Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Clean up for Login Controller

Browse Source
This commit is contained in:
David Bomba 2023-03-13 17:55:33 +11:00
parent 8ea6044555
commit 820995e262
2 changed files with 58 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
app/Http/Controllers/Auth/LoginController.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Invoice Ninja (https://invoiceninja.com). * Invoice Ninja (https://invoiceninja.com).
* *
@ -15,7 +16,6 @@ use App\DataMapper\Analytics\LoginFailure;
use App\DataMapper\Analytics\LoginSuccess; use App\DataMapper\Analytics\LoginSuccess;
use App\Events\User\UserLoggedIn; use App\Events\User\UserLoggedIn;
use App\Http\Controllers\BaseController; use App\Http\Controllers\BaseController;
use App\Http\Controllers\Controller;
use App\Http\Requests\Login\LoginRequest; use App\Http\Requests\Login\LoginRequest;
use App\Jobs\Account\CreateAccount; use App\Jobs\Account\CreateAccount;
use App\Jobs\Company\CreateCompanyToken; use App\Jobs\Company\CreateCompanyToken;
@ -23,8 +23,6 @@ use App\Libraries\MultiDB;
use App\Libraries\OAuth\OAuth; use App\Libraries\OAuth\OAuth;
use App\Libraries\OAuth\Providers\Google; use App\Libraries\OAuth\Providers\Google;
use App\Models\Account; use App\Models\Account;
use App\Models\Client;
use App\Models\Company;
use App\Models\CompanyToken; use App\Models\CompanyToken;
use App\Models\CompanyUser; use App\Models\CompanyUser;
use App\Models\User; use App\Models\User;
@ -38,7 +36,6 @@ use Illuminate\Database\Eloquent\Builder;
use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache;
use Laravel\Socialite\Facades\Socialite; use Laravel\Socialite\Facades\Socialite;
use Microsoft\Graph\Model; use Microsoft\Graph\Model;
use PragmaRX\Google2FA\Google2FA; use PragmaRX\Google2FA\Google2FA;
@ -46,18 +43,7 @@ use Turbo124\Beacon\Facades\LightLogs;
class LoginController extends BaseController class LoginController extends BaseController
{ {
/**
* @OA\Tag(
* name="login",
* description="Authentication",
* @OA\ExternalDocumentation(
* description="Find out more",
* url="https://invoiceninja.github.io"
* )
* )
*/
use AuthenticatesUsers; use AuthenticatesUsers;
use UserSessionAttributes; use UserSessionAttributes;
use LoginCache; use LoginCache;
@ -89,7 +75,7 @@ class LoginController extends BaseController
* @param Request $request * @param Request $request
* @param User $user * @param User $user
* @return void * @return void
* deprecated .1 API ONLY we don't need to set any session variables * @deprecated .1 API ONLY we don't need to set any session variables
*/ */
public function authenticated(Request $request, User $user): void public function authenticated(Request $request, User $user): void
{ {
@ -99,63 +85,8 @@ class LoginController extends BaseController
/** /**
* Login via API. * Login via API.
* *
* @param Request $request The request * @param LoginRequest $request The request
*
* @return Response|User Process user login.
