Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-31 02:14:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for login controller

Browse Source
This commit is contained in:
David Bomba 2022-05-05 10:14:28 +10:00
parent 96509ec9a1
commit b6350d323f
1 changed files with 171 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

285
app/Http/Controllers/Auth/LoginController.php
View File

@ -35,6 +35,7 @@ use App\Utils\Traits\UserSessionAttributes;
use App\Utils\Traits\User\LoginCache; use App\Utils\Traits\User\LoginCache;
use App\Utils\TruthSource; use App\Utils\TruthSource;
use Google_Client; use Google_Client;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
@ -210,42 +211,43 @@ class LoginController extends BaseController
$user = $user->fresh(); $user = $user->fresh();
} }
$user->setCompany($user->account->default_company); // $user->setCompany($user->account->default_company);
// $this->setLoginCache($user);
$this->setLoginCache($user); // $cu = CompanyUser::query()
// ->where('user_id', auth()->user()->id);
$cu = CompanyUser::query() $cu = $this->hydrateCompanyUser();
->where('user_id', auth()->user()->id);
if($cu->count() == 0) if($cu->count() == 0)
return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400); return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400);
$truth = app()->make(TruthSource::class); // $truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first()); // $truth->setCompanyUser($cu->first());
$truth->setUser(auth()->user()); // $truth->setUser(auth()->user());
$truth->setCompany($user->account->default_company); // $truth->setCompany($user->account->default_company);
if(!$cu->exists()) // if(!$cu->exists())
return response()->json(['message' => 'User not linked to any companies'], 403); // return response()->json(['message' => 'User not linked to any companies'], 403);
/* Ensure the user has a valid token */ // /* Ensure the user has a valid token */
if($user->company_users()->count() != $user->tokens()->count()) // if($user->company_users()->count() != $user->tokens()->count())
{ // {
$user->companies->each(function($company) use($user, $request){ // $user->companies->each(function($company) use($user, $request){
if(!CompanyToken::where('user_id', $user->id)->where('company_id', $company->id)->exists()){ // if(!CompanyToken::where('user_id', $user->id)->where('company_id', $company->id)->exists()){
CreateCompanyToken::dispatchNow($company, $user, $request->server('HTTP_USER_AGENT')); // CreateCompanyToken::dispatchNow($company, $user, $request->server('HTTP_USER_AGENT'));
} // }
}); // });
} // }
$truth->setCompanyToken(CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $user->account->default_company->id)->first()); // $truth->setCompanyToken(CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $user->account->default_company->id)->first());
/*On the hosted platform, only owners can login for free/pro accounts*/ /*On the hosted platform, only owners can login for free/pro accounts*/
if(Ninja::isHosted() && !$cu->first()->is_owner && !$user->account->isEnterpriseClient()) if(Ninja::isHosted() && !$cu->first()->is_owner && !$user->account->isEnterpriseClient())
@ -367,6 +369,53 @@ class LoginController extends BaseController
->header('X-Api-Version', config('ninja.minimum_client_version')); ->header('X-Api-Version', config('ninja.minimum_client_version'));
} }
private function hydrateCompanyUser() :Builder
{
$cu = CompanyUser::query()
->where('user_id', auth()->user()->id)
->where('company_id', auth()->user()->account->default_company_id);
if($cu->exists())
$set_company = auth()->user()->account->default_company;
else{
$cu = CompanyUser::query()->where('user_id', auth()->user()->id);
$set_company = $cu->company;
}
auth()->user()->setCompany($set_company);
$this->setLoginCache(auth()->user());
if($cu->count() == 0)
return $cu;
$truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first());
$truth->setUser(auth()->user());
$truth->setCompany($set_company);
if(auth()->user()->company_users()->count() != auth()->user()->tokens()->count())
{
auth()->user()->companies->each(function($company){
if(!CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $company->id)->exists()){
CreateCompanyToken::dispatchNow($company, auth()->user(), "Google_O_Auth");
}
});
}
$truth->setCompanyToken(CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $set_company->id)->first());
return $cu;
}
private function handleGoogleOauth() private function handleGoogleOauth()
{ {
$user = false; $user = false;
@ -377,7 +426,6 @@ class LoginController extends BaseController
if (is_array($user)) { if (is_array($user)) {
//
$query = [ $query = [
'oauth_user_id' => $google->harvestSubField($user), 'oauth_user_id' => $google->harvestSubField($user),
'oauth_provider_id'=> 'google', 'oauth_provider_id'=> 'google',
@ -389,38 +437,48 @@ class LoginController extends BaseController
return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400); return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400);
Auth::login($existing_user, true); Auth::login($existing_user, true);
$existing_user->setCompany($existing_user->account->default_company);
$this->setLoginCache($existing_user); // $cu = CompanyUser::query()
// ->where('user_id', auth()->user()->id)
