/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$Referer = $request->getHeader('Referer');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = FigResponseCookies::set($response, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/'));
$response = $this->rememberer->remember($response, $token);
} elseif ($response->getStatusCode() === 401) {
$responseNew = $this->apiClient->send(PingxxTokenController::class, $actor, [], $params);
if ($responseNew->getStatusCode() === 200) {
$data = json_decode($responseNew->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$responseNew = FigResponseCookies::set($responseNew, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/')->withDomain('dashboard.pingxx.com'));
$responseNew = $this->rememberer->remember($responseNew, $token);
return $responseNew;
} else {
return $response;
}
}
return $response;
}
public function make(Request $request, array $identification, array $suggestions = [])
{
if (isset($suggestions['username'])) {
$suggestions['username'] = $this->sanitizeUsername($suggestions['username']);
}
$user = User::where($identification)->first();
$payload = $this->getPayload($identification, $suggestions, $user);
$response = $this->getResponse($payload);
if ($user) {
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
$response = $this->rememberer->rememberUser($response, $user->id);
}
return $response;
}
/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = $this->rememberer->remember($response, $token);
}
return $response;
}
/**
* @param Request $request
* @return JsonResponse
*/
public function handle(Request $request)
{
$controller = 'Flarum\\Api\\Controller\\CreateUserController';
$actor = $request->getAttribute('actor');
$body = ['data' => ['attributes' => $request->getParsedBody()]];
$response = $this->api->send($controller, $actor, [], $body);
$body = json_decode($response->getBody());
if (isset($body->data)) {
$userId = $body->data->id;
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $userId);
$response = $this->rememberer->rememberUser($response, $userId);
}
return $response;
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
* @throws TokenMismatchException
*/
public function handle(Request $request)
{
$session = $request->getAttribute('session');
$response = new RedirectResponse($this->app->url());
if ($user = User::find($session->get('user_id'))) {
if (array_get($request->getQueryParams(), 'token') !== $session->get('csrf_token')) {
throw new TokenMismatchException();
}
$this->authenticator->logOut($session);
$user->accessTokens()->delete();
$this->events->fire(new UserLoggedOut($user));
$response = $this->rememberer->forget($response);
}
return $response;
}
/**
* @param Request $request
* @throws SingleSOException
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function createCodeResponse(Request $request)
{
$session = $request->getAttribute('session');
// Load settings or fail.
$authSettings = SingleSO::settingsAuth($this->settings, true);
// Get parameters.
$params = $request->getQueryParams();
$code = array_get($params, 'code');
$state = array_get($params, 'state');
// Get the state from the URL or fail.
if (!$state) {
throw new SingleSOException(['No state parameter supplied.']);
}
// Check the state against the session and remove or throw.
$stateData = $this->sessionStateValid($session, $state);
$this->sessionStateRemove($session);
// Get user info from supplied token.
$userInfo = SingleSO::getOauthUserInfo($authSettings['endpoint_url'], ['code' => $code, 'client_id' => $authSettings['client_id'], 'client_secret' => $authSettings['client_secret'], 'redirect_uri' => $this->getRedirectURI()], $authSettings['endpoint_ip_forced'] ? $authSettings['endpoint_ip_forced'] : null);
// Ensure a user for the info.
$actor = $request->getAttribute('actor');
$user = SingleSO::ensureUser($userInfo, $this->events, $actor);
// Create the redirect response, with redirect from state if set.
$response = new RedirectResponse($this->expandRedirect($stateData));
// Authenticate user on the current session.
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
// Generate remember me token (3600 is the time Flarum uses).
$token = AccessToken::generate($user->id, 3600);
$token->save();
// Trigger the login event.
$this->events->fire(new UserLoggedIn($user, $token));
// Attach the token as a remember me cookie unless using auto-login.
// If using auto-login, let the auth server handled remembering.
if (!$authSettings['global_cookie']) {
$response = $this->rememberer->remember($response, $token);
}
// Return the redirect response.
return $response;
}
