Made social accounts attachable

This commit is contained in:
Dan Brown 2015-09-04 20:40:36 +01:00
parent 3d18a04c39
commit eac7378ce0
14 changed files with 265 additions and 56 deletions

View File

@ -0,0 +1,7 @@
<?php namespace Oxbow\Exceptions;
class SocialSignInException extends NotifyException
{
}

View File

@ -1,7 +0,0 @@
<?php namespace Oxbow\Exceptions;
class UserNotFound extends NotifyException
{
}

View File

@ -2,7 +2,7 @@
namespace Oxbow\Http\Controllers\Auth; namespace Oxbow\Http\Controllers\Auth;
use Oxbow\Exceptions\UserNotFound; use Oxbow\Exceptions\SocialSignInException;
use Oxbow\Services\SocialAuthService; use Oxbow\Services\SocialAuthService;
use Oxbow\User; use Oxbow\User;
use Validator; use Validator;
@ -37,7 +37,7 @@ class AuthController extends Controller
*/ */
public function __construct(SocialAuthService $socialAuthService) public function __construct(SocialAuthService $socialAuthService)
{ {
$this->middleware('guest', ['except' => 'getLogout']); $this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
$this->socialAuthService = $socialAuthService; $this->socialAuthService = $socialAuthService;
} }
@ -95,7 +95,7 @@ class AuthController extends Controller
*/ */
public function getSocialLogin($socialDriver) public function getSocialLogin($socialDriver)
{ {
return $this->socialAuthService->logIn($socialDriver); return $this->socialAuthService->startLogIn($socialDriver);
} }
/** /**
@ -103,13 +103,21 @@ class AuthController extends Controller
* *
* @param $socialDriver * @param $socialDriver
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
* @throws UserNotFound * @throws SocialSignInException
*/ */
public function socialCallback($socialDriver) public function socialCallback($socialDriver)
{ {
$user = $this->socialAuthService->getUserFromCallback($socialDriver); return $this->socialAuthService->handleCallback($socialDriver);
\Auth::login($user, true); }
return redirect($this->redirectPath);
/**
* Detach a social account from a user.
* @param $socialDriver
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function detachSocialAccount($socialDriver)
{
return $this->socialAuthService->detachSocialAccount($socialDriver);
} }
} }

View File

@ -6,6 +6,7 @@ use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Oxbow\Http\Requests; use Oxbow\Http\Requests;
use Oxbow\Services\SocialAuthService;
use Oxbow\User; use Oxbow\User;
class UserController extends Controller class UserController extends Controller
@ -74,16 +75,19 @@ class UserController extends Controller
/** /**
* Show the form for editing the specified user. * Show the form for editing the specified user.
* *
* @param int $id * @param int $id
* @param SocialAuthService $socialAuthService
* @return Response * @return Response
*/ */
public function edit($id) public function edit($id, SocialAuthService $socialAuthService)
{ {
$this->checkPermissionOr('user-update', function () use ($id) { $this->checkPermissionOr('user-update', function () use ($id) {
return $this->currentUser->id == $id; return $this->currentUser->id == $id;
}); });
$user = $this->user->findOrFail($id); $user = $this->user->findOrFail($id);
return view('users/edit', ['user' => $user]); $activeSocialDrivers = $socialAuthService->getActiveDrivers();
return view('users/edit', ['user' => $user, 'activeSocialDrivers' => $activeSocialDrivers]);
} }
/** /**
@ -107,13 +111,14 @@ class UserController extends Controller
]); ]);
$user = $this->user->findOrFail($id); $user = $this->user->findOrFail($id);
$user->fill($request->all()); $user->fill($request->except('password'));
if ($this->currentUser->can('user-update') && $request->has('role')) { if ($this->currentUser->can('user-update') && $request->has('role')) {
$user->attachRoleId($request->get('role')); $user->attachRoleId($request->get('role'));
} }
if ($request->has('password') && $request->get('password') != '') { if ($request->has('password') && $request->get('password') != '') {
//dd('cat');
$password = $request->get('password'); $password = $request->get('password');
$user->password = Hash::make($password); $user->password = Hash::make($password);
} }

View File

@ -17,7 +17,7 @@ class RedirectIfAuthenticated
/** /**
* Create a new filter instance. * Create a new filter instance.
* *
* @param Guard $auth * @param Guard $auth
* @return void * @return void
*/ */
public function __construct(Guard $auth) public function __construct(Guard $auth)
@ -28,14 +28,14 @@ class RedirectIfAuthenticated
/** /**
* Handle an incoming request. * Handle an incoming request.
* *
* @param \Illuminate\Http\Request $request * @param \Illuminate\Http\Request $request
* @param \Closure $next * @param \Closure $next
* @return mixed * @return mixed
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if ($this->auth->check()) { if ($this->auth->check()) {
return redirect('/home'); return redirect('/');
} }
return $next($request); return $next($request);

