Merge branch 'v5-develop' of https://github.com/turbo124/invoiceninja into v5-develop

app/Filters/ExpenseFilters.php

@@ -37,7 +37,6 @@ class ExpenseFilters extends QueryFilters
 
         return  $this->builder->where(function ($query) use ($filter) {
             $query->where('expenses.public_notes', 'like', '%'.$filter.'%')
-                          ->orWhere('expenses.id_number', 'like', '%'.$filter.'%')
                           ->orWhere('expenses.custom_value1', 'like', '%'.$filter.'%')
                           ->orWhere('expenses.custom_value2', 'like', '%'.$filter.'%')
                           ->orWhere('expenses.custom_value3', 'like', '%'.$filter.'%')

app/Http/Controllers/Auth/ContactForgotPasswordController.php

@@ -98,10 +98,12 @@ class ContactForgotPasswordController extends Controller
         
         $this->validateEmail($request);
 
-        // $company = Company::where('company_key', $request->input('company_key'))->first();
-        // $contact = ClientContact::where(['company_id' => $company->id, 'email' => $request->input('email')])->first();
-
-        $contact = ClientContact::where(['email' => $request->input('email')])->first();
+        if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first())
+        {
+            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
+        }
+        else
+            $contact = ClientContact::where(['email' => $request->input('email')])->first();
 
         $response = false;
 

app/Http/Controllers/Auth/ContactLoginController.php

@@ -22,12 +22,14 @@ use Auth;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
 use Route;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Hash;
 
 class ContactLoginController extends Controller
 {
     use AuthenticatesUsers;
 
-    protected $redirectTo = '/client/dashboard';
+    protected $redirectTo = '/client/invoices';
 
     public function __construct()
     {
@@ -80,8 +82,8 @@ class ContactLoginController extends Controller
     {
         Auth::shouldUse('contact');
 
-        if(Ninja::isHosted() && $request->session()->has('company_key'))
-            MultiDB::findAndSetDbByCompanyKey($request->session()->get('company_key'));
+        if(Ninja::isHosted() && $request->has('company_key'))
+            MultiDB::findAndSetDbByCompanyKey($request->input('company_key'));
 
         $this->validateLogin($request);
         // If the class is using the ThrottlesLogins trait, we can automatically throttle
@@ -93,7 +95,16 @@ class ContactLoginController extends Controller
 
             return $this->sendLockoutResponse($request);
         }
-        if ($this->attemptLogin($request)) {
+
+        if(Ninja::isHosted() && $request->has('password') && $company = Company::where('company_key', $request->input('company_key'))->first()){
+
+            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
+
+            if(Hash::check($request->input('password'), $contact->password))
+                return $this->authenticated($request, $contact);
+
+        }
+        elseif ($this->attemptLogin($request)) {
             return $this->sendLoginResponse($request);
         }
         // If the login attempt was unsuccessful we will increment the number of attempts
@@ -104,9 +115,24 @@ class ContactLoginController extends Controller
         return $this->sendFailedLoginResponse($request);
     }
 
+    protected function sendLoginResponse(Request $request)
+    {
+        $request->session()->regenerate();
+
+        $this->clearLoginAttempts($request);
+
+        if ($response = $this->authenticated($request, $this->guard()->user())) {
+            return $response;
+        }
+
+        return $request->wantsJson()
+                    ? new JsonResponse([], 204)
+                    : redirect()->intended($this->redirectPath());
+    }
+
     public function authenticated(Request $request, ClientContact $client)
     {
-        Auth::guard('contact')->loginUsingId($client->id, true);
+        auth()->guard('contact')->loginUsingId($client->id, true);
 
         event(new ContactLoggedIn($client, $client->company, Ninja::eventVars()));
 

app/Http/Kernel.php

@@ -72,7 +72,7 @@ class Kernel extends HttpKernel
         ConvertEmptyStringsToNull::class,
         TrustProxies::class,
         // \Fruitcake\Cors\HandleCors::class,
-        // Cors::class,
+        Cors::class,
 
     ];
 
@@ -95,7 +95,6 @@ class Kernel extends HttpKernel
         'api' => [
             'throttle:300,1',
             'bindings',
-            'cors',
             'query_logging',
         ],
         'contact' => [
@@ -117,7 +116,6 @@ class Kernel extends HttpKernel
             'throttle:120,1',
             'bindings',
             'query_logging',
-            'cors',
         ],
     ];
 

app/Http/Livewire/CreditsTable.php

@@ -42,8 +42,8 @@ class CreditsTable extends Component
             ->where('is_deleted', 0)
             ->where(function ($query){
                 $query->whereDate('due_date', '>=', now())
-                      ->orWhereNull('due_date')
-                      ->orWhere('due_date', '=', '');
+                      ->orWhereNull('due_date');
+                      //->orWhere('due_date', '=', '');
             })
             ->orderBy($this->sort_field, $this->sort_asc ? 'asc' : 'desc')
             ->withTrashed()

app/Http/Middleware/CheckClientExistence.php

@@ -28,8 +28,9 @@ class CheckClientExistence
      */
     public function handle(Request $request, Closure $next)
     {
+
         $multiple_contacts = ClientContact::query()
-            ->with('client.gateway_tokens')
+            ->with('client.gateway_tokens','company')
             ->where('email', auth('contact')->user()->email)
             ->whereNotNull('email')
             ->where('email', '<>', '')
@@ -38,9 +39,9 @@ class CheckClientExistence
             ->distinct('email')
             ->whereNotNull('company_id')
             ->whereHas('client', function ($query) {
-                return $query->whereNull('deleted_at');
+                return $query->where('is_deleted', false);
             })
-            ->whereHas('client.company', function ($query){
+            ->whereHas('company', function ($query){
                 return $query->where('account_id', auth('contact')->user()->client->company->account->id);
             })
             ->get();

app/Http/Middleware/ContactRegister.php

@@ -37,15 +37,14 @@ class ContactRegister
                 if(! $company->client_can_register)
                     abort(400, 'Registration disabled');
 
-               // $request->merge(['key' => $company->company_key]);
-                session()->put('key', $company->company_key);
+                    session()->put('key', $company->company_key);
 
                 return $next($request);
             }
 
         }
 
-       $query = [
+        $query = [
             'portal_domain' => $request->getSchemeAndHttpHost(),
             'portal_mode' => 'domain',
         ];

resources/views/portal/ninja2020/auth/register.blade.php

@@ -11,6 +11,10 @@
             <p class="block text-center text-gray-600">{{ ctrans('texts.register_label') }}</p>
 
             <form action="{{ route('client.register', request()->route('company_key')) }}" method="POST" x-data="{ more: false }">
+                @if($company)
+                <input type="hidden" name="company_key" value="{{ $company->company_key }}">
+                @endif
+
                 @csrf
 
                 <div class="grid grid-cols-12 gap-4 mt-10">