From 89797b099122292c237a3cd9e168d8f0ddeea21b Mon Sep 17 00:00:00 2001 From: David Bomba Date: Wed, 10 Jul 2019 13:10:18 +1000 Subject: [PATCH] Handle list filters from Contact Routes --- app/Filters/InvoiceFilters.php | 12 +++++-- app/Filters/QueryFilters.php | 16 +++++++++ .../Controllers/Contact/InvoiceController.php | 8 +++-- .../Controllers/Contact/LoginController.php | 21 ----------- app/Http/Middleware/ContactTokenAuth.php | 6 ++-- app/Providers/MultiDatabaseUserProvider.php | 36 +++++++++---------- routes/contact.php | 2 -- 7 files changed, 51 insertions(+), 50 deletions(-) diff --git a/app/Filters/InvoiceFilters.php b/app/Filters/InvoiceFilters.php index 702a2f07677c..25bb8e2ae9fe 100644 --- a/app/Filters/InvoiceFilters.php +++ b/app/Filters/InvoiceFilters.php @@ -106,15 +106,23 @@ class InvoiceFilters extends QueryFilters /** * Filters the query by the users company ID + * + * We need to ensure we are using the correct company ID + * as we could be hitting this from either the client or company auth guard * * @param $company_id The company Id * @return Illuminate\Database\Query\Builder */ public function entityFilter() { - - return $this->builder->whereCompanyId(auth()->user()->company()->id); + + if(auth('contact')->user()) + return $this->builder->whereCompanyId(auth('contact')->user()->company->id); + else + return $this->builder->whereCompanyId(auth()->user()->company()->id); } + + } \ No newline at end of file diff --git a/app/Filters/QueryFilters.php b/app/Filters/QueryFilters.php index 871eaa5dad2e..53e6c9933dc6 100644 --- a/app/Filters/QueryFilters.php +++ b/app/Filters/QueryFilters.php @@ -76,6 +76,8 @@ abstract class QueryFilters $this->entityFilter(); + $this->clientFilter(); + foreach ($this->filters() as $name => $value) { if (! method_exists($this, $name)) { continue; @@ -154,4 +156,18 @@ abstract class QueryFilters } } + + /** + * Filters the query by the contact's client_id. + * + * -Can only be used on contact routes + * + * @param $client_id The client Id + * @param Illuminate\Database\Query\Builder + */ + public function clientFilter() + { + if(auth('contact')->user()) + return $this->builder->whereClientId(auth('contact')->user()->client->id); + } } \ No newline at end of file diff --git a/app/Http/Controllers/Contact/InvoiceController.php b/app/Http/Controllers/Contact/InvoiceController.php index 9139fe259bc1..d3dd4aed9b63 100644 --- a/app/Http/Controllers/Contact/InvoiceController.php +++ b/app/Http/Controllers/Contact/InvoiceController.php @@ -11,6 +11,7 @@ namespace App\Http\Controllers\Contact; +use App\Filters\InvoiceFilters; use App\Http\Controllers\BaseController; use App\Models\Invoice; use App\Transformers\Contact\InvoiceTransformer; @@ -39,10 +40,11 @@ class InvoiceController extends BaseController * * @return \Illuminate\Http\Response */ - public function index() + public function index(InvoiceFilters $filters) { - $invoices = Invoice::whereClientId(auth('contact')->user()->client->id); - //$invoices = Invoice::filter($filters); + //$invoices = Invoice::whereClientId(auth('contact')->user()->client->id); + + $invoices = Invoice::filter($filters); return $this->listResponse($invoices); diff --git a/app/Http/Controllers/Contact/LoginController.php b/app/Http/Controllers/Contact/LoginController.php index 92e00815e102..e64df99b38f7 100644 --- a/app/Http/Controllers/Contact/LoginController.php +++ b/app/Http/Controllers/Contact/LoginController.php @@ -47,13 +47,6 @@ class LoginController extends BaseController protected $entity_transformer = ClientContactLoginTransformer::class; - /** - * Where to redirect users after login. - * - * @var string - */ - protected $redirectTo = '/dashboard'; - /** * Create a new controller instance. * @@ -64,22 +57,8 @@ class LoginController extends BaseController parent::__construct(); - } - /** - * Once the user is authenticated, we need to set - * the default company into a session variable - * - * @return void - * deprecated .1 API ONLY we don't need to set any session variables - */ - public function authenticated(Request $request, User $user) : void - { - //$this->setCurrentCompanyId($user->companies()->first()->account->default_company_id); - } - - /** * Login