161 lines
4.8 KiB
PHP
161 lines
4.8 KiB
PHP
|
<?php
|
||
|
|
||
|
namespace App\Http\Controllers\GUI;
|
||
|
|
||
|
use App\Exceptions\HTTPException;
|
||
|
use App\Http\Controllers\Controller;
|
||
|
use App\Http\Resources\oAuth\AccessToken;
|
||
|
use App\Jobs\Mails\ValidateMailAddressJob;
|
||
|
use App\Models\App;
|
||
|
use App\Models\AppAccess;
|
||
|
use App\Models\Invite;
|
||
|
use App\Models\Mail;
|
||
|
use App\Models\Setting;
|
||
|
use App\Models\User;
|
||
|
use Illuminate\Http\Request;
|
||
|
use Illuminate\Support\Facades\DB;
|
||
|
|
||
|
class AccountController extends Controller
|
||
|
{
|
||
|
/**
|
||
|
* Create a new controller instance.
|
||
|
*
|
||
|
* @return void
|
||
|
*/
|
||
|
public function __construct()
|
||
|
{
|
||
|
//
|
||
|
}
|
||
|
|
||
|
public function registerView(Request $request) {
|
||
|
$invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
|
||
|
if($invite != null) {
|
||
|
if($invite->status != "active") {
|
||
|
return view('error', ["msg"=>"Invite code invalide"]);
|
||
|
}
|
||
|
return view('account/register', ["msg"=>"", "username" => $invite->username, "invite"=>$invite->code]);
|
||
|
}
|
||
|
$setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
|
||
|
if(!$setting->value) {
|
||
|
return view('error', ["msg"=>"Registration is disabled"]);
|
||
|
} else {
|
||
|
return view('account/register', ["msg"=>"", "username" => "", "invite"=>$request->input("invite")]);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
public function register(Request $request) {
|
||
|
$this->validate($request, [
|
||
|
'username' => 'required|max:255|min:5|regex:@^[a-z0-9]*$@|unique:users',
|
||
|
'password' => 'required|min:8',
|
||
|
'mail' => 'required|email|unique:mails'
|
||
|
]);
|
||
|
|
||
|
DB::beginTransaction();
|
||
|
$invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
|
||
|
if($invite != null) {
|
||
|
if($invite->status != "active") {
|
||
|
throw new HTTPException("Invite code invalide");
|
||
|
}
|
||
|
if(!empty($invite->username) && $request->input("username") != $invite->username) {
|
||
|
throw new HTTPException("Invalide username for invite");
|
||
|
}
|
||
|
|
||
|
} else {
|
||
|
$setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
|
||
|
if(!$setting->value) {
|
||
|
throw new HTTPException("400", "Registration disabled");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
|
||
|
$user = new User();
|
||
|
$user->username = $request->input("username");
|
||
|
$user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);
|
||
|
|
||
|
//Make first user an admin
|
||
|
$count = User::query()->count("*");
|
||
|
if($count == 1) {
|
||
|
$user->admin = 1;
|
||
|
$user->developer = 1;
|
||
|
}
|
||
|
|
||
|
$user->saveOrFail();
|
||
|
|
||
|
$mail = new Mail();
|
||
|
$mail->createValidationToken();
|
||
|
$mail->mail = $request->input("mail");
|
||
|
$mail->primary = false;
|
||
|
$mail->status = "waiting";
|
||
|
$mail->user_id = $user->id;
|
||
|
|
||
|
$mail->saveOrFail();
|
||
|
|
||
|
$this->dispatch(new ValidateMailAddressJob($mail));
|
||
|
|
||
|
if($invite != null) {
|
||
|
$invite->status = "used";
|
||
|
$invite->saveOrFail();
|
||
|
}
|
||
|
|
||
|
DB::commit();
|
||
|
}
|
||
|
|
||
|
public function inviteView() {
|
||
|
return view('account/invite_code', ["msg"=>""]);
|
||
|
}
|
||
|
|
||
|
public function loginView() {
|
||
|
return view('account/login', ["msg"=>""]);
|
||
|
}
|
||
|
public function login(Request $request) {
|
||
|
$this->validate($request, [
|
||
|
'username' => 'required',
|
||
|
'password' => 'required'
|
||
|
]);
|
||
|
|
||
|
$user = User::query()->where("username", "=", $request->input("username"))->first();
|
||
|
if($user==null) {
|
||
|
abort(401, "Username or Password wrong");
|
||
|
}
|
||
|
|
||
|
if(!password_verify($request->input("password"), $user->password)) {
|
||
|
abort(401, "Username or Password wrong");
|
||
|
}
|
||
|
|
||
|
$access = AppAccess::getOrCreate($user->id, App::query()->where("name", "=", "PHP-GUI")->firstOrFail()->id);
|
||
|
$token = \App\Models\AccessToken::createToken($access);
|
||
|
$_SESSION["token"] = $token->token;
|
||
|
|
||
|
return new AccessToken($token);
|
||
|
}
|
||
|
public function logout() {
|
||
|
session_destroy();
|
||
|
return view('account/login', ["msg"=>"Logout successful", "user" => null]);
|
||
|
|
||
|
}
|
||
|
|
||
|
public function validateEMail($id, $code) {
|
||
|
$mail = Mail::query()->where("id", "=", $id)->firstOrFail();
|
||
|
if($mail->validation_code != $code) {
|
||
|
throw new \App\Exceptions\HTTPException(400, "Wrong validation code");
|
||
|
}
|
||
|
|
||
|
$mail->status = "valide";
|
||
|
$mail->primary = true;
|
||
|
|
||
|
$mails = Mail::query()->where("user_id", "=", $mail->user_id)->where("primary", "=", true)->get("*");
|
||
|
foreach($mails as $m) {
|
||
|
$m->primary = false;
|
||
|
$m->saveOrFail();
|
||
|
}
|
||
|
|
||
|
$mail->saveOrFail();
|
||
|
echo "E-Mail wurde validiert";
|
||
|
}
|
||
|
|
||
|
|
||
|
|
||
|
//
|
||
|
}
|