mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
Got registration process working with social accounts
This commit is contained in:
Dan Brown
parent
dec0cbb1b2
commit
411c331a62
@ -7,9 +7,8 @@ use Oxbow\Exceptions\SocialSignInException;
|
||||
use Oxbow\Exceptions\UserRegistrationException;
|
||||
use Oxbow\Repos\UserRepo;
|
||||
use Oxbow\Services\EmailConfirmationService;
|
||||
use Oxbow\Services\Facades\Setting;
|
||||
use Oxbow\Services\SocialAuthService;
|
||||
use Oxbow\User;
|
||||
use Oxbow\SocialAccount;
|
||||
use Validator;
|
||||
use Oxbow\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\ThrottlesLogins;
|
||||
@ -46,7 +45,7 @@ class AuthController extends Controller
|
||||
*/
|
||||
public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
|
||||
{
|
||||
$this->middleware('guest', ['only' => ['getLogin', 'postLogin', 'getRegister']]);
|
||||
$this->middleware('guest', ['only' => ['getLogin', 'postLogin', 'getRegister', 'postRegister']]);
|
||||
$this->socialAuthService = $socialAuthService;
|
||||
$this->emailConfirmationService = $emailConfirmationService;
|
||||
$this->userRepo = $userRepo;
|
||||
@ -55,7 +54,6 @@ class AuthController extends Controller
|
||||
|
||||
/**
|
||||
* Get a validator for an incoming registration request.
|
||||
*
|
||||
* @param array $data
|
||||
* @return \Illuminate\Contracts\Validation\Validator
|
||||
*/
|
||||
@ -68,31 +66,15 @@ class AuthController extends Controller
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new user instance after a valid registration.
|
||||
*
|
||||
* @param array $data
|
||||
* @return User
|
||||
*/
|
||||
protected function create(array $data)
|
||||
{
|
||||
return User::create([
|
||||
'name' => $data['name'],
|
||||
'email' => $data['email'],
|
||||
'password' => bcrypt($data['password']),
|
||||
]);
|
||||
}
|
||||
|
||||
protected function checkRegistrationAllowed()
|
||||
{
|
||||
if(!\Setting::get('registration-enabled')) {
|
||||
if (!\Setting::get('registration-enabled')) {
|
||||
throw new UserRegistrationException('Registrations are currently disabled.', '/login');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the application registration form.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function getRegister()
|
||||
@ -104,7 +86,6 @@ class AuthController extends Controller
|
||||
|
||||
/**
|
||||
* Handle a registration request for the application.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\Response
|
||||
* @throws UserRegistrationException
|
||||
@ -120,18 +101,54 @@ class AuthController extends Controller
|
||||
);
|
||||
}
|
||||
|
||||
if(\Setting::get('registration-restrict')) {
|
||||
$userData = $request->all();
|
||||
return $this->registerUser($userData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Register a new user after a registration callback.
|
||||
* @param $socialDriver
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
protected function socialRegisterCallback($socialDriver)
|
||||
{
|
||||
$socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver);
|
||||
$socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
|
||||
|
||||
// Create an array of the user data to create a new user instance
|
||||
$userData = [
|
||||
'name' => $socialUser->getName(),
|
||||
'email' => $socialUser->getEmail(),
|
||||
'password' => str_random(30)
|
||||
];
|
||||
return $this->registerUser($userData, $socialAccount);
|
||||
}
|
||||
|
||||
/**
|
||||
* The registrations flow for all users.
|
||||
* @param array $userData
|
||||
* @param bool|false|SocialAccount $socialAccount
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws UserRegistrationException
|
||||
* @throws \Oxbow\Exceptions\ConfirmationEmailException
|
||||
*/
|
||||
protected function registerUser(array $userData, $socialAccount = false)
|
||||
{
|
||||
if (\Setting::get('registration-restrict')) {
|
||||
$restrictedEmailDomains = explode(',', str_replace(' ', '', \Setting::get('registration-restrict')));
|
||||
$userEmailDomain = $domain = substr(strrchr($request->get('email'), "@"), 1);
|
||||
if(!in_array($userEmailDomain, $restrictedEmailDomains)) {
|
||||
$userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1);
|
||||
if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
|
||||
throw new UserRegistrationException('That email domain does not have access to this application', '/register');
|
||||
}
|
||||
}
|
||||
|
||||
$newUser = $this->create($request->all());
|
||||
$newUser->attachRoleId(\Setting::get('registration-role'), 1);
|
||||
$newUser = $this->userRepo->registerNew($userData);
|
||||
if ($socialAccount) {
|
||||
$newUser->socialAccounts()->save($socialAccount);
|
||||
}
|
||||
|
||||
if(\Setting::get('registration-confirmation') || \Setting::get('registration-restrict')) {
|
||||
if (\Setting::get('registration-confirmation') || \Setting::get('registration-restrict')) {
|
||||
$newUser->email_confirmed = false;
|
||||
$newUser->save();
|
||||
$this->emailConfirmationService->sendConfirmation($newUser);
|
||||
@ -139,6 +156,7 @@ class AuthController extends Controller
|
||||
}
|
||||
|
||||
auth()->login($newUser);
|
||||
session()->flash('success', 'Thanks for signing up! You are now registered and signed in.');
|
||||
return redirect($this->redirectPath());
|
||||
}
|
||||
|
||||
@ -197,7 +215,6 @@ class AuthController extends Controller
|
||||
|
||||
/**
|
||||
* Show the application login form.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function getLogin()
|
||||
@ -218,19 +235,41 @@ class AuthController extends Controller
|
||||
*/
|
||||
public function getSocialLogin($socialDriver)
|
||||
{
|
||||
session()->put('social-callback', 'login');
|
||||
return $this->socialAuthService->startLogIn($socialDriver);
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to the social site for authentication initended to register.
