public function loginHandle($request, $response, $next)
{
// $data = $request->post('sdf');
$email = $request->getParam('email');
$email = strtolower($email);
$passwd = $request->getParam('passwd');
$rememberMe = $request->getParam('remember_me');
// Handle Login
$user = User::where('email', '=', $email)->first();
if ($user == null) {
$rs['code'] = '0';
$rs['msg'] = "401 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
if ($user->pass != Hash::passwordHash($passwd)) {
$rs['code'] = '0';
$rs['msg'] = "402 邮箱或者密码错误";
return $response->getBody()->write(json_encode($rs));
}
$time = time() + 3600;
Auth::login($user->id, $time);
$rs['code'] = '1';
$rs['ok'] = '1';
$rs['msg'] = "欢迎回来";
return $response->getBody()->write(json_encode($rs));
}
/**
* Find or create a user.
*
* @param \Laravel\Socialite\One\User|\Laravel\Socialite\Two\User $user
* @param string $provider
*
* @return \Arcanesoft\Contracts\Auth\Models\User
*/
private function findOrCreateUser($user, $provider)
{
if ($authUser = User::where('social_provider_id', $user->id)->first()) {
return $authUser;
}
return User::create(['name' => $user->name, 'email' => $user->email, 'social_provider' => $provider, 'social_provider_id' => $user->id]);
}
public function handle(UserDetailsQuery $query)
{
if (!is_null($query->username)) {
return User::where('username', '=', $query->username)->first();
}
return User::find($query->userId);
}
public function getAuthList($uid)
{
$user = User::where('id', $uid)->first();
$user_role = $user->role()->first();
$role_id = $user_role->pivot->role_id;
$role = AuthRole::where('id', $role_id)->first();
$role_privilege = $role->privilege()->select('type', 'ref_id', 'priv_id')->get();
$pre_menu_arr = [];
$pre_func_arr = [];
array_map(function ($n) use(&$pre_menu_arr, &$pre_func_arr) {
if ($n['type'] == 1) {
$pre_menu_arr[] = $n['ref_id'];
} elseif ($n['type'] == 2) {
$pre_func_arr[] = $n['ref_id'];
}
}, $role_privilege->toArray());
$menu_priv = AuthPrivilegeMenu::whereIn('id', $pre_menu_arr)->get()->toArray();
$func_priv = AuthPrivilegeFunc::whereIn('id', $pre_func_arr)->get()->toArray();
$level_arr = [];
foreach ($menu_priv as $k => $v) {
$level_arr[$v['level']][$v['id']] = $v;
}
krsort($level_arr);
$this->beMenuTree($level_arr, count($level_arr));
//$level_arr[1]表示从level为1的开始
return ['menu_list' => $level_arr[1], 'func_list' => $func_priv];
}
public function run()
{
$adminEmail = Config::get('madison.seeder.admin_email');
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
$independent_sponsor = new Role();
$independent_sponsor->name = 'Independent Sponsor';
$independent_sponsor->save();
$permIds = array();
foreach ($this->adminPermissions as $permClass => $data) {
$perm = new Permission();
foreach ($data as $key => $val) {
$perm->{$key} = $val;
}
$perm->save();
$permIds[] = $perm->id;
}
$admin->perms()->sync($permIds);
$user = User::where('email', '=', $adminEmail)->first();
$user->attachRole($admin);
$createDocPerm = new Permission();
$createDocPerm->name = "independent_sponsor_create_doc";
$createDocPerm->display_name = "Independent Sponsoring";
$createDocPerm->save();
$independent_sponsor->perms()->sync(array($createDocPerm->id));
}
public function testRegister()
{
$this->visit('/register')->type('test', 'username')->type('*****@*****.**', 'email')->type('123456', 'password')->type('123456', 'repassword')->press('Submit')->seePageIs('/progress');
$user = User::where("email", "=", "*****@*****.**")->first();
$this->assertNotNull($user);
$user->delete();
}
/**
* the login data post process here
* @return [type] [description]
*/
public function postShowLoginPage()
{
check_token($_POST['_token']);
$okay = true;
$email = $_POST['email'];
$password = $_POST['password'];
// Look up the user
$user = User::where('active', 1)->where('email', $email)->first();
if ($user != null) {
// validate credentials
if (!password_verify($password, $user->password)) {