View File

@ -78,13 +78,15 @@ Route::group(['middleware' => 'auth'], function () {
}); });
// Login using social authentication
Route::get('/login/service/{socialDriver}', 'Auth\AuthController@getSocialLogin');
Route::get('/login/service/{socialDriver}/callback', 'Auth\AuthController@socialCallback');
Route::get('/login/service/{socialDriver}/detach', 'Auth\AuthController@detachSocialAccount');
// Login/Logout routes // Login/Logout routes
Route::get('/login', 'Auth\AuthController@getLogin'); Route::get('/login', 'Auth\AuthController@getLogin');
Route::post('/login', 'Auth\AuthController@postLogin'); Route::post('/login', 'Auth\AuthController@postLogin');
Route::get('/logout', 'Auth\AuthController@getLogout'); Route::get('/logout', 'Auth\AuthController@getLogout');
// Login using social authentication
Route::get('/login/service/{socialService}', 'Auth\AuthController@getSocialLogin');
Route::get('/login/service/{socialService}/callback', 'Auth\AuthController@socialCallback');
// Password reset link request routes... // Password reset link request routes...
Route::get('/password/email', 'Auth\PasswordController@getEmail'); Route::get('/password/email', 'Auth\PasswordController@getEmail');

View File

@ -2,29 +2,40 @@
use Laravel\Socialite\Contracts\Factory as Socialite; use Laravel\Socialite\Contracts\Factory as Socialite;
use Oxbow\Exceptions\SocialDriverNotConfigured; use Oxbow\Exceptions\SocialDriverNotConfigured;
use Oxbow\Exceptions\UserNotFound; use Oxbow\Exceptions\SocialSignInException;
use Oxbow\Repos\UserRepo; use Oxbow\Repos\UserRepo;
use Oxbow\SocialAccount;
use Oxbow\User;
class SocialAuthService class SocialAuthService
{ {
protected $userRepo; protected $userRepo;
protected $socialite; protected $socialite;
protected $socialAccount;
protected $validSocialDrivers = ['google', 'github']; protected $validSocialDrivers = ['google', 'github'];
/** /**
* SocialAuthService constructor. * SocialAuthService constructor.
* @param $userRepo * @param UserRepo $userRepo
* @param $socialite * @param Socialite $socialite
* @param SocialAccount $socialAccount
*/ */
public function __construct(UserRepo $userRepo, Socialite $socialite) public function __construct(UserRepo $userRepo, Socialite $socialite, SocialAccount $socialAccount)
{ {
$this->userRepo = $userRepo; $this->userRepo = $userRepo;
$this->socialite = $socialite; $this->socialite = $socialite;
$this->socialAccount = $socialAccount;
} }
public function logIn($socialDriver) /**
* Start the social login path.
* @param $socialDriver
* @return \Symfony\Component\HttpFoundation\RedirectResponse
* @throws SocialDriverNotConfigured
*/
public function startLogIn($socialDriver)
{ {
$driver = $this->validateDriver($socialDriver); $driver = $this->validateDriver($socialDriver);
return $this->socialite->driver($driver)->redirect(); return $this->socialite->driver($driver)->redirect();
@ -34,23 +45,78 @@ class SocialAuthService
* Get a user from socialite after a oAuth callback. * Get a user from socialite after a oAuth callback.
* *
* @param $socialDriver * @param $socialDriver
* @return mixed * @return User
* @throws SocialDriverNotConfigured * @throws SocialDriverNotConfigured
* @throws UserNotFound * @throws SocialSignInException
*/ */
public function getUserFromCallback($socialDriver) public function handleCallback($socialDriver)
{ {
$driver = $this->validateDriver($socialDriver); $driver = $this->validateDriver($socialDriver);
// Get user details from social driver // Get user details from social driver
$socialUser = $this->socialite->driver($driver)->user(); $socialUser = $this->socialite->driver($driver)->user();
$user = $this->userRepo->getByEmail($socialUser->getEmail()); $socialId = $socialUser->getId();
// Redirect if the email is not a current user. // Get any attached social accounts or users
if ($user === null) { $socialAccount = $this->socialAccount->where('driver_id', '=', $socialId)->first();
throw new UserNotFound('A user with the email ' . $socialUser->getEmail() . ' was not found.', '/login'); $user = $this->userRepo->getByEmail($socialUser->getEmail());
$isLoggedIn = \Auth::check();
$currentUser = \Auth::user();
// When a user is not logged in but a matching SocialAccount exists,
// Log the user found on the SocialAccount into the application.
if (!$isLoggedIn && $socialAccount !== null) {
return $this->logUserIn($socialAccount->user);
} }
