public function postAuth(Request $request)
{
if (AuthController::verifyCredentials(Auth::user()->email, $request->password) || Auth::user()->utwente_username && AuthController::verifyUtwenteCredentials(Auth::user()->utwente_username, $request->password)) {
$request->session()->put('passwordstore-verify', strtotime('+10 minutes'));
$request->session()->flash('flash_message', 'You can access this tool for 10 minutes.');
return Redirect::route('passwordstore::index');
} else {
$request->session()->flash('flash_message', 'Wrong password.');
return Redirect::route('passwordstore::auth');
}
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request, $id)
{
$user = User::findOrFail($id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
if (AuthController::verifyUtwenteCredentials($request->username, $request->password)) {
$user->utwente_username = $request->username;
$user->save();
$request->session()->flash('flash_message', 'We have associated your UT account ' . $user->utwente_username . ' with your Proto account.');
if (Session::get('wizard')) {
return Redirect::route('becomeamember');
}
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
$request->session()->flash('flash_message', 'Your UTwente credentials were not correct.');
return Redirect::back();
}
/**
* Store a newly created resource in storage.
* This method returns raw HTML and is intended to be used via AJAX!
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$user = AuthController::verifyCredentials($request->input('username'), $request->input('password'));
if (!$user) {
return "<span style='color: red;'>Invalid credentials.</span>";
}
if (!$user->member) {
return "<span style='color: red;'>You must be a member to use the OmNomCom.</span>";
}
$uid = $request->input('card');
$card = RfidCard::where('card_id', $uid)->first();
if ($card) {
if ($card->user->id == $user->id) {
return "<span style='color: red;'>This card is already registered to you!</span>";
} else {
return "<span style='color: red;'>This card is already registered to someone.</span>";
}
} else {
$card = RfidCard::create(['user_id' => $user->id, 'card_id' => $uid]);
$card->save();
return "<span style='color: green;'>This card has been successfully registered to " . $user->name . ".</span>";
}
}
public function buy(Request $request, $store)
{
$stores = config('omnomcom.stores');
if (array_key_exists($store, $stores)) {
$storedata = $stores[$store];
if (!in_array($request->ip(), $storedata->addresses) && !Auth::user()->can($storedata->roles)) {
return "<span style='color: red;'>You are not authorized to do this.</span>";
}
} else {
return "<span style='color: red;'>This store doesn't exist.</span>";
}
switch ($request->input('credentialtype')) {
case 'account':
$credentials = $request->input('credentials');
$user = AuthController::verifyCredentials($credentials['username'], $credentials['password']);
if (!$user) {
return "<span style='color: red;'>Invalid credentials.</span>";
}
break;
case 'card':
$card = RfidCard::where('card_id', $request->input('credentials'))->first();
if (!$card) {
return "<span style='color: red;'>Unknown card.</span>";
}
$card->touch();
$user = $card->user;
if (!$user) {
return "<span style='color: red;'>Unknown user.</span>";
}
break;
default:
return "<span style='color: red;'>Invalid credential type.</span>";
break;
}
if (!$user->member) {
return "<span style='color: red;'>Only members can use the OmNomCom.</span>";
}
$withCash = $request->input('cash');
if ($withCash == "true" && !$storedata->cash_allowed) {
return "<span style='color: red;'>You cannot use cash in this store.</span>";
}
$cart = $request->input('cart');
foreach ($cart as $id => $amount) {
if ($amount > 0) {
$product = Product::find($id);
if (!$product) {
return "<span style='color: red;'>You tried to buy a product that didn't exist!</span>";
}
if (!$product->isVisible()) {
return "<span style='color: red;'>You tried to buy a product that is not available!</span>";
}
if ($product->stock < $amount) {
return "<span style='color: red;'>You tried to buy more of a product than was in stock!</span>";
}
if ($product->is_alcoholic && $user->age() < 18) {
return "<span style='color: red;'>You tried to buy alcohol, youngster!</span>";
}
}
}
foreach ($cart as $id => $amount) {
if ($amount > 0) {
$product = Product::find($id);
$orderline = OrderLine::create(['user_id' => $withCash == "true" ? null : $user->id, 'cashier_id' => $withCash == "true" ? $user->id : null, 'product_id' => $product->id, 'original_unit_price' => $product->price, 'units' => $amount, 'total_price' => $amount * $product->price, 'payed_with_cash' => $withCash == "true" ? date('Y-m-d H:i:s') : null]);
$orderline->save();
$product->stock -= $amount;
$product->save();
}
}
return "OK";
}
public function postEmail(Request $request)
{
$user = User::where('email', $request->email)->first();
if ($user !== null) {
AuthController::dispatchPasswordEmailFor($user);
$request->session()->flash('flash_message', 'We\'ve dispatched an e-mail to you with instruction to reset your password.');
return Redirect::route('homepage');
} else {
$request->session()->flash('flash_message', 'We could not find a user with the e-mail address you entered.');
return Redirect::back();
}
}