*
* @throws \Illuminate\Validation\ValidationException * @throws \Illuminate\Validation\ValidationException
* @OA\Post(
* path="/api/v1/login",
* operationId="postLogin",
* tags={"login"},
* summary="Attempts authentication",
* description="Returns a CompanyUser object on success",
* @OA\Parameter(ref="#/components/parameters/X-API-SECRET"),
* @OA\Parameter(ref="#/components/parameters/X-API-TOKEN"),
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
* @OA\Parameter(ref="#/components/parameters/include"),
* @OA\Parameter(ref="#/components/parameters/include_static"),
* @OA\Parameter(ref="#/components/parameters/clear_cache"),
* @OA\RequestBody(
* description="User credentials",
* required=true,
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* type="object",
* @OA\Property(
* property="email",
* description="The user email address",
* type="string",
* ),
* @OA\Property(
* property="password",
* example="1234567",
* description="The user password must meet minimum criteria ~ >6 characters",
* type="string"
* )
* )
* )
* ),
* @OA\Response(
* response=200,
* description="The Company User response",
* @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
* @OA\JsonContent(ref="#/components/schemas/CompanyUser"),
* ),
* @OA\Response(
* response=422,
* description="Validation error",
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
* ),
* @OA\Response(
* response="default",
* description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"),
* ),
* )
*/ */
public function apiLogin(LoginRequest $request) public function apiLogin(LoginRequest $request)
{ {
@ -175,7 +106,7 @@ class LoginController extends BaseController
if ($this->attemptLogin($request)) { if ($this->attemptLogin($request)) {
LightLogs::create(new LoginSuccess()) LightLogs::create(new LoginSuccess())
->increment() ->increment()
->queue(); ->batch();
$user = $this->guard()->user(); $user = $this->guard()->user();
@ -221,7 +152,7 @@ class LoginController extends BaseController
} else { } else {
LightLogs::create(new LoginFailure()) LightLogs::create(new LoginFailure())
->increment() ->increment()
->queue(); ->batch();
$this->incrementLoginAttempts($request); $this->incrementLoginAttempts($request);
@ -237,38 +168,6 @@ class LoginController extends BaseController
* *
* @param Request $request * @param Request $request
* @return CompanyUser Refresh Feed. * @return CompanyUser Refresh Feed.
*
*
* @OA\Post(
* path="/api/v1/refresh",
* operationId="refresh",
* tags={"refresh"},
* summary="Refreshes the dataset",
* description="Refreshes the dataset",
* @OA\Parameter(ref="#/components/parameters/X-API-TOKEN"),
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
* @OA\Parameter(ref="#/components/parameters/include"),
* @OA\Parameter(ref="#/components/parameters/include_static"),
* @OA\Parameter(ref="#/components/parameters/clear_cache"),
* @OA\Response(
* response=200,
* description="The Company User response",
* @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
* @OA\JsonContent(ref="#/components/schemas/CompanyUser"),
* ),
* @OA\Response(
* response=422,
* description="Validation error",
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
* ),
* @OA\Response(
* response="default",
* description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"),
* ),
* )
*/ */
public function refresh(Request $request) public function refresh(Request $request)
{ {
@ -499,7 +398,6 @@ class LoginController extends BaseController
return response()->json(['message' => 'Invalid response from oauth server, no access token in response.'], 400); return response()->json(['message' => 'Invalid response from oauth server, no access token in response.'], 400);
} }
$graph = new \Microsoft\Graph\Graph(); $graph = new \Microsoft\Graph\Graph();
$graph->setAccessToken($accessToken); $graph->setAccessToken($accessToken);
@ -536,7 +434,9 @@ class LoginController extends BaseController
return $this->existingLoginUser($user->getId(), 'microsoft'); return $this->existingLoginUser($user->getId(), 'microsoft');
} }
// Signup! // Signup!
if (request()->has('create') && request()->input('create') == 'true') {
$new_account = [ $new_account = [
'first_name' => $user->getGivenName() ?: '', 'first_name' => $user->getGivenName() ?: '',
'last_name' => $user->getSurname() ?: '', 'last_name' => $user->getSurname() ?: '',
@ -549,6 +449,9 @@ class LoginController extends BaseController
return $this->createNewAccount($new_account); return $this->createNewAccount($new_account);
} }
return response()->json(['message' => 'User not found. If you believe this is an error, please send an email to contact@invoiceninja.com'], 400);
}
return response()->json(['message' => 'Unable to authenticate this user'], 400); return response()->json(['message' => 'Unable to authenticate this user'], 400);
} }
@ -640,6 +543,7 @@ class LoginController extends BaseController
return $this->existingLoginUser($google->harvestSubField($user), 'google'); return $this->existingLoginUser($google->harvestSubField($user), 'google');
} }
if (request()->has('create') && request()->input('create') == 'true') {
//user not found anywhere - lets sign them up. //user not found anywhere - lets sign them up.