return $user; // When a user is logged in but the social account does not exist,
// Create the social account and attach it to the user & redirect to the profile page.
if ($isLoggedIn && $socialAccount === null) {
$this->fillSocialAccount($socialDriver, $socialUser);
$currentUser->socialAccounts()->save($this->socialAccount);
\Session::flash('success', title_case($socialDriver) . ' account was successfully attached to your profile.');
return redirect($currentUser->getEditUrl());
}
// When a user is logged in and the social account exists and is already linked to the current user.
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) {
\Session::flash('error', 'This ' . title_case($socialDriver) . ' account is already attached to your profile.');
return redirect($currentUser->getEditUrl());
}
// When a user is logged in, A social account exists but the users do not match.
// Change the user that the social account is assigned to.
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
$socialAccount->user_id = $currentUser->id;
$socialAccount->save();
\Session::flash('success', 'This ' . title_case($socialDriver) . ' account is now attached to your profile.');
}
if ($user === null) {
throw new SocialSignInException('A system user with the email ' . $socialUser->getEmail() .
' was not found and this ' . $socialDriver . ' account is not linked to any users.', '/login');
}
return $this->authenticateUserWithNewSocialAccount($user, $socialUser, $socialUser);
}
/**
* Logs a user in and creates a new social account entry for future usage.
* @param User $user
* @param string $socialDriver
* @param \Laravel\Socialite\Contracts\User $socialUser
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
private function authenticateUserWithNewSocialAccount($user, $socialDriver, $socialUser)
{
$this->fillSocialAccount($socialDriver, $socialUser);
$user->socialAccounts()->save($this->socialAccount);
return $this->logUserIn($user);
}
private function logUserIn($user)
{
\Auth::login($user);
return redirect('/');
} }
/** /**
@ -65,7 +131,7 @@ class SocialAuthService
$driver = trim(strtolower($socialDriver)); $driver = trim(strtolower($socialDriver));
if (!in_array($driver, $this->validSocialDrivers)) abort(404, 'Social Driver Not Found'); if (!in_array($driver, $this->validSocialDrivers)) abort(404, 'Social Driver Not Found');
if (!$this->checklDriverConfigured($driver)) throw new SocialDriverNotConfigured; if (!$this->checkDriverConfigured($driver)) throw new SocialDriverNotConfigured;
return $driver; return $driver;
} }
@ -75,7 +141,7 @@ class SocialAuthService
* @param $driver * @param $driver
* @return bool * @return bool
*/ */
private function checklDriverConfigured($driver) private function checkDriverConfigured($driver)
{ {
$upperName = strtoupper($driver); $upperName = strtoupper($driver);
$config = [env($upperName . '_APP_ID', false), env($upperName . '_APP_SECRET', false), env('APP_URL', false)]; $config = [env($upperName . '_APP_ID', false), env($upperName . '_APP_SECRET', false), env('APP_URL', false)];
@ -90,12 +156,36 @@ class SocialAuthService
{ {
$activeDrivers = []; $activeDrivers = [];
foreach ($this->validSocialDrivers as $driverName) { foreach ($this->validSocialDrivers as $driverName) {
if ($this->checklDriverConfigured($driverName)) { if ($this->checkDriverConfigured($driverName)) {
$activeDrivers[$driverName] = true; $activeDrivers[$driverName] = true;
} }
} }
return $activeDrivers; return $activeDrivers;
} }
/**
* @param $socialDriver
* @param $socialUser
*/
private function fillSocialAccount($socialDriver, $socialUser)
{
$this->socialAccount->fill([
'driver' => $socialDriver,
'driver_id' => $socialUser->getId(),
'avatar' => $socialUser->getAvatar()
]);
}
/**
* Detach a social account from a user.
* @param $socialDriver
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function detachSocialAccount($socialDriver)
{
\Auth::user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
\Session::flash('success', $socialDriver . ' account successfully detached');
return redirect(\Auth::user()->getEditUrl());
}
} }

16
app/SocialAccount.php Normal file
View File

@ -0,0 +1,16 @@
<?php
namespace Oxbow;
use Illuminate\Database\Eloquent\Model;
class SocialAccount extends Model
{
protected $fillable = ['user_id', 'driver', 'driver_id', 'timestamps'];
public function user()
{
return $this->belongsTo('Oxbow\User');
}
}

