Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

enforce password protection across entire client portal if invoice passwords are required

Browse Source
This commit is contained in:
David Bomba 2022-11-23 12:26:52 +11:00
parent db3026df35
commit 15b4d17bcc
2 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/Console/Commands/DemoMode.php
View File

@ -22,6 +22,8 @@ use App\Jobs\Company\CreateCompanyTaskStatuses;
use App\Jobs\Ninja\CompanySizeCheck;
use App\Jobs\Util\VersionCheck;
use App\Models\Account;
use App\Models\BankIntegration;
use App\Models\BankTransaction;
use App\Models\Client;
use App\Models\ClientContact;
use App\Models\Company;
@ -223,6 +225,18 @@ class DemoMode extends Command
'company_id' => $company->id,
]);
$bi = BankIntegration::factory()->create([
'account_id' => $account->id,
'company_id' => $company->id,
'user_id' => $user->id,
]);
BankTransaction::factory()->count(50)->create([
'bank_integration_id' => $bi->id,
'user_id' => $user->id,
'company_id' => $company->id,
]);
$this->info('Creating '.$this->count.' clients');
for ($x = 0; $x < $this->count; $x++) {

19
app/Http/Middleware/ContactKeyLogin.php
View File

@ -41,6 +41,7 @@ class ContactKeyLogin
$request->session()->invalidate();
}
//magic links survive for 1 hour
if ($request->segment(2) && $request->segment(2) == 'magic_link' && $request->segment(3)) {
$payload = Cache::get($request->segment(3));
@ -66,7 +67,11 @@ class ContactKeyLogin
}
} elseif ($request->segment(3) && config('ninja.db.multi_db_enabled')) {
if (MultiDB::findAndSetDbByContactKey($request->segment(3))) {
if ($client_contact = ClientContact::where('contact_key', $request->segment(3))->first()) {
if ($client_contact = ClientContact::with('company')->where('contact_key', $request->segment(3))->first()) {
if($client_contact->company->settings->enable_client_portal_password)
return redirect()->route('client.login', ['company_key' => $client_contact->company->company_key]);
if (empty($client_contact->email)) {
$client_contact->email = Str::random(6).'@example.com';
}
@ -82,7 +87,11 @@ class ContactKeyLogin
}
}
} elseif ($request->segment(2) && $request->segment(2) == 'key_login' && $request->segment(3)) {
if ($client_contact = ClientContact::where('contact_key', $request->segment(3))->first()) {
if ($client_contact = ClientContact::with('company')->where('contact_key', $request->segment(3))->first()) {
if($client_contact->company->settings->enable_client_portal_password)
return redirect()->route('client.login', ['company_key' => $client_contact->company->company_key]);
if (empty($client_contact->email)) {
$client_contact->email = Str::random(6).'@example.com';
$client_contact->save();
@ -125,7 +134,11 @@ class ContactKeyLogin
return redirect($this->setRedirectPath());
}
} elseif ($request->segment(3)) {
if ($client_contact = ClientContact::where('contact_key', $request->segment(3))->first()) {
if ($client_contact = ClientContact::with('company')->where('contact_key', $request->segment(3))->first()) {
if($client_contact->company->settings->enable_client_portal_password)
return redirect()->route('client.login', ['company_key' => $client_contact->company->company_key]);
if (empty($client_contact->email)) {
$client_contact->email = Str::random(6).'@example.com';
$client_contact->save();