// ->where('company_id', $existing_user->account->default_company_id);
$cu = CompanyUser::query() // if($cu->exists())
->where('user_id', auth()->user()->id); // $set_company = $existing_user->account->default_company;
// else{
// $cu = CompanyUser::query()->where('user_id', auth()->user()->id);
// $set_company = $cu->company;
// }
// $existing_user->setCompany($set_company);
// $this->setLoginCache($existing_user);
$cu = $this->hydrateCompanyUser();
if($cu->count() == 0) if($cu->count() == 0)
return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400); return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400);
$truth = app()->make(TruthSource::class); // $truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first()); // $truth->setCompanyUser($cu->first());
$truth->setUser($existing_user); // $truth->setUser($existing_user);
$truth->setCompany($existing_user->account->default_company); // $truth->setCompany($set_company);
// if($existing_user->company_users()->count() != $existing_user->tokens()->count())
// {
// $existing_user->companies->each(function($company) use($existing_user){
// if(!CompanyToken::where('user_id', $existing_user->id)->where('company_id', $company->id)->exists()){
// CreateCompanyToken::dispatchNow($company, $existing_user, "Google_O_Auth");
// }
// });
// }
// $truth->setCompanyToken(CompanyToken::where('user_id', $existing_user->id)->where('company_id', $set_company->id)->first());
if($existing_user->company_users()->count() != $existing_user->tokens()->count())
{
$existing_user->companies->each(function($company) use($existing_user){
if(!CompanyToken::where('user_id', $existing_user->id)->where('company_id', $company->id)->exists()){
CreateCompanyToken::dispatchNow($company, $existing_user, "Google_O_Auth");
}
});
}
$truth->setCompanyToken(CompanyToken::where('user_id', $existing_user->id)->where('company_id', $existing_user->account->default_company->id)->first());
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_user->account->isEnterpriseClient()) if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_user->account->isEnterpriseClient())
@ -437,45 +495,45 @@ class LoginController extends BaseController
return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400); return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400);
Auth::login($existing_login_user, true); Auth::login($existing_login_user, true);
$existing_login_user->setCompany($existing_login_user->account->default_company);
$this->setLoginCache($existing_login_user); // $existing_login_user->setCompany($existing_login_user->account->default_company);
// $this->setLoginCache($existing_login_user);
auth()->user()->update([ auth()->user()->update([
'oauth_user_id' => $google->harvestSubField($user), 'oauth_user_id' => $google->harvestSubField($user),
'oauth_provider_id'=> 'google', 'oauth_provider_id'=> 'google',
]); ]);
$cu = CompanyUser::query() $cu = $this->hydrateCompanyUser();
->where('user_id', auth()->user()->id);
// $cu = CompanyUser::query()
// ->where('user_id', auth()->user()->id);
if($cu->count() == 0) if($cu->count() == 0)
return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400); return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400);
$truth = app()->make(TruthSource::class); // $truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first()); // $truth->setCompanyUser($cu->first());
$truth->setUser($existing_login_user); // $truth->setUser($existing_login_user);
$truth->setCompany($existing_login_user->account->default_company); // $truth->setCompany($existing_login_user->account->default_company);
if($existing_login_user->company_users()->count() != $existing_login_user->tokens()->count()) // if($existing_login_user->company_users()->count() != $existing_login_user->tokens()->count())
{ // {
// $existing_login_user->companies->each(function($company) use($existing_login_user){
// if(!CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $company->id)->exists()){
// CreateCompanyToken::dispatchNow($company, $existing_login_user, "Google_O_Auth");
$existing_login_user->companies->each(function($company) use($existing_login_user){ // }
if(!CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $company->id)->exists()){ // });
CreateCompanyToken::dispatchNow($company, $existing_login_user, "Google_O_Auth"); // }
}
});
}
$truth->setCompanyToken(CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $existing_login_user->account->default_company->id)->first());
// $truth->setCompanyToken(CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $existing_login_user->account->default_company->id)->first());
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient()) if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403); return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
@ -495,43 +553,45 @@ class LoginController extends BaseController
return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400); return response()->json(['message' => 'User exists, but not attached to any companies! Orphaned user!'], 400);
Auth::login($existing_login_user, true); Auth::login($existing_login_user, true);
$existing_login_user->setCompany($existing_login_user->account->default_company);
$this->setLoginCache($existing_login_user); // $existing_login_user->setCompany($existing_login_user->account->default_company);
