keksAccount/app/Http/Controllers/API/UserController.php

<?php


namespace App\Http\Controllers\API;

use App\Exceptions\HTTPException;
use App\Exceptions\NoPermissionException;
use App\Exceptions\NotLoggedInException;
use App\Exceptions\ResourceNotFound;
use App\Http\Resources\oAuth\AccessToken;
use App\Jobs\Mails\ValidateMailAddressJob;
use App\Models\App;
use App\Models\AppAccess;
use App\Models\Invite;
use App\Models\Mail;
use App\Models\Setting;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Laravel\Lumen\Routing\Controller as BaseController;
use ReCaptcha\ReCaptcha;
use TaGeSo\APIResponse\Response;

class UserController extends BaseController
{
    /*
     * The Password login is just for the WebGUI
     */
    public function passwordLogin(Request $request, Response $response)
    {
        //If Recptache is enabled check it at the beginning
        if(Setting::getSettingValue("recaptcha_v2_login")) {
            $reCaptcha = new ReCaptcha(Setting::getSettingValue("recaptcha_v2_secret"));
            $response = $reCaptcha->verify($request->input("g-recaptcha-response"));

            if(!$response->isSuccess()) {
                throw new HTTPException(400, "Captcha validation failed");
            }
        }


        //Validate Input
        $this->validate($request, [
            'username' => 'required',
            'password' => 'required'
        ]);

        //Get User
        $user = User::query()->where("username", "=", $request->input("username"))->first();

        //Check if a user is found
        if($user == null) {
            throw new HTTPException("400", "Username or Password wrong");
        }

        if(!password_verify($request->input("password"), $user->password)) {
            throw new HTTPException("400", "Username or Password wrong");
        }

        //Create Access Permission for WebGUI
        $access = AppAccess::getOrCreate($user->id, App::query()->where("name", "=", "PHP-GUI")->firstOrFail()->id);
        $token = \App\Models\AccessToken::createToken($access);

        //Save Token to Session
        $_SESSION["token"] = $token->token;

        return new AccessToken($token);
    }

    public function register(Request $request, Response $response) {
        //If Recptache is enabled check it at the beginning
        if(Setting::getSettingValue("recaptcha_v2_register")) {
            $reCaptcha = new ReCaptcha(Setting::getSettingValue("recaptcha_v2_secret"));
            $captchaResponse = $reCaptcha->verify($request->input("g-recaptcha-response"));

            if(!$captchaResponse->isSuccess()) {
                throw new HTTPException(400, "Captcha validation failed");
            }
        }

        $invite = Invite::query()->where("code", "=", $request->input("invite"))->first();
        if($invite != null) {
            if($invite->status != "active") {
                throw new HTTPException("Invite code invalide");
            }
            if(!empty($invite->username) && $request->input("username") != $invite->username) {
                throw new HTTPException("Invalide username for invite");
            }

        } else {
            $setting = Setting::query()->where("name", "=", "registration_possible")->firstOrFail();
            if(!$setting->value) {
                throw  new HTTPException("400", "Registration disabled");
            }
        }

        $this->validate($request, [
            'username' => 'required|max:255|min:5|regex:@^[a-z0-9]*$@|unique:users',
            'password' => 'required|min:8',
            'mail' => 'required|email|unique:mails'
        ]);

        DB::beginTransaction();

        $user = new User();
        $user->username = $request->input("username");
        $user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);

        if($invite != null) {
            $user->inviteCode = $invite->code;
        }

        //Make first user an admin
        $count = User::query()->count("*");
        if($count == 1) {
            $user->admin = 1;
            $user->developer = 1;
        }

        $user->saveOrFail();

        $mail = new Mail();
        $mail->createValidationToken();
        $mail->mail = $request->input("mail");
        $mail->primary = false;
        $mail->status = "waiting";
        $mail->user_id = $user->id;

        $mail->saveOrFail();

        $this->dispatch(new ValidateMailAddressJob($mail));

        if($invite != null) {
            $invite->status = "used";
            $invite->saveOrFail();
        }

        DB::commit();

        return $response->withData(new \App\Http\Resources\API\User($user));
    }

    /*
     * Return Captcha Settings used by the public webpage bevore the user is loggedin
     */
    public function reCAPTCHA(Response $response) {
        $data = [];
        $data["key"] = Setting::getSettingValue("recaptcha_v2_key");
        $data["login"] = (bool)Setting::getSettingValue("recaptcha_v2_login");
        $data["register"] = (bool)Setting::getSettingValue("recaptcha_v2_register");
        return $response->withData($data);
    }

    public function getInviteCodeInfo(Request $request, Response $response) {
        $data = [];
        $invite = Invite::query()->where("code", "=", $request->input("code"))->first();

        if($invite == null) {
            throw new ResourceNotFound();
        }

        $usable = false;
        if($invite->status == "active") {
            $usable = true;
        }
        $data["usable"] = $usable;
        #$data["status"] = $invite->status;
        $data["username"] = $invite->username;

        return $response->withData($data);
    }
}