|
||||
* @param $socialDriver
|
||||
* @return mixed
|
||||
*/
|
||||
public function socialRegister($socialDriver)
|
||||
{
|
||||
$this->checkRegistrationAllowed();
|
||||
session()->put('social-callback', 'register');
|
||||
return $this->socialAuthService->startRegister($socialDriver);
|
||||
}
|
||||
|
||||
/**
|
||||
* The callback for social login services.
|
||||
*
|
||||
* @param $socialDriver
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws SocialSignInException
|
||||
*/
|
||||
public function socialCallback($socialDriver)
|
||||
{
|
||||
return $this->socialAuthService->handleCallback($socialDriver);
|
||||
if (session()->has('social-callback')) {
|
||||
$action = session()->pull('social-callback');
|
||||
if ($action == 'login') {
|
||||
return $this->socialAuthService->handleLoginCallback($socialDriver);
|
||||
} elseif ($action == 'register') {
|
||||
return $this->socialRegisterCallback($socialDriver);
|
||||
}
|
||||
} else {
|
||||
throw new SocialSignInException('No action defined', '/login');
|
||||
}
|
||||
return redirect()->back();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -22,7 +22,6 @@ class SettingController extends Controller
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Update the specified settings in storage.
|
||||
*
|
||||
|
||||
@ -6,6 +6,7 @@ use Illuminate\Http\Request;
|
||||
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Oxbow\Http\Requests;
|
||||
use Oxbow\Repos\UserRepo;
|
||||
use Oxbow\Services\SocialAuthService;
|
||||
use Oxbow\User;
|
||||
|
||||
@ -13,14 +14,16 @@ class UserController extends Controller
|
||||
{
|
||||
|
||||
protected $user;
|
||||
protected $userRepo;
|
||||
|
||||
/**
|
||||
* UserController constructor.
|
||||
* @param $user
|
||||
*/
|
||||
public function __construct(User $user)
|
||||
public function __construct(User $user, UserRepo $userRepo)
|
||||
{
|
||||
$this->user = $user;
|
||||
$this->userRepo = $userRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -150,8 +153,12 @@ class UserController extends Controller
|
||||
$this->checkPermissionOr('user-delete', function () use ($id) {
|
||||
return $this->currentUser->id == $id;
|
||||
});
|
||||
$user = $this->user->findOrFail($id);
|
||||
$user = $this->userRepo->getById($id);
|
||||
// Delete social accounts
|
||||
if($this->userRepo->isOnlyAdmin($user)) {
|
||||
session()->flash('error', 'You cannot delete the only admin');
|
||||
return redirect($user->getEditUrl());
|
||||
}
|
||||
$user->socialAccounts()->delete();
|
||||
$user->delete();
|
||||
return redirect('/users');
|
||||
|
||||
@ -92,6 +92,7 @@ Route::get('/register/confirm', 'Auth\AuthController@getRegisterConfirmation');
|
||||
Route::get('/register/confirm/awaiting', 'Auth\AuthController@showAwaitingConfirmation');
|
||||
Route::post('/register/confirm/resend', 'Auth\AuthController@resendConfirmation');
|
||||
Route::get('/register/confirm/{token}', 'Auth\AuthController@confirmEmail');
|
||||
Route::get('/register/service/{socialDriver}', 'Auth\AuthController@socialRegister');
|
||||
Route::post('/register', 'Auth\AuthController@postRegister');
|
||||
|
||||
// Password reset link request routes...