// $this->setLoginCache($existing_login_user);
auth()->user()->update([ auth()->user()->update([
'oauth_user_id' => $google->harvestSubField($user), 'oauth_user_id' => $google->harvestSubField($user),
'oauth_provider_id'=> 'google', 'oauth_provider_id'=> 'google',
]); ]);
$cu = CompanyUser::query() $cu = $this->hydrateCompanyUser();
->where('user_id', auth()->user()->id);
// $cu = CompanyUser::query()
// ->where('user_id', auth()->user()->id);
if($cu->count() == 0) if($cu->count() == 0)
return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400); return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400);
$truth = app()->make(TruthSource::class); // $truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first()); // $truth->setCompanyUser($cu->first());
$truth->setUser($existing_login_user); // $truth->setUser($existing_login_user);
$truth->setCompany($existing_login_user->account->default_company); // $truth->setCompany($existing_login_user->account->default_company);
if($existing_login_user->company_users()->count() != $existing_login_user->tokens()->count()) // if($existing_login_user->company_users()->count() != $existing_login_user->tokens()->count())
{ // {
$existing_login_user->companies->each(function($company) use($existing_login_user){ // $existing_login_user->companies->each(function($company) use($existing_login_user){
if(!CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $company->id)->exists()){ // if(!CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $company->id)->exists()){
CreateCompanyToken::dispatchNow($company, $existing_login_user, "Google_O_Auth"); // CreateCompanyToken::dispatchNow($company, $existing_login_user, "Google_O_Auth");
} // }
}); // });
} // }
$truth->setCompanyToken(CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $existing_login_user->account->default_company->id)->first()); // $truth->setCompanyToken(CompanyToken::where('user_id', $existing_login_user->id)->where('company_id', $existing_login_user->account->default_company->id)->first());
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient()) if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403); return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
@ -549,8 +609,6 @@ class LoginController extends BaseController
'password' => '', 'password' => '',
'email' => $google->harvestEmail($user), 'email' => $google->harvestEmail($user),
'oauth_user_id' => $google->harvestSubField($user), 'oauth_user_id' => $google->harvestSubField($user),
// 'oauth_user_token' => $token,
// 'oauth_user_refresh_token' => $refresh_token,
'oauth_provider_id' => 'google', 'oauth_provider_id' => 'google',
]; ];
@ -559,40 +617,39 @@ class LoginController extends BaseController
$account = CreateAccount::dispatchNow($new_account, request()->getClientIp()); $account = CreateAccount::dispatchNow($new_account, request()->getClientIp());
Auth::login($account->default_company->owner(), true); Auth::login($account->default_company->owner(), true);
auth()->user()->email_verified_at = now(); auth()->user()->email_verified_at = now();
auth()->user()->save(); auth()->user()->save();
auth()->user()->setCompany(auth()->user()->account->default_company); // auth()->user()->setCompany(auth()->user()->account->default_company);
// $this->setLoginCache(auth()->user());
// $cu = CompanyUser::whereUserId(auth()->user()->id);
$this->setLoginCache(auth()->user()); $cu = $this->hydrateCompanyUser();
$cu = CompanyUser::whereUserId(auth()->user()->id);
if($cu->count() == 0) if($cu->count() == 0)
return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400); return response()->json(['message' => 'User found, but not attached to any companies, please see your administrator'], 400);
$truth = app()->make(TruthSource::class); // $truth = app()->make(TruthSource::class);
$truth->setCompanyUser($cu->first()); // $truth->setCompanyUser($cu->first());
$truth->setUser(auth()->user()); // $truth->setUser(auth()->user());
$truth->setCompany(auth()->user()->account->default_company); // $truth->setCompany(auth()->user()->account->default_company);
if(auth()->user()->company_users()->count() != auth()->user()->tokens()->count()) // if(auth()->user()->company_users()->count() != auth()->user()->tokens()->count())
{ // {
// auth()->user()->companies->each(function($company) {
// if(!CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $company->id)->exists()){
// CreateCompanyToken::dispatchNow($company, auth()->user(), "Google_O_Auth");
auth()->user()->companies->each(function($company) { // }
if(!CompanyToken::where('user_id', auth()->user()->id)->where('company_id', $company->id)->exists()){ // });
CreateCompanyToken::dispatchNow($company, auth()->user(), "Google_O_Auth"); // }
}
});
}
$truth->setCompanyToken(CompanyToken::where('user_id', auth()->user()->id)->where('company_id', auth()->user()->account->default_company->id)->first()); // $truth->setCompanyToken(CompanyToken::where('user_id', auth()->user()->id)->where('company_id', auth()->user()->account->default_company->id)->first());
if(Ninja::isHosted() && !$cu->first()->is_owner && !auth()->user()->account->isEnterpriseClient()) if(Ninja::isHosted() && !$cu->first()->is_owner && !auth()->user()->account->isEnterpriseClient())