diff --git a/app/Http/Controllers/Auth/ContactForgotPasswordController.php b/app/Http/Controllers/Auth/ContactForgotPasswordController.php index 0ef1c0090abd..991aea83c4b9 100644 --- a/app/Http/Controllers/Auth/ContactForgotPasswordController.php +++ b/app/Http/Controllers/Auth/ContactForgotPasswordController.php @@ -98,10 +98,12 @@ class ContactForgotPasswordController extends Controller $this->validateEmail($request); - // $company = Company::where('company_key', $request->input('company_key'))->first(); - // $contact = ClientContact::where(['company_id' => $company->id, 'email' => $request->input('email')])->first(); - - $contact = ClientContact::where(['email' => $request->input('email')])->first(); + if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first()) + { + $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first(); + } + else + $contact = ClientContact::where(['email' => $request->input('email')])->first(); $response = false; diff --git a/app/Http/Controllers/Auth/ContactLoginController.php b/app/Http/Controllers/Auth/ContactLoginController.php index 876364bb4fb3..328fb8698b8f 100644 --- a/app/Http/Controllers/Auth/ContactLoginController.php +++ b/app/Http/Controllers/Auth/ContactLoginController.php @@ -22,12 +22,14 @@ use Auth; use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Http\Request; use Route; +use Illuminate\Http\JsonResponse; +use Illuminate\Support\Facades\Hash; class ContactLoginController extends Controller { use AuthenticatesUsers; - protected $redirectTo = '/client/dashboard'; + protected $redirectTo = '/client/invoices'; public function __construct() { @@ -80,8 +82,8 @@ class ContactLoginController extends Controller { Auth::shouldUse('contact'); - if(Ninja::isHosted() && $request->session()->has('company_key')) - MultiDB::findAndSetDbByCompanyKey($request->session()->get('company_key')); + if(Ninja::isHosted() && $request->has('company_key')) + MultiDB::findAndSetDbByCompanyKey($request->input('company_key')); $this->validateLogin($request); // If the class is using the ThrottlesLogins trait, we can automatically throttle @@ -93,7 +95,16 @@ class ContactLoginController extends Controller return $this->sendLockoutResponse($request); } - if ($this->attemptLogin($request)) { + + if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first()){ + + $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first(); + + if(Hash::check($request->input('password'), $contact->password)) + return $this->authenticated($request, $contact); + + } + elseif ($this->attemptLogin($request)) { return $this->sendLoginResponse($request); } // If the login attempt was unsuccessful we will increment the number of attempts @@ -104,9 +115,25 @@ class ContactLoginController extends Controller return $this->sendFailedLoginResponse($request); } + protected function sendLoginResponse(Request $request) + { + $request->session()->regenerate(); + + $this->clearLoginAttempts($request); + + if ($response = $this->authenticated($request, $this->guard()->user())) { + return $response; + } + + return $request->wantsJson() + ? new JsonResponse([], 204) + : redirect()->intended($this->redirectPath()); + } + public function authenticated(Request $request, ClientContact $client) { - Auth::guard('contact')->loginUsingId($client->id, true); + // Auth::guard('contact')->loginUsingId($client->id, true); + auth()->guard('contact')->loginUsingId($client->id, true); event(new ContactLoggedIn($client, $client->company, Ninja::eventVars())); diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 87b9f32c92ae..6b82749df99c 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -72,7 +72,7 @@ class Kernel extends HttpKernel ConvertEmptyStringsToNull::class, TrustProxies::class, // \Fruitcake\Cors\HandleCors::class, - // Cors::class, + Cors::class, ]; @@ -95,7 +95,6 @@ class Kernel extends HttpKernel 'api' => [ 'throttle:300,1', 'bindings', - 'cors', 'query_logging', ], 'contact' => [ @@ -117,7 +116,6 @@ class Kernel extends HttpKernel 'throttle:120,1', 'bindings', 'query_logging', - 'cors', ], ]; diff --git a/app/Http/Middleware/CheckClientExistence.php b/app/Http/Middleware/CheckClientExistence.php index 6efd00e38ff5..ef2a81db054d 100644 --- a/app/Http/Middleware/CheckClientExistence.php +++ b/app/Http/Middleware/CheckClientExistence.php @@ -28,8 +28,9 @@ class CheckClientExistence */ public function handle(Request $request, Closure $next) { + $multiple_contacts = ClientContact::query() - ->with('client.gateway_tokens') + ->with('client.gateway_tokens','company') ->where('email', auth('contact')->user()->email) ->whereNotNull('email') ->where('email', '<>', '') @@ -38,9 +39,9 @@ class CheckClientExistence ->distinct('email') ->whereNotNull('company_id') ->whereHas('client', function ($query) { - return $query->whereNull('deleted_at'); + return $query->where('is_deleted', false); }) - ->whereHas('client.company', function ($query){ + ->whereHas('company', function ($query){ return $query->where('account_id', auth('contact')->user()->client->company->account->id); }) ->get();