$okay = false;
}
} else {
$okay = false;
}
if ($okay) {
// if valid, log them
$this->session->login($user);
header('Location: /');
exit;
} else {
// if not valid redirect to the login page
Session::flash('errors', ['Invalid Login']);
echo $this->blade->render('login');
}
}
public function handle()
{
/** @var User[] $users */
$time = time();
$users = User::where('accessTokens.expires', '<=', $time)->orWhere('refreshTokens.expires', '<=', $time)->orWhere('tokens.reset_password.expired', '<=', $time)->orWhere('tokens.verify_email.expired', '<=', $time)->get();
$filter = function ($item) use($time) {
return $item->expires >= $time;
};
foreach ($users as $user) {
$filteredAccessTokens = $user->accessTokens()->reject($filter);
if ($filteredAccessTokens->count() > 0) {
$user->accessTokens()->dissociate($filteredAccessTokens);
}
$filteredRefreshTokens = $user->refreshTokens()->reject($filter);
if ($filteredRefreshTokens->count() > 0) {
$user->refreshTokens()->dissociate($filteredRefreshTokens);
}
if ($user->getResetPasswordToken()['expired'] < $time) {
$user->removeResetPasswordToken();
}
if ($user->getVerifyEmailToken()['expired'] < $time) {
$user->removeVerifyEmailToken();
}
$user->save();
}
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store()
{
$data = Input::all();
$username = $data['username'];
$password = $data['password'];
$rules = array('username' => 'required', 'password' => 'required');
//เช็คค่าว่าง
$validator = Validator::make($data, $rules);
if ($validator->fails()) {
Session::flash('error', error_login);
return Redirect::to('login');
} else {
$model = User::where('username', '=', e($username))->where('activated', '=', '1')->first();
if (!empty($model)) {
if (Hash::check($password, $model->password)) {
Session::regenerate();
Session::put('username', $model->username);
Session::put('fullname', $model->fullname);
Session::put('uid', $model->id);
Session::put('level', $model->level);
Session::put('dep', $model->id_dep);
Session::put('fingerprint', md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR']));
return Redirect::intended('/');
} else {
Session::flash('error', error_login);
return Redirect::to('login');
}
} else {
Session::flash('error', error_login);
return Redirect::to('login');
}
}
}
/**
* Store a newly created ShareUser in storage.
* POST /shareUsers
*
* @param Request $request
*
* @return Response
*/
public function store(Request $request)
{
if (sizeof(ShareUser::$rules) > 0) {
$validator = $this->validateRequestOrFail($request, ShareUser::$rules);
if ($validator) {
return $validator;
}
}
$input = $request->all();
$user = User::where('id', $input['user_id'])->first();
if ($user) {
$shared_with_other_account = User::where('phoneNo', $user->phoneNo)->lists('id');
if (count($shared_with_other_account) > 0) {
$alreadyShared = ShareUser::where('share_objectId', $input['share_objectId'])->wherein('user_id', $shared_with_other_account)->get();
if (count($alreadyShared) > 0) {
return response()->json("The share object id has already been taken.", 403);
}
}
$shareUsers = $this->shareUserRepository->create($input);
$shared_user = User::where('objectId', $shareUsers->share_objectId)->first();
if ($shared_user) {
$shared_user->points += 10;
$shared_user->update();
$user->shared = true;
$user->update();
$role = Role::where('userId', $user->objectId)->first();
if ($role) {
$user['role'] = $role->name;
} else {
$user['role'] = 'User';
}
}
return $this->sendResponse($user->toArray(), "ShareUser saved successfully");
}
}
public function postLoginWrapper(Request $request)
{
$userId = Auth::check() ? Auth::user()->id : null;
$user = User::where('email', '=', $request->input('email'))->first();
if ($user && $user->failed_logins >= 3) {
Session::flash('error', trans('texts.invalid_credentials'));
return redirect()->to('login');
}
$response = self::postLogin($request);
if (Auth::check()) {
Event::fire(new UserLoggedIn());
