login"]) { + if(captchaConfig["register"]) { grecaptcha.render('captcha', { 'sitekey' : captchaConfig["key"] }); @@ -50,12 +52,13 @@ } $(document).ready(function () { console.log("READY"); + getCaptchaConfig(); $("#register").submit(function (e) { e.preventDefault(); var form = $(this); $.ajax({ type: "POST", - url: "/gui/register", + url: "/api/v1/user/register", data: form.serialize(), // serializes the form's elements. success: function (data) { window.location.href = "/gui/login"; @@ -66,13 +69,13 @@ $(e).html(""); }) if(data.status == 422) { - $.each(data.responseJSON, function( key, value ) { + $.each(data.responseJSON.data, function( key, value ) { $("#msg_"+key).html(value[0]); }); + } else { + swal(data.responseJSON.msg, '', "error") } - if(data.status == 401) { - alert("Usernamme/Password falsch"); - } + grecaptcha.reset(); } }); }); diff --git a/routes/web.php b/routes/web.php index cd94157..872e05d 100644 --- a/routes/web.php +++ b/routes/web.php @@ -49,6 +49,7 @@ $router->group(['prefix' => 'api', 'middleware' => 'auth'], function () use ($ro }); }); $router->post("api/v1/user/login", ['uses' => 'API\UserController@passwordLogin']); +$router->post("api/v1/user/register", ['uses' => 'API\UserController@register']); $router->get("api/v1/user/captcha", ['uses' => 'API\UserController@reCAPTCHA']); $router->get("api/v1/user/invites", ['uses' => 'API\UserController@getInviteCodeInfo']);