Fixes for client authentication

2025-06-03 18:04:37 -04:00 · 2021-12-12 21:39:12 +11:00 · 2021-12-12 21:39:12 +11:00 · 97451c8edf
commit 97451c8edf
parent 7dc00f989c
4 changed files with 43 additions and 15 deletions
--- a/app/Http/Controllers/Auth/ContactForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ContactForgotPasswordController.php
@ -98,10 +98,12 @@ class ContactForgotPasswordController extends Controller
        $this->validateEmail($request);
-        // $company = Company::where('company_key', $request->input('company_key'))->first();
+        if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first())
-        // $contact = ClientContact::where(['company_id' => $company->id, 'email' => $request->input('email')])->first();
+        {
-
+            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
-        $contact = ClientContact::where(['email' => $request->input('email')])->first();
+        }
        else
            $contact = ClientContact::where(['email' => $request->input('email')])->first();
        $response = false;
--- a/app/Http/Controllers/Auth/ContactLoginController.php
+++ b/app/Http/Controllers/Auth/ContactLoginController.php
@ -22,12 +22,14 @@ use Auth;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
 use Route;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Hash;
 class ContactLoginController extends Controller
 {
    use AuthenticatesUsers;
-    protected $redirectTo = '/client/dashboard';
+    protected $redirectTo = '/client/invoices';
    public function __construct()
    {
@ -80,8 +82,8 @@ class ContactLoginController extends Controller
    {
        Auth::shouldUse('contact');
-        if(Ninja::isHosted() && $request->session()->has('company_key'))
+        if(Ninja::isHosted() && $request->has('company_key'))
-            MultiDB::findAndSetDbByCompanyKey($request->session()->get('company_key'));
+            MultiDB::findAndSetDbByCompanyKey($request->input('company_key'));
        $this->validateLogin($request);
        // If the class is using the ThrottlesLogins trait, we can automatically throttle
@ -93,7 +95,16 @@ class ContactLoginController extends Controller
            return $this->sendLockoutResponse($request);
        }
-        if ($this->attemptLogin($request)) {
+
        if(Ninja::isHosted() && $company = Company::where('company_key', $request->input('company_key'))->first()){
            $contact = ClientContact::where(['email' => $request->input('email'), 'company_id' => $company->id])->first();
            if(Hash::check($request->input('password'), $contact->password))
                return $this->authenticated($request, $contact);
        }
        elseif ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }
        // If the login attempt was unsuccessful we will increment the number of attempts
@ -104,9 +115,25 @@ class ContactLoginController extends Controller
        return $this->sendFailedLoginResponse($request);
    }
    protected function sendLoginResponse(Request $request)
    {
        $request->session()->regenerate();
        $this->clearLoginAttempts($request);
        if ($response = $this->authenticated($request, $this->guard()->user())) {
            return $response;
        }
        return $request->wantsJson()
                    ? new JsonResponse([], 204)
                    : redirect()->intended($this->redirectPath());
    }
    public function authenticated(Request $request, ClientContact $client)
    {
-        Auth::guard('contact')->loginUsingId($client->id, true);
+        // Auth::guard('contact')->loginUsingId($client->id, true);
        auth()->guard('contact')->loginUsingId($client->id, true);
        event(new ContactLoggedIn($client, $client->company, Ninja::eventVars()));
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -72,7 +72,7 @@ class Kernel extends HttpKernel
        ConvertEmptyStringsToNull::class,
        TrustProxies::class,
        // \Fruitcake\Cors\HandleCors::class,
-        // Cors::class,
+        Cors::class,
    ];
@ -95,7 +95,6 @@ class Kernel extends HttpKernel
        'api' => [
            'throttle:300,1',
            'bindings',
            'cors',
            'query_logging',
        ],
        'contact' => [
@ -117,7 +116,6 @@ class Kernel extends HttpKernel
            'throttle:120,1',
            'bindings',
            'query_logging',
            'cors',
        ],
    ];
--- a/app/Http/Middleware/CheckClientExistence.php
+++ b/app/Http/Middleware/CheckClientExistence.php
@ -28,8 +28,9 @@ class CheckClientExistence
     */
    public function handle(Request $request, Closure $next)
    {
        $multiple_contacts = ClientContact::query()
-            ->with('client.gateway_tokens')
+            ->with('client.gateway_tokens','company')
            ->where('email', auth('contact')->user()->email)
            ->whereNotNull('email')
            ->where('email', '<>', '')
@ -38,9 +39,9 @@ class CheckClientExistence
            ->distinct('email')
            ->whereNotNull('company_id')
            ->whereHas('client', function ($query) {
-                return $query->whereNull('deleted_at');
+                return $query->where('is_deleted', false);
            })
-            ->whereHas('client.company', function ($query){
+            ->whereHas('company', function ($query){
                return $query->where('account_id', auth('contact')->user()->client->company->account->id);
            })
            ->get();