$users = false;
// we're linking a new account
if ($userId && Auth::user()->id != $userId) {
$users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);
Session::flash('warning', trans('texts.associated_accounts'));
// check if other accounts are linked
} else {
$users = $this->accountRepo->loadAccounts(Auth::user()->id);
}
Session::put(SESSION_USER_ACCOUNTS, $users);
if ($request->create_token) {
if (!env(API_SECRET) || $request->api_secret !== env(API_SECRET)) {
return 'Invalid secret';
}
return $this->accountRepo->createToken($request->token_name);
}
} elseif ($user) {
$user->failed_logins = $user->failed_logins + 1;
$user->save();
}
return $response;
}
protected function login($instance)
{
if ($instance->getEmail()) {
$user = User::where('email', $instance->getEmail());
} else {
return view('site.login', ['msg' => 'The email address you used is not public. please try another login method']);
}
if ($user->exists()) {
$user = $user->first();
$updateUser = User::where('id', $user->id)->update(['image' => $instance->getAvatar()]);
if (Auth::loginUsingId($user->id)) {
return true;
}
} else {
$pwd = explode('@', $instance->getEmail());
$pwd = Hash::make($pwd[0] . uniqid());
$newUser = new User();
$newUser->name = $instance->getName();
$newUser->email = $instance->getEmail();
$newUser->image = $instance->getAvatar();
$newUser->password = $pwd;
$newUser->status = 0;
$newUser->role = 'user';
if ($newUser->save()) {
Event::fire(new NewUserEvent($newUser));
if (Auth::loginUsingId($newUser->id)) {
return true;
}
}
}
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Validator::extend('hashed', function ($attribute, $value, $parameters) {
// If we're already logged in
if (Auth::check()) {
$user = Auth::user();
} else {
// Otherwise, try to get the username from form input
$user = User::where('name', Input::get('name'))->get();
if (!$user->count()) {
return false;
}
$user = $user[0];
}
if (Hash::check($value, $user->password)) {
return true;
}
return false;
});
Validator::extend('time', function ($attribute, $value, $parameters) {
$value = trim($value);
// Check against 12 hour time (with AM/PM) or 24 hour time
$twelve = date_parse_from_format('h:i a', $value);
$twentyfour = date_parse_from_format('H:i', $value);
if ($twelve['error_count'] === 0 || $twentyfour['error_count'] === 0) {
return true;
}
return false;
});
}
/**
* @return \Illuminate\Routing\Route|null|string
*/
public function ingnoreId()
{
$id = $this->route('user');
$name = $this->input('name');
$email = $this->input('email');
return User::where(compact('id', 'name', 'email'))->exists() ? $id : '';
}
public function show($id)
{
if (is_numeric($id)) {
$user = User::find($id);
} else {
$user = User::where('username', $id)->orWhere('username_clean', $id)->first();
}
if ($user === null || !$user->hasProfile()) {
abort(404);
}
if ($user->userPage !== null) {
$userPage = ['html' => $user->userPage->bodyHTML, 'raw' => $user->userPage->bodyRaw];
} else {
$userPage = ['html' => '', 'raw' => ''];
}
$allStats = [];
foreach ($user->statisticsAll() as $mode => $stats) {
$allStats[$mode] = fractal_item_array($stats, new UserStatisticsTransformer());
}
$recentAchievements = fractal_collection_array($user->achievements()->with('achievement')->orderBy('date', 'desc')->limit(8)->get(), new UserAchievementTransformer());
$recentActivities = fractal_collection_array($user->events()->recent()->get(), new EventTransformer());
$recentlyReceivedKudosu = fractal_collection_array($user->receivedKudosu()->withPost()->with('post', 'post.topic', 'giver')->orderBy('exchange_id', 'desc')->limit(15)->get(), new KudosuHistoryTransformer());
$userArray = fractal_item_array($user, new UserTransformer());
return view('users.show', compact('user', 'mode', 'allStats', 'userPage', 'userArray', 'recentAchievements', 'recentActivities', 'recentlyReceivedKudosu'));
}
/**
* Returns logged in user.