View File

@ -96,6 +96,31 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
$this->roles()->sync([$id]); $this->roles()->sync([$id]);
} }
/**
* Get the social account associated with this user.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function socialAccounts()
{
return $this->hasMany('Oxbow\SocialAccount');
}
/**
* Check if the user has a social account,
* If a driver is passed it checks for that single account type.
* @param bool|string $socialDriver
* @return bool
*/
public function hasSocialAccount($socialDriver = false)
{
if($socialDriver === false) {
return $this->socialAccounts()->count() > 0;
}
return $this->socialAccounts()->where('driver', '=', $socialDriver)->exists();
}
/** /**
* Returns the user's avatar, * Returns the user's avatar,
* Uses Gravatar as the avatar service. * Uses Gravatar as the avatar service.
@ -108,4 +133,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
$emailHash = md5(strtolower(trim($this->email))); $emailHash = md5(strtolower(trim($this->email)));
return '//www.gravatar.com/avatar/' . $emailHash . '?s=' . $size . '&d=identicon'; return '//www.gravatar.com/avatar/' . $emailHash . '?s=' . $size . '&d=identicon';
} }
public function getEditUrl()
{
return '/users/' . $this->id;
}
} }

View File

@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateSocialAccountsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('social_accounts', function (Blueprint $table) {
$table->increments('id');
$table->integer('user_id')->indexed();
$table->string('driver')->indexed();
$table->string('driver_id');
$table->string('avatar');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('social_accounts');
}
}

View File

@ -37,7 +37,7 @@ $primary: #0288D1;
$primary-dark: #0288D1; $primary-dark: #0288D1;
$secondary: #e27b41; $secondary: #e27b41;
$positive: #52A256; $positive: #52A256;
$negative: #D32F2F; $negative: #E84F4F;
// Item Colors // Item Colors
$color-book: #009688; $color-book: #009688;

View File

@ -30,7 +30,7 @@
<a href="/login/service/google" style="color: #DC4E41;"><i class="zmdi zmdi-google-plus-box zmdi-hc-4x"></i></a> <a href="/login/service/google" style="color: #DC4E41;"><i class="zmdi zmdi-google-plus-box zmdi-hc-4x"></i></a>
@endif @endif
@if(isset($socialDrivers['github'])) @if(isset($socialDrivers['github']))
<a href="/login/service/github" style="color:#000;"><i class="zmdi zmdi-github zmdi-hc-4x"></i></a> <a href="/login/service/github" style="color:#444;"><i class="zmdi zmdi-github zmdi-hc-4x"></i></a>
@endif @endif
@endif @endif
</div> </div>

View File

@ -55,6 +55,9 @@
@if($currentUser->can('settings-update')) @if($currentUser->can('settings-update'))
<a href="/settings"><i class="zmdi zmdi-settings"></i>Settings</a> <a href="/settings"><i class="zmdi zmdi-settings"></i>Settings</a>
@endif @endif
@if(!$signedIn)
<a href="/login"><i class="zmdi zmdi-sign-in"></i>Sign In</a>
@endif
</div> </div>
@if($signedIn) @if($signedIn)
<img class="avatar" src="{{$currentUser->getAvatar(30)}}" alt="{{ $currentUser->name }}"> <img class="avatar" src="{{$currentUser->getAvatar(30)}}" alt="{{ $currentUser->name }}">

View File

@ -42,22 +42,43 @@
<hr class="margin-top large"> <hr class="margin-top large">
<div class="row"> @if($currentUser->id === $user->id)
<div class="col-md-12"> <h3>Social Accounts</h3>
<h3>Permissions</h3> <p class="text-muted">
<p>User Role: <strong>{{$user->role->display_name}}</strong>.</p> Here you can connect your other accounts for quicker and easier login. <br>
<ul class="text-muted"> Disconnecting an account here does not previously authorized access. Revoke access from your profile settings on the connected social account.
@foreach($user->role->permissions as $permission) </p>
<li> <div class="row">
{{ $permission->display_name }} @if(isset($activeSocialDrivers['google']))
</li> <div class="col-md-3 text-center">
@endforeach <div><i class="zmdi zmdi-google-plus-box zmdi-hc-4x" style="color: #DC4E41;"></i></div>
</ul> <div>
@if($user->hasSocialAccount('google'))
<a href="/login/service/google/detach" class="button neg">Disconnect Account</a>
@else
<a href="/login/service/google" class="button pos">Attach Account</a>
@endif
</div>
</div>
@endif
@if(isset($activeSocialDrivers['github']))
<div class="col-md-3 text-center">
<div><i class="zmdi zmdi-github zmdi-hc-4x" style="color: #444;"></i></div>
<div>
@if($user->hasSocialAccount('github'))
<a href="/login/service/github/detach" class="button neg">Disconnect Account</a>
@else
<a href="/login/service/github" class="button pos">Attach Account</a>
@endif
</div>
</div>
@endif
</div> </div>
</div> @endif
</div> </div>
<p class="margin-top large"><br></p>
@stop @stop