via API * diff --git a/app/Http/Middleware/ContactTokenAuth.php b/app/Http/Middleware/ContactTokenAuth.php index df2208ce73f0..66a856da7857 100644 --- a/app/Http/Middleware/ContactTokenAuth.php +++ b/app/Http/Middleware/ContactTokenAuth.php @@ -11,7 +11,7 @@ namespace App\Http\Middleware; -use App\Events\User\UserLoggedIn; +use App\Events\Contact\ContactLoggedIn; use App\Models\ClientContact; use App\Models\CompanyToken; use App\Models\User; @@ -43,9 +43,9 @@ class ContactTokenAuth //stateless, don't remember the contact. auth()->guard('contact')->login($client_contact, false); - - //event(new UserLoggedIn($user)); //todo + event(new ContactLoggedIn($client_contact)); //todo + } else { diff --git a/app/Providers/MultiDatabaseUserProvider.php b/app/Providers/MultiDatabaseUserProvider.php index 57c555533ba6..b21572899400 100644 --- a/app/Providers/MultiDatabaseUserProvider.php +++ b/app/Providers/MultiDatabaseUserProvider.php @@ -117,20 +117,15 @@ class MultiDatabaseUserProvider implements UserProvider */ public function retrieveByCredentials(array $credentials) { - //Log::error('retrieving by credentials'); + if (empty($credentials) || (count($credentials) === 1 && array_key_exists('password', $credentials))) { return; } - //Log::error('settings DB'); - $this->setDefaultDatabase(false, $credentials['email'], false); - //Log::error('set DB'); - - // First we will add each credential element to the query as a where clause. // Then we can execute the query and, if we found a user, return it in a // Eloquent User "model" that will be utilized by the Guard instances. @@ -147,7 +142,7 @@ class MultiDatabaseUserProvider implements UserProvider $query->where($key, $value); } } -//Log::error($query->count()); + return $query->first(); } @@ -162,7 +157,7 @@ class MultiDatabaseUserProvider implements UserProvider { Log::error('validateCredentials'); $plain = $credentials['password']; - //Log::error($plain); + return $this->hasher->check($plain, $user->getAuthPassword()); } @@ -224,16 +219,16 @@ class MultiDatabaseUserProvider implements UserProvider return $this; } + /** + * Sets correct database by variable + */ private function setDefaultDatabase($id = false, $email = false, $token = false) : void { -//Log::error('setting DB'); -//Log::error('model = '.$this->model); foreach (MultiDB::getDbs() as $database) { - $this->setDB($database); -// $query = $this->conn->table('users'); -// + $this->setDB($database); + /** Make sure we hook into the correct guard class */ $query = $this->conn->table((new $this->model)->getTable()); @@ -245,8 +240,8 @@ class MultiDatabaseUserProvider implements UserProvider $user = $query->get(); - if (count($user) >= 1) { - //Log::error('found user, settings DB for EMAIL'); + if (count($user) >= 1) + { break; } @@ -254,32 +249,35 @@ class MultiDatabaseUserProvider implements UserProvider if ($token) { - Log::error('found user, settings DB for TOKEN'); $query->whereRaw("BINARY `token`= ?", $token); $token = $query->get(); - if (count($token) >= 1) { + if (count($token) >= 1) + { break; } + } } } + /** + * Sets the database at runtime + */ private function setDB($database) { /** Get the database name we want to switch to*/ $db_name = config('database.connections.'.$database.'.database'); - //$db_host = config("database.connections.".$database.".db_host"); /* This will set the default configuration for the request / session?*/ config(['database.default' => $database]); /* Set the connection to complete the user authentication */ - //$this->conn = app('db')->connection(config("database.connections.database." . $database . "." . $db_name)); $this->conn = app('db')->connection(config('database.connections.database.'.$database)); + } } diff --git a/routes/contact.php b/routes/contact.php index dd26a0442780..ae7b653bb7a3 100644 --- a/routes/contact.php +++ b/routes/contact.php @@ -15,9 +15,7 @@ use Illuminate\Http\Request; Route::group(['middleware' => ['api_secret_check']], function () { - //Route::post('api/v1/signup', 'AccountController@store')->name('signup.submit'); Route::post('api/v1/contact/login', 'Contact\LoginController@apiLogin'); - //Route::post('api/v1/oauth_login', 'Auth\LoginController@oauthApiLogin'); });