Merge branch 'v5-develop' of https://github.com/turbo124/invoiceninja into v5-develop

2025-07-09 03:14:30 -04:00 · 2021-12-13 18:19:06 +11:00 · 2021-12-13 18:19:06 +11:00 · 106cfbd6d5
commit 106cfbd6d5
parent d8bdf23f8f c6a42b2a90
8 changed files with 50 additions and 21 deletions
--- a/app/Filters/ExpenseFilters.php
+++ b/app/Filters/ExpenseFilters.php
@ -37,7 +37,6 @@ class ExpenseFilters extends QueryFilters

        return  $this->builder->where(function ($query) use ($filter) {
            $query->where('expenses.public_notes', 'like', '%'.$filter.'%')
-                          ->orWhere('expenses.id_number', 'like', '%'.$filter.'%')
                          ->orWhere('expenses.custom_value1', 'like', '%'.$filter.'%')
                          ->orWhere('expenses.custom_value2', 'like', '%'.$filter.'%')
                          ->orWhere('expenses.custom_value3', 'like', '%'.$filter.'%')
--- a/app/Http/Controllers/Auth/ContactForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ContactForgotPasswordController.php
@ -98,9 +98,11 @@ class ContactForgotPasswordController extends Controller
        
        $this->validateEmail($request);

-        // $company = Company::where('company_key', $request->input('company_key'))->first();
-        // $contact = ClientContact::where(['company_id' => $company->id, 'email' => $request->input('email')])->first();
-
+        if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first())
+        {
+            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
+        }
+        else
            $contact = ClientContact::where(['email' => $request->input('email')])->first();

        $response = false;
--- a/app/Http/Controllers/Auth/ContactLoginController.php
+++ b/app/Http/Controllers/Auth/ContactLoginController.php
@ -22,12 +22,14 @@ use Auth;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
 use Route;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Hash;

 class ContactLoginController extends Controller
 {
    use AuthenticatesUsers;

-    protected $redirectTo = '/client/dashboard';
+    protected $redirectTo = '/client/invoices';

    public function __construct()
    {
@ -80,8 +82,8 @@ class ContactLoginController extends Controller
    {
        Auth::shouldUse('contact');

-        if(Ninja::isHosted() && $request->session()->has('company_key'))
-            MultiDB::findAndSetDbByCompanyKey($request->session()->get('company_key'));
+        if(Ninja::isHosted() && $request->has('company_key'))
+            MultiDB::findAndSetDbByCompanyKey($request->input('company_key'));

        $this->validateLogin($request);
        // If the class is using the ThrottlesLogins trait, we can automatically throttle
@ -93,7 +95,16 @@ class ContactLoginController extends Controller

            return $this->sendLockoutResponse($request);
        }
-        if ($this->attemptLogin($request)) {
+
+        if(Ninja::isHosted() && $request->has('password') && $company = Company::where('company_key', $request->input('company_key'))->first()){
+
+            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
+
+            if(Hash::check($request->input('password'), $contact->password))
+                return $this->authenticated($request, $contact);
+
+        }
+        elseif ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }
        // If the login attempt was unsuccessful we will increment the number of attempts
@ -104,9 +115,24 @@ class ContactLoginController extends Controller
        return $this->sendFailedLoginResponse($request);
    }

+    protected function sendLoginResponse(Request $request)
+    {
+        $request->session()->regenerate();
+
+        $this->clearLoginAttempts($request);
+
+        if ($response = $this->authenticated($request, $this->guard()->user())) {
+            return $response;
+        }
+
+        return $request->wantsJson()
+                    ? new JsonResponse([], 204)
+                    : redirect()->intended($this->redirectPath());
+    }
+
    public function authenticated(Request $request, ClientContact $client)
    {
-        Auth::guard('contact')->loginUsingId($client->id, true);
+        auth()->guard('contact')->loginUsingId($client->id, true);

        event(new ContactLoggedIn($client, $client->company, Ninja::eventVars()));

--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -72,7 +72,7 @@ class Kernel extends HttpKernel
        ConvertEmptyStringsToNull::class,
        TrustProxies::class,
        // \Fruitcake\Cors\HandleCors::class,
-        // Cors::class,
+        Cors::class,

    ];

@ -95,7 +95,6 @@ class Kernel extends HttpKernel
        'api' => [
            'throttle:300,1',
            'bindings',
-            'cors',
            'query_logging',
        ],
        'contact' => [
@ -117,7 +116,6 @@ class Kernel extends HttpKernel
            'throttle:120,1',
            'bindings',
            'query_logging',
-            'cors',
        ],
    ];

--- a/app/Http/Livewire/CreditsTable.php
+++ b/app/Http/Livewire/CreditsTable.php
@ -42,8 +42,8 @@ class CreditsTable extends Component
            ->where('is_deleted', 0)
            ->where(function ($query){
                $query->whereDate('due_date', '>=', now())
-                      ->orWhereNull('due_date')
-                      ->orWhere('due_date', '=', '');
+                      ->orWhereNull('due_date');
+                      //->orWhere('due_date', '=', '');
            })
            ->orderBy($this->sort_field, $this->sort_asc ? 'asc' : 'desc')
            ->withTrashed()
--- a/app/Http/Middleware/CheckClientExistence.php
+++ b/app/Http/Middleware/CheckClientExistence.php
@ -28,8 +28,9 @@ class CheckClientExistence
     */
    public function handle(Request $request, Closure $next)
    {
+
        $multiple_contacts = ClientContact::query()
-            ->with('client.gateway_tokens')
+            ->with('client.gateway_tokens','company')
            ->where('email', auth('contact')->user()->email)
            ->whereNotNull('email')
            ->where('email', '<>', '')
@ -38,9 +39,9 @@ class CheckClientExistence
            ->distinct('email')
            ->whereNotNull('company_id')
            ->whereHas('client', function ($query) {
-                return $query->whereNull('deleted_at');
+                return $query->where('is_deleted', false);
            })
-            ->whereHas('client.company', function ($query){
+            ->whereHas('company', function ($query){
                return $query->where('account_id', auth('contact')->user()->client->company->account->id);
            })
            ->get();
--- a/app/Http/Middleware/ContactRegister.php
+++ b/app/Http/Middleware/ContactRegister.php
@ -37,7 +37,6 @@ class ContactRegister
                if(! $company->client_can_register)
                    abort(400, 'Registration disabled');

-               // $request->merge(['key' => $company->company_key]);
                    session()->put('key', $company->company_key);

                return $next($request);
--- a/resources/views/portal/ninja2020/auth/register.blade.php
+++ b/resources/views/portal/ninja2020/auth/register.blade.php
@ -11,6 +11,10 @@
            <p class="block text-center text-gray-600">{{ ctrans('texts.register_label') }}</p>

            <form action="{{ route('client.register', request()->route('company_key')) }}" method="POST" x-data="{ more: false }">
+                @if($company)
+                <input type="hidden" name="company_key" value="{{ $company->company_key }}">
+                @endif
+
                @csrf

                <div class="grid grid-cols-12 gap-4 mt-10">