Working on contact auth using contact key

2025-05-24 02:14:21 -04:00 · 2020-09-23 11:45:07 +10:00 · 2020-09-23 11:45:07 +10:00 · 0e5199e052
commit 0e5199e052
parent 3b06d5b7d7
6 changed files with 109 additions and 0 deletions
--- a/app/Http/Controllers/Auth/ContactLoginController.php
+++ b/app/Http/Controllers/Auth/ContactLoginController.php
@ -80,4 +80,5 @@ class ContactLoginController extends Controller

        return redirect('/client/login');
    }
+
 }
--- a/app/Http/Controllers/ClientPortal/ContactHashLoginController.php
+++ b/app/Http/Controllers/ClientPortal/ContactHashLoginController.php
@ -0,0 +1,35 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+namespace App\Http\Controllers\ClientPortal;
+
+use App\Http\Controllers\Controller;
+use Auth;
+use Illuminate\Http\Request;
+
+class ContactHashLoginController extends Controller
+{
+
+    /**
+     * Logs a user into the client portal using their contact_key
+     * @param  string $contact_key  The contact key
+     * @return Auth|Redirect
+     */
+    public function login(string $contact_key)
+    {
+
+        return redirect('/client/login');
+
+    }
+
+}
+    
+
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -117,5 +117,6 @@ class Kernel extends HttpKernel
        'contact.register' => \App\Http\Middleware\ContactRegister::class,
        'shop_token_auth' => \App\Http\Middleware\Shop\ShopTokenAuth::class,
        'phantom_secret' => \App\Http\Middleware\PhantomSecret::class,
+        'contact_key_login' => \App\Http\Middleware\ContactKeyLogin::class,
    ];
 }
--- a/app/Http/Middleware/ContactKeyLogin.php
+++ b/app/Http/Middleware/ContactKeyLogin.php
@ -0,0 +1,56 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+namespace App\Http\Middleware;
+
+use App\Libraries\MultiDB;
+use App\Models\ClientContact;
+use App\Models\CompanyToken;
+use Closure;
+use Auth;
+
+class ContactKeyLogin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+info("key login = " . $request->input('contact_key'));
+
+        if ($request->has('contact_key') && config('ninja.db.multi_db_enabled')) {
+
+            if (MultiDB::findAndSetDbByContactKey($request->input('contact_key'))) {
+                
+                $client_contact = ClientContact::where('contact_key', $request->input('contact_key'))->first();
+                Auth::guard('contact')->login($client_contact, true);
+                return redirect()->to('client/dashboard');
+
+            }
+
+        } 
+        else if ($request->has('contact_key')) {
+
+            if($client_contact = ClientContact::where('contact_key', $request->input('contact_key'))->first()){
+                Auth::guard('contact')->login($client_contact, true);
+                return redirect()->to('client/dashboard');
+            }
+
+        }
+
+        return $next($request);
+    }
+}
--- a/app/Libraries/MultiDB.php
+++ b/app/Libraries/MultiDB.php
@ -195,6 +195,20 @@ class MultiDB
        return false;
    }

+    public static function findAndSetDbByContactKey($contact_key) :bool
+    {
+        foreach (self::$dbs as $db) {
+            if ($client_contact = ClientContact::on($db)->where('contact_key', $contact_key)->first()) {
+                self::setDb($client_contact->company->db);
+
+                return true;
+            }
+        }
+
+        return false;        
+    }
+
+
    public static function findAndSetDbByDomain($subdomain) :bool
    {
        foreach (self::$dbs as $db) {
--- a/routes/client.php
+++ b/routes/client.php
@ -19,6 +19,8 @@ Route::get('view/{entity_type}/{invitation_key}', 'ClientPortal\EntityViewContro
 Route::get('view/{entity_type}/{invitation_key}/password', 'ClientPortal\EntityViewController@password')->name('client.entity_view.password');
 Route::post('view/{entity_type}/{invitation_key}/password', 'ClientPortal\EntityViewController@handlePassword');

+Route::get('client/key_login/{contact_key}', 'ClientPortal\ContactHashLoginController@login')->name('client.contact_login')->middleware(['contact_key_login']);
+
 //todo implement domain DB
 Route::group(['middleware' => ['auth:contact', 'locale'], 'prefix' => 'client', 'as' => 'client.'], function () {
    Route::get('dashboard', 'ClientPortal\DashboardController@index')->name('dashboard'); // name = (dashboard. index / create / show / update / destroy / edit