*
* @return App\Models\User
*/
public function user()
{
if ($this->regenerateCookie) {
$this->user = User::where('cookie', \Session::get('user_cookie'))->first();
}
return $this->user;
}
protected function login($instance)
{
$user = User::where('email', $instance->getEmail());
if ($user->exists()) {
$user = $user->first();
$updateUser = User::where('id', $user->id)->update(['image' => $instance->getAvatar()]);
if (Auth::loginUsingId($user->id)) {
return true;
}
} else {
$pwd = explode('@', $instance->getEmail());
$pwd = Hash::make($pwd[0] . uniqid());
$newUser = new User();
$newUser->name = $instance->getName();
$newUser->email = $instance->getEmail();
$newUser->image = $instance->getAvatar();
$newUser->password = $pwd;
$newUser->status = 0;
$newUser->role = 'user';
if ($newUser->save()) {
if (Auth::loginUsingId($newUser->id)) {
return true;
}
}
}
}
public function getStarted()
{
if (Auth::check()) {
return Redirect::to('invoices/create');
}
if (!Utils::isNinja() && !Utils::allowNewAccounts() && Account::count() > 0) {
return Redirect::to('/login');
}
$user = false;
$guestKey = Input::get('guest_key');
if ($guestKey) {
$user = User::where('password', '=', $guestKey)->first();
if ($user && $user->registered) {
return Redirect::to('/');
}
}
if (!$user) {
$account = $this->accountRepo->create();
$user = $account->users()->first();
Session::forget(RECENTLY_VIEWED);
}
Auth::login($user, true);
Event::fire(new UserLoggedIn());
return Redirect::to('invoices/create')->with('sign_up', Input::get('sign_up'));
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$adminRole = new Role();
$adminRole->name = 'admin';
$adminRole->display_name = 'Admin';
$adminRole->description = 'Admin for backend';
$adminRole->is_admin = 1;
$adminRole->save();
$userRole = new Role();
$userRole->name = 'user';
$userRole->display_name = 'User';
$userRole->description = 'user for backend';
$userRole->is_admin = 0;
$userRole->save();
$admin = User::where('email', '*****@*****.**')->first();
$assRoleAdmin = new AssignedRole();
$assRoleAdmin->user_id = $admin->id;
$assRoleAdmin->role_id = $adminRole->id;
$assRoleAdmin->save();
$user = User::where('email', '*****@*****.**')->first();
$assRoleUser = new AssignedRole();
$assRoleUser->user_id = $user->id;
$assRoleUser->role_id = $userRole->id;
$assRoleAdmin->save();
}
public function handleToken($request, $response, $args)
{
$tokenStr = $args['token'];
$password = $request->getParam('password');
// check token
$token = PasswordReset::where('token', $tokenStr)->first();
if ($token == null || $token->expire_time < time()) {
$rs['ret'] = 0;
$rs['msg'] = '链接已经失效,请重新获取';
return $response->getBody()->write(json_encode($rs));
}
$user = User::where('email', $token->email)->first();
if ($user == null) {
$rs['ret'] = 0;
$rs['msg'] = '链接已经失效,请重新获取';
return $response->getBody()->write(json_encode($rs));
}
// reset password
$hashPassword = Hash::passwordHash($password);
$user->pass = $hashPassword;
if (!$user->save()) {
$rs['ret'] = 0;
$rs['msg'] = '重置失败,请重试';
return $response->getBody()->write(json_encode($rs));
}
$rs['ret'] = 1;
$rs['msg'] = '重置成功';
return $response->getBody()->write(json_encode($rs));
}
/**
* validate friend request and connect user to logged in account
*
* @return json array
*/
public function connect()
{
$data = [];
$email = Input::get('email');
//get auth user
$my_id = Auth::id();
//get user by email
$friend = User::where('email', '=', $email)->first();
if (count($friend)) {
$current_friends = User::find($my_id)->friends;
if (!$current_friends->contains($friend->id)) {
//save friendship
$new_friend = new Friend();
$new_friend->user_id = $my_id;
$new_friend->my_friend = $friend->id;
$new_friend->save();
}
$data['status'] = 1;
