Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-08 19:24:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Password protection route with Microsoft OAuth

Browse Source
This commit is contained in:
David Bomba 2022-06-25 07:47:15 +10:00
parent a170c4a4d1
commit 3fbd1849b3
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
app/Http/Middleware/PasswordProtection.php
View File

@ -61,12 +61,26 @@ class PasswordProtection
}elseif( $request->header('X-API-OAUTH-PASSWORD') && strlen($request->header('X-API-OAUTH-PASSWORD')) >=1){ }elseif( $request->header('X-API-OAUTH-PASSWORD') && strlen($request->header('X-API-OAUTH-PASSWORD')) >=1){
$user = false;
//user is attempting to reauth with OAuth - check the token value //user is attempting to reauth with OAuth - check the token value
//todo expand this to include all OAuth providers //todo expand this to include all OAuth providers
$user = false; if(auth()->user()->oauth_provider_id == 'google')
$google = new Google(); {
$user = $google->getTokenResponse(request()->header('X-API-OAUTH-PASSWORD')); $user = false;
$google = new Google();
$user = $google->getTokenResponse(request()->header('X-API-OAUTH-PASSWORD'));
}
elseif(auth()->user()->oauth_provider_id == 'microsoft')
{
nlog(request()->header('X-API-OAUTH-PASSWORD'));
nlog(auth()->user()->oauth_user_token);
if(request()->header('X-API-OAUTH-PASSWORD') == auth()->user()->oauth_user_token){
Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout);
return $next($request);
}
}
if (is_array($user)) { if (is_array($user)) {
$query = [ $query = [