Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Enabled registering through the API

Browse Source
This commit is contained in:
Hillel Coren 2016-03-08 23:22:59 +02:00
parent bfe3262024
commit 6aafb9154d
5 changed files with 59 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/Http/Controllers/AccountApiController.php
View File

@ -19,6 +19,8 @@ use App\Ninja\Transformers\UserAccountTransformer;
use App\Http\Controllers\BaseAPIController; use App\Http\Controllers\BaseAPIController;
use Swagger\Annotations as SWG; use Swagger\Annotations as SWG;
use App\Events\UserSignedUp;
use App\Http\Requests\RegisterRequest;
use App\Http\Requests\UpdateAccountRequest; use App\Http\Requests\UpdateAccountRequest;
class AccountApiController extends BaseAPIController class AccountApiController extends BaseAPIController
@ -32,13 +34,19 @@ class AccountApiController extends BaseAPIController
$this->accountRepo = $accountRepo; $this->accountRepo = $accountRepo;
} }
public function register(RegisterRequest $request)
{
$account = $this->accountRepo->create($request->first_name, $request->last_name, $request->email, $request->password);
$user = $account->users()->first();
Auth::login($user, true);
event(new UserSignedUp());
return $this->processLogin($request);
}
public function login(Request $request) public function login(Request $request)
{ {
if ( ! env(API_SECRET) || $request->api_secret !== env(API_SECRET)) {
sleep(ERROR_DELAY);
return $this->errorResponse(['message'=>'Invalid secret'],401);
}
if (Auth::attempt(['email' => $request->email, 'password' => $request->password])) { if (Auth::attempt(['email' => $request->email, 'password' => $request->password])) {
return $this->processLogin($request); return $this->processLogin($request);
} else { } else {

4
app/Http/Controllers/AccountController.php
View File

@ -26,7 +26,7 @@ use App\Ninja\Repositories\AccountRepository;
use App\Ninja\Repositories\ReferralRepository; use App\Ninja\Repositories\ReferralRepository;
use App\Ninja\Mailers\UserMailer; use App\Ninja\Mailers\UserMailer;
use App\Ninja\Mailers\ContactMailer; use App\Ninja\Mailers\ContactMailer;
use App\Events\UserLoggedIn; use App\Events\UserSignedUp;
use App\Events\UserSettingsChanged; use App\Events\UserSettingsChanged;
use App\Services\AuthService; use App\Services\AuthService;
@ -100,7 +100,7 @@ class AccountController extends BaseController
} }
Auth::login($user, true); Auth::login($user, true);
event(new UserLoggedIn()); event(new UserSignedUp());
$redirectTo = Input::get('redirect_to') ?: 'invoices/create'; $redirectTo = Input::get('redirect_to') ?: 'invoices/create';

10
app/Http/Middleware/ApiCheck.php
View File

@ -21,11 +21,15 @@ class ApiCheck {
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
$loggingIn = $request->is('api/v1/login'); $loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register');
$headers = Utils::getApiHeaders(); $headers = Utils::getApiHeaders();
if ($loggingIn) { if ($loggingIn) {
// do nothing // check API secret
if ( ! $request->api_secret || ! env(API_SECRET) || ! hash_equals($request->api_secret, env(API_SECRET))) {
sleep(ERROR_DELAY);
return Response::json('Invalid secret', 403, $headers);
}
} else { } else {
// check for a valid token // check for a valid token
$token = AccountToken::where('token', '=', Request::header('X-Ninja-Token'))->first(['id', 'user_id']); $token = AccountToken::where('token', '=', Request::header('X-Ninja-Token'))->first(['id', 'user_id']);
@ -34,7 +38,7 @@ class ApiCheck {
Auth::loginUsingId($token->user_id); Auth::loginUsingId($token->user_id);
Session::set('token_id', $token->id); Session::set('token_id', $token->id);
} else { } else {
sleep(3); sleep(ERROR_DELAY);
return Response::json('Invalid token', 403, $headers); return Response::json('Invalid token', 403, $headers);
} }
} }

35
app/Http/Requests/RegisterRequest.php Normal file
View File

@ -0,0 +1,35 @@
<?php namespace app\Http\Requests;
use Auth;
use App\Http\Requests\Request;
use Illuminate\Validation\Factory;
class RegisterRequest extends Request
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
$rules = [
'email' => 'required|unique:users',
'first_name' => 'required',
'last_name' => 'required',
'password' => 'required',
];
return $rules;
}
}

2
app/Http/routes.php
View File

@ -48,6 +48,7 @@ Route::group(['middleware' => 'auth:client'], function() {
Route::get('client/payments', 'PublicClientController@paymentIndex'); Route::get('client/payments', 'PublicClientController@paymentIndex');
Route::get('client/dashboard', 'PublicClientController@dashboard'); Route::get('client/dashboard', 'PublicClientController@dashboard');
}); });
Route::get('api/client.quotes', array('as'=>'api.client.quotes', 'uses'=>'PublicClientController@quoteDatatable')); Route::get('api/client.quotes', array('as'=>'api.client.quotes', 'uses'=>'PublicClientController@quoteDatatable'));
Route::get('api/client.invoices', array('as'=>'api.client.invoices', 'uses'=>'PublicClientController@invoiceDatatable')); Route::get('api/client.invoices', array('as'=>'api.client.invoices', 'uses'=>'PublicClientController@invoiceDatatable'));
Route::get('api/client.payments', array('as'=>'api.client.payments', 'uses'=>'PublicClientController@paymentDatatable')); Route::get('api/client.payments', array('as'=>'api.client.payments', 'uses'=>'PublicClientController@paymentDatatable'));
@ -226,6 +227,7 @@ Route::group(['middleware' => 'api', 'prefix' => 'api/v1'], function()
{ {
Route::get('ping', 'ClientApiController@ping'); Route::get('ping', 'ClientApiController@ping');
Route::post('login', 'AccountApiController@login'); Route::post('login', 'AccountApiController@login');
Route::get('register', 'AccountApiController@register');
Route::get('static', 'AccountApiController@getStaticData'); Route::get('static', 'AccountApiController@getStaticData');
Route::get('accounts', 'AccountApiController@show'); Route::get('accounts', 'AccountApiController@show');
Route::put('accounts', 'AccountApiController@update'); Route::put('accounts', 'AccountApiController@update');