$name = OAuth::splitName($google->harvestName($user)); $name = OAuth::splitName($google->harvestName($user));
@ -655,6 +559,9 @@ class LoginController extends BaseController
return $this->createNewAccount($new_account); return $this->createNewAccount($new_account);
} }
return response()->json(['message' => 'User not found. If you believe this is an error, please send an email to contact@invoiceninja.com'], 400);
}
return response() return response()
->json(['message' => ctrans('texts.invalid_credentials')], 401) ->json(['message' => ctrans('texts.invalid_credentials')], 401)
->header('X-App-Version', config('ninja.app_version')) ->header('X-App-Version', config('ninja.app_version'))
@ -700,7 +607,7 @@ class LoginController extends BaseController
if ($provider == 'microsoft') { if ($provider == 'microsoft') {
$scopes = ['email', 'Mail.Send', 'offline_access', 'profile', 'User.Read openid']; $scopes = ['email', 'Mail.Send', 'offline_access', 'profile', 'User.Read openid'];
$parameters = ['response_type' => 'code', 'redirect_uri' => config('ninja.app_url')."/auth/microsoft"]; $parameters = ['response_type' => 'code', 'redirect_uri' => config('ninja.app_url') . "/auth/microsoft"];
} }
if (request()->has('code')) { if (request()->has('code')) {

30
composer.lock generated
View File

@ -2171,16 +2171,16 @@
}, },
{ {
"name": "google/apiclient-services", "name": "google/apiclient-services",
"version": "v0.289.0", "version": "v0.290.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/googleapis/google-api-php-client-services.git", "url": "https://github.com/googleapis/google-api-php-client-services.git",
"reference": "937f83a927db2d09db7eebb69ce2ac4114559bd7" "reference": "df7e6cbab08f60509b3f360d8286c194ad2930e2"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/googleapis/google-api-php-client-services/zipball/937f83a927db2d09db7eebb69ce2ac4114559bd7", "url": "https://api.github.com/repos/googleapis/google-api-php-client-services/zipball/df7e6cbab08f60509b3f360d8286c194ad2930e2",
"reference": "937f83a927db2d09db7eebb69ce2ac4114559bd7", "reference": "df7e6cbab08f60509b3f360d8286c194ad2930e2",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -2209,9 +2209,9 @@
], ],
"support": { "support": {
"issues": "https://github.com/googleapis/google-api-php-client-services/issues", "issues": "https://github.com/googleapis/google-api-php-client-services/issues",
"source": "https://github.com/googleapis/google-api-php-client-services/tree/v0.289.0" "source": "https://github.com/googleapis/google-api-php-client-services/tree/v0.290.0"
}, },
"time": "2023-02-26T01:10:11+00:00" "time": "2023-03-01T17:20:18+00:00"
}, },
{ {
"name": "google/auth", "name": "google/auth",
@ -14019,16 +14019,16 @@
}, },
{ {
"name": "friendsofphp/php-cs-fixer", "name": "friendsofphp/php-cs-fixer",
"version": "v3.14.4", "version": "v3.15.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git", "url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git",
"reference": "1b3d9dba63d93b8a202c31e824748218781eae6b" "reference": "7306744c63e9cc1337894252b4eec4920c38b053"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/1b3d9dba63d93b8a202c31e824748218781eae6b", "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/7306744c63e9cc1337894252b4eec4920c38b053",
"reference": "1b3d9dba63d93b8a202c31e824748218781eae6b", "reference": "7306744c63e9cc1337894252b4eec4920c38b053",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -14095,9 +14095,15 @@
} }
], ],
"description": "A tool to automatically fix PHP code style", "description": "A tool to automatically fix PHP code style",
"keywords": [
"Static code analysis",
"fixer",
"standards",
"static analysis"
],
"support": { "support": {
"issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues", "issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues",
"source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.14.4" "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.15.0"
}, },
"funding": [ "funding": [
{ {
@ -14105,7 +14111,7 @@
"type": "github" "type": "github"
} }
], ],
"time": "2023-02-09T21:49:13+00:00" "time": "2023-03-12T22:44:55+00:00"
}, },
{ {
"name": "hamcrest/hamcrest-php", "name": "hamcrest/hamcrest-php",