This repository has been archived on 2024-07-27. You can view files and clone it, but cannot push or open issues or pull requests.
keksAccount/app/Http/Controllers/GUI/AccountController.php
2019-04-24 18:46:41 +00:00

160 lines
4.8 KiB
PHP

<?php
namespace App\Http\Controllers\GUI;
use App\Exceptions\HTTPException;
use App\Http\Controllers\Controller;
use App\Http\Resources\oAuth\AccessToken;
use App\Jobs\Mails\ValidateMailAddressJob;
use App\Models\App;
use App\Models\AppAccess;
use App\Models\Invite;
use App\Models\Mail;
use App\Models\Setting;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class AccountController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
//
}
public function registerView(Request $request) {
$invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
if($invite != null) {
if($invite->status != "active") {
return view('error', ["msg"=>"Invite code invalide"]);
}
return view('account/register', ["msg"=>"", "username" => $invite->username, "invite"=>$invite->code]);
}
$setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
if(!$setting->value) {
return view('error', ["msg"=>"Registration is disabled"]);
} else {
return view('account/register', ["msg"=>"", "username" => "", "invite"=>$request->input("invite")]);
}
}
public function register(Request $request) {
$this->validate($request, [
'username' => 'required|max:255|min:5|regex:@^[a-z0-9]*$@|unique:users',
'password' => 'required|min:8',
'mail' => 'required|email|unique:mails'
]);
DB::beginTransaction();
$invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
if($invite != null) {
if($invite->status != "active") {
throw new HTTPException("Invite code invalide");
}
if(!empty($invite->username) && $request->input("username") != $invite->username) {
throw new HTTPException("Invalide username for invite");
}
} else {
$setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
if(!$setting->value) {
throw new HTTPException("400", "Registration disabled");
}
}
$user = new User();
$user->username = $request->input("username");
$user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);
//Make first user an admin
$count = User::query()->count("*");
if($count == 1) {
$user->admin = 1;
$user->developer = 1;
}
$user->saveOrFail();
$mail = new Mail();
$mail->createValidationToken();
$mail->mail = $request->input("mail");
$mail->primary = false;
$mail->status = "waiting";
$mail->user_id = $user->id;
$mail->saveOrFail();
$this->dispatch(new ValidateMailAddressJob($mail));
if($invite != null) {
$invite->status = "used";
$invite->saveOrFail();
}
DB::commit();
}
public function inviteView() {
return view('account/invite_code', ["msg"=>""]);
}
public function loginView() {
return view('account/login', ["msg"=>""]);
}
public function login(Request $request) {
$this->validate($request, [
'username' => 'required',
'password' => 'required'
]);
$user = User::query()->where("username", "=", $request->input("username"))->first();
if($user==null) {
abort(401, "Username or Password wrong");
}
if(!password_verify($request->input("password"), $user->password)) {
abort(401, "Username or Password wrong");
}
$access = AppAccess::getOrCreate($user->id, App::query()->where("name", "=", "PHP-GUI")->firstOrFail()->id);
$token = \App\Models\AccessToken::createToken($access);
$_SESSION["token"] = $token->token;
return new AccessToken($token);
}
public function logout() {
session_destroy();
return view('account/login', ["msg"=>"Logout successful", "user" => null]);
}
public function validateEMail($id, $code) {
$mail = Mail::query()->where("id", "=", $id)->firstOrFail();
if($mail->validation_code != $code) {
throw new \App\Exceptions\HTTPException(400, "Wrong validation code");
}
$mail->status = "valide";
$mail->primary = true;
$mails = Mail::query()->where("user_id", "=", $mail->user_id)->where("primary", "=", true)->get("*");
foreach($mails as $m) {
$m->primary = false;
$m->saveOrFail();
}
$mail->saveOrFail();
echo "E-Mail wurde validiert";
}
//
}