diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 2798e47ccb3e..4ab5402e6883 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -246,134 +246,6 @@ class LoginController extends BaseController return $this->listResponse($ct); } - /** - * Redirect the user to the provider authentication page - * - * @return void - */ - public function redirectToProvider(string $provider) - { - //'https://www.googleapis.com/auth/gmail.send','email','profile','openid' - // - if (request()->has('code')) { - return $this->handleProviderCallback($provider); - } else { - return Socialite::driver($provider)->scopes(['https://www.googleapis.com/auth/gmail.send','email','profile','openid'])->redirect(); - } - } - - - public function redirectToProviderAndCreate(string $provider) - { - $redirect_url = config('services.' . $provider . '.redirect') . '/create'; - - if (request()->has('code')) { - return $this->handleProviderCallbackAndCreate($provider); - } else { - return Socialite::driver($provider)->scopes(['https://www.googleapis.com/auth/gmail.send','email','profile','openid'])->redirectUrl($redirect_url)->redirect(); - } - } - - - - public function handleProviderCallbackAndCreate(string $provider) - { - $redirect_url = config('services.' . $provider . '.redirect') . '/create'; - - $socialite_user = Socialite::driver($provider) - ->redirectUrl($redirect_url) - ->stateless() - ->user(); - - /* Handle existing users who attempt to create another account with existing OAuth credentials */ - if ($user = OAuth::handleAuth($socialite_user, $provider)) { - $user->oauth_user_token = $socialite_user->refreshToken; - $user->save(); - Auth::login($user, true); - - return redirect($this->redirectTo); - } elseif (MultiDB::checkUserEmailExists($socialite_user->getEmail())) { - Session::flash('error', 'User exists in system, but not with this authentication method'); //todo add translations - - return view('auth.login'); - } - /** 3. Automagically creating a new account here. */ - else { - //todo - $name = OAuth::splitName($socialite_user->getName()); - - $new_account = [ - 'first_name' => $name[0], - 'last_name' => $name[1], - 'password' => '', - 'email' => $socialite_user->getEmail(), - 'oauth_user_id' => $socialite_user->getId(), - 'oauth_user_token' => $socialite_user->refreshToken, - 'oauth_provider_id' => $provider - ]; - - MultiDB::setDefaultDatabase(); - - $account = CreateAccount::dispatchNow($new_account); - - Auth::login($account->default_company->owner(), true); - - $cookie = cookie('db', $account->default_company->db); - - return redirect($this->redirectTo)->withCookie($cookie); - } - } - - /** - * We use this function when OAUTHING via the web interface - * - * @return redirect - */ - public function handleProviderCallback(string $provider) - { - $redirect_url = config('services.' . $provider . '.redirect'); - - $socialite_user = Socialite::driver($provider) - ->redirectUrl($redirect_url) - ->stateless() - ->user(); - - if ($user = OAuth::handleAuth($socialite_user, $provider)) { - $user->oauth_user_token = $socialite_user->token; - $user->save(); - Auth::login($user, true); - - return redirect($this->redirectTo); - } elseif (MultiDB::checkUserEmailExists($socialite_user->getEmail())) { - Session::flash('error', 'User exists in system, but not with this authentication method'); //todo add translations - - return view('auth.login'); - } - /** 3. Automagically creating a new account here. */ - else { - //todo - $name = OAuth::splitName($socialite_user->getName()); - - $new_account = [ - 'first_name' => $name[0], - 'last_name' => $name[1], - 'password' => '', - 'email' => $socialite_user->getEmail(), - 'oauth_user_id' => $socialite_user->getId(), - 'oauth_user_token' => $socialite_user->token, - 'oauth_provider_id' => $provider - ]; - - $account = CreateAccount::dispatchNow($new_account); - - Auth::login($account->default_company->owner(), true); - - $cookie = cookie('db', $account->default_company->db); - - return redirect($this->redirectTo)->withCookie($cookie); - } - } - /** * A client side authentication has taken place. * We now digest the token and confirm authentication with @@ -392,62 +264,12 @@ class LoginController extends BaseController if(request()->input('provider') == 'google') return $this->handleGoogleOauth(); -// $user = false; - -// $oauth = new OAuth(); - -// $user = $oauth->getProvider(request()->input('provider'))->getTokenResponse(request()->input('id_token')); - - - -// if ($user = OAuth::handleAuth($socialite_user, $provider)) { -// $user->oauth_user_token = $socialite_user->token; -// $user->save(); -// Auth::login($user, true); - -// return redirect($this->redirectTo); -// } elseif (MultiDB::checkUserEmailExists($socialite_user->getEmail())) { -// Session::flash('error', 'User exists in system, but not with this authentication method'); //todo add translations - -// return view('auth.login'); -// } -// * 3. Automagically creating a new account here. -// else { -// //todo -// $name = OAuth::splitName($socialite_user->getName()); - -// $new_account = [ -// 'first_name' => $name[0], -// 'last_name' => $name[1], -// 'password' => '', -// 'email' => $socialite_user->getEmail(), -// 'oauth_user_id' => $socialite_user->getId(), -// 'oauth_user_token' => $socialite_user->token, -// 'oauth_provider_id' => $provider -// ]; - -// $account = CreateAccount::dispatchNow($new_account); - -// Auth::login($account->default_company->owner(), true); - -// $cookie = cookie('db', $account->default_company->db); - -// return redirect($this->redirectTo)->withCookie($cookie); -// } - - // if ($user) { - // $ct = CompanyUser::whereUserId($user); - // return $this->listResponse($ct); - // // return $this->itemResponse($user); - // } else { - // return $this->errorResponse(['message' => 'Invalid credentials'], 401); - // } + return response() + ->json(['message' => 'Provider not supported'], 400) + ->header('X-App-Version', config('ninja.app_version')) + ->header('X-Api-Version', config('ninja.api_version')); } -//// // server_auth_code -// // access_token -// // id_token -// private function handleGoogleOauth() { $user = false; @@ -467,6 +289,7 @@ class LoginController extends BaseController { Auth::login($existing_user, true); + $existing_user->setCompany($existing_user->account->default_company); $ct = CompanyUser::whereUserId(auth()->user()->id); return $this->listResponse($ct); @@ -477,19 +300,19 @@ class LoginController extends BaseController } if($user){ - //if($user && request()->input('create') == 'true') { -//server_auth_code $client = new \Google_Client(); $client->setClientId(config('ninja.auth.google.client_id')); $client->setClientSecret(config('ninja.auth.google.client_secret')); - $accessToken = $client->fetchAccessTokenWithAuthCode(request()->input('server_auth_code')); - info($accessToken); + $token = $client->authenticate(request()->input('server_auth_code')); - $client->setAccessToken($accessToken); - //$client->setAccessToken(request()->input('access_token')); - $refresh_token = $client->getRefreshToken(); + $refresh_token = ''; + + if(array_key_exists('refresh_token', $token)) + $refresh_token = $token['refresh_token']; + + $access_token = $token['access_token']; $name = OAuth::splitName($google->harvestName($user)); @@ -499,7 +322,7 @@ class LoginController extends BaseController 'password' => '', 'email' => $google->harvestEmail($user), 'oauth_user_id' => $google->harvestSubField($user), - 'oauth_user_token' => request()->input('access_token'), + 'oauth_user_token' => $access_token, 'oauth_user_refresh_token' => $refresh_token, 'oauth_provider_id' => 'google' ]; @@ -509,6 +332,10 @@ class LoginController extends BaseController $account = CreateAccount::dispatchNow($new_account); Auth::login($account->default_company->owner(), true); + + auth()->user()->email_verified_at = now(); + auth()->user()->save(); + $ct = CompanyUser::whereUserId(auth()->user()->id); return $this->listResponse($ct); } diff --git a/app/Models/User.php b/app/Models/User.php index 8467ea069ac4..25f1c3255ed3 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -73,6 +73,7 @@ class User extends Authenticatable implements MustVerifyEmail 'oauth_user_id', 'oauth_provider_id', 'oauth_user_token', + 'oauth_user_refresh_token', 'custom_value1', 'custom_value2', 'custom_value3',