$data['friends'] = User::find($my_id)->friends;
$data['most_recent'] = $friend->id;
} else {
$data['status'] = 0;
$data['message'] = "Error: Email not found";
}
return $data;
}
public function isLoggedIn($user)
{
$errorMessage = "Failed to assert that user {$user->id} is logged in.";
$this->assertTrue(auth()->check(), $errorMessage);
$this->assertEquals(auth()->user()->id, User::where('email', $user->email)->first()->id, $errorMessage);
return true;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (is_null($request->username) || User::where('username', '=', $request->username)->exists()) {
return $next($request);
}
return redirect()->action('UserController@getUser');
}
public function handleLogin()
{
$rules = ['email' => 'required|email', 'password' => 'required'];
$errors = $this->validate($rules);
if (sizeof($errors) > 0) {
$html = $this->blade->with('session', $this->session)->withTemplate('login')->render();
$new_html = $this->repopulateForm($html, $errors, $this->request->getParameters());
return $this->response->setContent($new_html);
} else {
// try logging in
$okay = true;
$email = $this->request->getParameter('email');
$password = $this->request->getParameter('password');
//look up the user
$user = User::where('email', '=', $email)->first();
if ($user != null) {
// validate credentials
if (!password_verify($password, $user->password)) {
$okay = false;
}
} else {
$okay = false;
}
if ($okay) {
$this->session->put('user', $user);
return $this->response->redirect("/");
} else {
$this->session->put('errorMsg', 'Invalid Login!');
$flash = new FlashMessages();
$flash->error('Invalid Login');
$template = $this->blade->with('flash', $flash)->withTemplate("login")->render();
return $this->response->setContent($template);
}
}
}
public function postLoginWrapper(Request $request)
{
$userId = Auth::check() ? Auth::user()->id : null;
$user = User::where('email', '=', $request->input('email'))->first();
if ($user && $user->failed_logins >= 3) {
Session::flash('error', 'These credentials do not match our records.');
return redirect()->to('login');
}
$response = self::postLogin($request);
if (Auth::check()) {
Event::fire(new UserLoggedIn());
$users = false;
// we're linking a new account
if ($userId && Auth::user()->id != $userId) {
$users = $this->accountRepo->associateAccounts($userId, Auth::user()->id);
Session::flash('message', trans('texts.associated_accounts'));
// check if other accounts are linked
} else {
$users = $this->accountRepo->loadAccounts(Auth::user()->id);
}
Session::put(SESSION_USER_ACCOUNTS, $users);
} elseif ($user) {
$user->failed_logins = $user->failed_logins + 1;
$user->save();
}
return $response;
}
public function activate($email, $confirmationCode)
{
$this->actionsLog->checkIsLimitOverByIP('activate_account');
/** @var User $user */
$user = User::where(['email' => $email])->first();
if (empty($user)) {
Auth::logout();
$this->actionsLog->addActionLog('activate_account', $user, true);
throw new EmailNotFoundException();
}
$this->actionsLog->checkIsLimitOverByUser('activate_account', $user);
$user->userInfo;
if (empty($user->userInfo) || $user->userInfo->confirmation_code !== $confirmationCode) {
Auth::logout();
$this->actionsLog->addActionLog('activate_account', $user, true);
throw new InvalidConfirmationCodeException();
}
$loggedInUser = Auth::user();
if (!empty($loggedInUser) && $loggedInUser->email !== $user->email) {
Auth::logout();
}
if (!$user->isWaitingForConfirmation()) {
throw new AlreadyConfirmedException();
}
DB::transaction(function () use($user) {
$this->markUserActive($user);
$this->updateUserConfirmationInfo($user);
$this->actionsLog->addActionLog('activate_account', $user, false);
});
}
/**
* Handle a POST request to remind a user of their password.