|
||||
|
||||
36
app/Providers/SocialiteServiceProvider.php
Normal file
36
app/Providers/SocialiteServiceProvider.php
Normal file
@ -0,0 +1,36 @@
|
||||
<?php namespace Oxbow\Providers;
|
||||
|
||||
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
|
||||
class SocialiteServiceProvider extends ServiceProvider
|
||||
{
|
||||
/**
|
||||
* Indicates if loading of the provider is deferred.
|
||||
*
|
||||
* @var bool
|
||||
*/
|
||||
protected $defer = true;
|
||||
|
||||
/**
|
||||
* Register the service provider.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function register()
|
||||
{
|
||||
$this->app->bindShared('Laravel\Socialite\Contracts\Factory', function ($app) {
|
||||
return new SocialiteManager($app);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the services provided by the provider.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function provides()
|
||||
{
|
||||
return ['Laravel\Socialite\Contracts\Factory'];
|
||||
}
|
||||
}
|
||||
@ -1,29 +1,91 @@
|
||||
<?php namespace Oxbow\Repos;
|
||||
|
||||
|
||||
use Oxbow\Role;
|
||||
use Oxbow\User;
|
||||
|
||||
class UserRepo
|
||||
{
|
||||
|
||||
protected $user;
|
||||
protected $role;
|
||||
|
||||
/**
|
||||
* UserRepo constructor.
|
||||
* @param $user
|
||||
*/
|
||||
public function __construct(User $user)
|
||||
public function __construct(User $user, Role $role)
|
||||
{
|
||||
$this->user = $user;
|
||||
$this->role = $role;
|
||||
}
|
||||
|
||||
|
||||
public function getByEmail($email) {
|
||||
/**
|
||||
* @param string $email
|
||||
* @return User|null
|
||||
*/
|
||||
public function getByEmail($email)
|
||||
{
|
||||
return $this->user->where('email', '=', $email)->first();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $id
|
||||
* @return User
|
||||
*/
|
||||
public function getById($id)
|
||||
{
|
||||
return $this->user->findOrFail($id);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new user and attaches a role to them.
|
||||
* @param array $data
|
||||
* @return User
|
||||
*/
|
||||
public function registerNew(array $data)
|
||||
{
|
||||
$user = $this->create($data);
|
||||
$roleId = \Setting::get('registration-role');
|
||||
|
||||
if ($roleId === false) {
|
||||
$roleId = $this->role->getDefault()->id;
|
||||
}
|
||||
|
||||
$user->attachRoleId($roleId);
|
||||
return $user;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the give user is the only admin.
|
||||
* @param User $user
|
||||
* @return bool
|
||||
*/
|
||||
public function isOnlyAdmin(User $user)
|
||||
{
|
||||
if ($user->role->name != 'admin') {
|
||||
return false;
|
||||
}
|
||||
|
||||
$adminRole = $this->role->where('name', '=', 'admin')->first();
|
||||
if (count($adminRole->users) > 1) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new basic instance of user.
|
||||
* @param array $data
|
||||
* @return User
|
||||
*/
|
||||
public function create(array $data)
|
||||
{
|
||||
return $this->user->create([
|
||||
'name' => $data['name'],
|
||||
'email' => $data['email'],
|
||||
'password' => bcrypt($data['password'])
|
||||
]);
|
||||
}
|
||||
}
|
||||
@ -35,7 +35,7 @@ class EmailConfirmationService
|
||||
*/
|
||||
public function sendConfirmation(User $user)
|
||||
{
|
||||
if($user->email_confirmed) {
|
||||
if ($user->email_confirmed) {
|
||||
throw new ConfirmationEmailException('Email has already been confirmed, Try logging in.', '/login');
|
||||
}
|
||||
$this->deleteConfirmationsByUser($user);
|
||||
@ -66,7 +66,7 @@ class EmailConfirmationService
|
||||
}
|
||||
|
||||
// If more than a day old
|
||||
if(Carbon::now()->subDay()->gt($emailConfirmation->created_at)) {
|
||||
if (Carbon::now()->subDay()->gt($emailConfirmation->created_at)) {
|
||||
$this->sendConfirmation($emailConfirmation->user);
|
||||
throw new UserRegistrationException('The confirmation token has expired, A new confirmation email has been sent.', '/register/confirm');
|
||||
}
|
||||
|
||||
@ -1,8 +1,11 @@
|
||||
<?php namespace Oxbow\Services;
|
||||
|
||||
use GuzzleHttp\Exception\ClientException;
|
||||
use Laravel\Socialite\Contracts\Factory as Socialite;
|
||||
use Oxbow\Exceptions\SocialDriverNotConfigured;
|
||||
use Oxbow\Exceptions\SocialSignInException;
|
||||
use Oxbow\Exceptions\UserRegistrationException;
|
||||
use Oxbow\Http\Controllers\Auth\AuthController;
|
||||
use Oxbow\Repos\UserRepo;
|
||||
use Oxbow\SocialAccount;
|
||||
use Oxbow\User;
|
||||
@ -29,9 +32,10 @@ class SocialAuthService
|
||||
$this->socialAccount = $socialAccount;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Start the social login path.
