From c62b2bec7dea6cf524aa730f0342424b7540a008 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Mon, 24 May 2021 08:25:14 +1000 Subject: [PATCH 1/2] Constrain by company_id --- app/Http/Livewire/BillingPortalPurchase.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/Http/Livewire/BillingPortalPurchase.php b/app/Http/Livewire/BillingPortalPurchase.php index a1614a3cc65d..8a42098b2090 100644 --- a/app/Http/Livewire/BillingPortalPurchase.php +++ b/app/Http/Livewire/BillingPortalPurchase.php @@ -181,14 +181,16 @@ class BillingPortalPurchase extends Component { $this->validate(); - $contact = ClientContact::where('email', $this->email)->first(); + $contact = ClientContact::where('email', $this->email) + ->where('company_id', $this->subscription->company_id) + ->first(); if ($contact && $this->steps['existing_user'] === false) { return $this->steps['existing_user'] = true; } if ($contact && $this->steps['existing_user']) { - $attempt = Auth::guard('contact')->attempt(['email' => $this->email, 'password' => $this->password]); + $attempt = Auth::guard('contact')->attempt(['email' => $this->email, 'password' => $this->password, 'company_id' => $this->subscription->company_id]); return $attempt ? $this->getPaymentMethods($contact) From af04fb9a37472c7482d4eda6e11469e1604aece2 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Mon, 24 May 2021 10:41:23 +1000 Subject: [PATCH 2/2] Fixes for MultiDB UserController --- app/Http/Middleware/TokenAuth.php | 2 +- app/Models/User.php | 15 +++++++-------- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/app/Http/Middleware/TokenAuth.php b/app/Http/Middleware/TokenAuth.php index bcea2cb8d26e..c68c353475a9 100644 --- a/app/Http/Middleware/TokenAuth.php +++ b/app/Http/Middleware/TokenAuth.php @@ -49,7 +49,6 @@ class TokenAuth | us to decouple a $user and their attached companies completely. | */ - $user->setCompany($company_token->company); app('queue')->createPayloadUsing(function () use ($company_token) { return ['db' => $company_token->company->db]; @@ -67,6 +66,7 @@ class TokenAuth //stateless, don't remember the user. auth()->login($user, false); + auth()->user()->setCompany($company_token->company); } else { $error = [ diff --git a/app/Models/User.php b/app/Models/User.php index 7df1b242e00c..a4a02e1ac421 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -159,8 +159,6 @@ class User extends Authenticatable implements MustVerifyEmail */ public function setCompany($company) { - // config(['ninja.company_id' => $company->id]); - $this->company = $company; } @@ -170,16 +168,17 @@ class User extends Authenticatable implements MustVerifyEmail public function getCompany() { - if (request()->header('X-API-TOKEN')) { - $company_token = CompanyToken::with(['company'])->whereRaw('BINARY `token`= ?', [request()->header('X-API-TOKEN')])->first(); - - return $company_token->company; - } - elseif ($this->company){ + if ($this->company){ return $this->company; } + elseif (request()->header('X-API-TOKEN')) { + $company_token = CompanyToken::with(['company'])->whereRaw('BINARY `token`= ?', [request()->header('X-API-TOKEN')])->first(); + + return $company_token->company; + } + // return false; throw new \Exception('No Company Found');