*
* @return Response
*/
public function postConfirmation()
{
// 3 error cases - user already confirmed, email does not exist, password not correct
// (prevents people from brute-forcing email addresses to see who is registered)
$email = Input::get('email');
$password = Input::get('password');
$user = User::where('email', $email)->first();
if (!isset($user)) {
return Response::json($this->growlMessage('That email does not exist.', 'error'), 400);
}
if (empty($user->token)) {
return Response::json($this->growlMessage('That user was already confirmed.', 'error'), 400);
}
if (!Hash::check($password, $user->password)) {
return Response::json($this->growlMessage('The password for that email is incorrect.', 'error'), 400);
}
$token = $user->token;
$email = $user->email;
$fname = $user->fname;
//Send email to user for email account verification
Mail::queue('email.signup', array('token' => $token), function ($message) use($email, $fname) {
$message->subject('Welcome to the Madison Community');
$message->from('*****@*****.**', 'Madison');
$message->to($email);
});
return Response::json($this->growlMessage('An email has been sent to your email address. Please follow the instructions in the email to confirm your email address before logging in.', 'warning'));
}
public function store(Request $request)
{
$userPlayers = new UserPlayers();
//$team->where('team_name', $request->team_name)->first()->contract_id;
$playerContractId = Contracts::where('player_id', $request->player_id)->select('contract_id')->first()->contract_id;
$playerClubId = Contracts::where('player_id', $request->player_id)->select('club_id')->first()->club_id;
$countPlayers = $userPlayers->join('fantasy_contracts', 'fantasy_user_players.id', '=', 'fantasy_contracts.player_id')->join('fantasy_club', 'fantasy_contracts.club_id', '=', 'fantasy_club.club_id')->where('user_id', $request->user()->id)->where('fantasy_club.club_id', $playerClubId)->count();
$config = Config::select()->first();
if ($userPlayers->where('user_id', $request->user()->id)->where('id', $playerContractId)->first()) {
$error = "havePlayer";
} elseif (!($countPlayers < $config->same_team_player)) {
$error = "playerLimit";
} elseif ($request->user()->credits - Players::where('player_id', $request->player_id)->select('price')->first()->price <= 0) {
$error = "noCredits";
} else {
User::where('id', $request->user()->id)->update(['credits' => $request->user()->credits - Players::where('player_id', $request->player_id)->select('price')->first()->price]);
$userPlayers->team_id = $request->user()->team->team_id;
$userPlayers->user_id = $request->user()->id;
$userPlayers->id = $playerContractId;
$userPlayers->save();
return redirect()->back();
}
//return new RedirectResponse(url('add_player_in_team'));
return redirect()->back()->with('error', trans('front/site.' . $error));
}
public function getStarted()
{
$user = false;
$guestKey = Input::get('guest_key');
// local storage key to login until registered
$prevUserId = Session::pull(PREV_USER_ID);
// last user id used to link to new account
if (Auth::check()) {
return Redirect::to('invoices/create');
}
if (!Utils::isNinja() && (Account::count() > 0 && !$prevUserId)) {
return Redirect::to('/login');
}
if ($guestKey && !$prevUserId) {
$user = User::where('password', '=', $guestKey)->first();
if ($user && $user->registered) {
return Redirect::to('/');
}
}
if (!$user) {
$account = $this->accountRepo->create();
$user = $account->users()->first();
Session::forget(RECENTLY_VIEWED);
if ($prevUserId) {
$users = $this->accountRepo->associateAccounts($user->id, $prevUserId);
Session::put(SESSION_USER_ACCOUNTS, $users);
}
}
Auth::login($user, true);
event(new UserLoggedIn());
$redirectTo = Input::get('redirect_to') ?: 'invoices/create';
return Redirect::to($redirectTo)->with('sign_up', Input::get('sign_up'));
}
private function check_email($request)
{
$email = $request->email;
$user = User::where('email', $email)->first();
$info['ok'] = $user ? false : true;
return $info;
}