|
||||
* @param $socialDriver
|
||||
* @param string $socialDriver
|
||||
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
||||
* @throws SocialDriverNotConfigured
|
||||
*/
|
||||
@ -42,14 +46,52 @@ class SocialAuthService
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a user from socialite after a oAuth callback.
|
||||
*
|
||||
* Start the social registration process
|
||||
* @param string $socialDriver
|
||||
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
||||
* @throws SocialDriverNotConfigured
|
||||
*/
|
||||
public function startRegister($socialDriver)
|
||||
{
|
||||
$driver = $this->validateDriver($socialDriver);
|
||||
return $this->socialite->driver($driver)->redirect();
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle the social registration process on callback.
|
||||
* @param $socialDriver
|
||||
* @return User
|
||||
* @return \Laravel\Socialite\Contracts\User
|
||||
* @throws SocialDriverNotConfigured
|
||||
* @throws UserRegistrationException
|
||||
*/
|
||||
public function handleRegistrationCallback($socialDriver)
|
||||
{
|
||||
$driver = $this->validateDriver($socialDriver);
|
||||
|
||||
// Get user details from social driver
|
||||
$socialUser = $this->socialite->driver($driver)->user();
|
||||
|
||||
// Check social account has not already been used
|
||||
if ($this->socialAccount->where('driver_id', '=', $socialUser->getId())->exists()) {
|
||||
throw new UserRegistrationException('This ' . $socialDriver . ' account is already in use, Try logging in via the ' . $socialDriver . ' option.', '/login');
|
||||
}
|
||||
|
||||
if($this->userRepo->getByEmail($socialUser->getEmail())) {
|
||||
$email = $socialUser->getEmail();
|
||||
throw new UserRegistrationException('The email '. $email.' is already in use. If you already have an account you can connect your ' . $socialDriver .' account from your profile settings.', '/login');
|
||||
}
|
||||
|
||||
return $socialUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle the login process on a oAuth callback.
|
||||
* @param $socialDriver
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
||||
* @throws SocialDriverNotConfigured
|
||||
* @throws SocialSignInException
|
||||
*/
|
||||
public function handleCallback($socialDriver)
|
||||
public function handleLoginCallback($socialDriver)
|
||||
{
|
||||
$driver = $this->validateDriver($socialDriver);
|
||||
|
||||
@ -93,12 +135,13 @@ class SocialAuthService
|
||||
|
||||
// Otherwise let the user know this social account is not used by anyone.
|
||||
$message = 'This ' . $socialDriver . ' account is not linked to any users. Please attach it in your profile settings';
|
||||
if(\Setting::get('registration-enabled')) {
|
||||
$message .= 'or, If you do not yet have an account, You can register an account using the ' . $socialDriver . ' option';
|
||||
if (\Setting::get('registration-enabled')) {
|
||||
$message .= ' or, If you do not yet have an account, You can register an account using the ' . $socialDriver . ' option';
|
||||
}
|
||||
throw new SocialSignInException($message . '.', '/login');
|
||||
}
|
||||
|
||||
|
||||
private function logUserIn($user)
|
||||
{
|
||||
auth()->login($user);
|
||||
@ -150,16 +193,18 @@ class SocialAuthService
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $socialDriver
|
||||
* @param $socialUser
|
||||
* @param string $socialDriver
|
||||
* @param \Laravel\Socialite\Contracts\User $socialUser
|
||||
* @return SocialAccount
|
||||
*/
|
||||
private function fillSocialAccount($socialDriver, $socialUser)
|
||||
public function fillSocialAccount($socialDriver, $socialUser)
|
||||
{
|
||||
$this->socialAccount->fill([
|
||||
'driver' => $socialDriver,
|
||||
'driver_id' => $socialUser->getId(),
|
||||
'avatar' => $socialUser->getAvatar()
|
||||
]);
|
||||
return $this->socialAccount;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
|
||||
<div class="form-group">
|
||||
<label for="password">Password</label>
|
||||
@include('form/password', ['name' => 'password'])
|
||||
@include('form/password', ['name' => 'password', 'placeholder' => 'Must be over 5 characters'])
|
||||
</div>
|
||||
|
||||
<div class="from-group">
|
||||
|
||||
Loading…
Reference in New Issue
Block a user