/**
* Handle a login request to the application.
*
* @param Request $request
* @return \Illuminate\Http\Response
*/
public function login(Request $request)
{
$this->validateLogin($request);
/*
* --------------------------------------------------------------------------
* Attempt to authenticate user
* --------------------------------------------------------------------------
* Check user availability by username or email, if user exist make sure
* the status is activated unless throwing back on confirm page if 'pending',
* then back to login page if 'suspended' and include the information within.
*/
$username = $request->input('username');
$user = Contributor::where('email', $username)->orWhere('username', $username)->first();
if (count($user)) {
if ($user->status == 'pending') {
$request->session()->flash('status', 'Please Activate Your Account');
return redirect(route('register.confirm', [$user->token]));
} else {
if ($user->status == 'suspended') {
$request->session()->flash('status', 'Your account has been suspended');
return redirect(route('login.form'));
}
}
}
/*
* --------------------------------------------------------------------------
* Protect login functionality
* --------------------------------------------------------------------------
* Count user login attempting and lockout the login response if user
* fail to login 7 times just in case hacking effort.
*/
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && ($lockedOut = $this->hasTooManyLoginAttempts($request))) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
/*
* --------------------------------------------------------------------------
* Authenticate the user
* --------------------------------------------------------------------------
* Check if user put email or just username by filtering them and choose
* what type of checking method to test the credential. Take the default
* guard (web) if credential is valid and redirect to intended page.
*/
$field = filter_var($request->input('username'), FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
$request->merge([$field => $request->input('username')]);
$credentials = $request->only($field, 'password');
if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) {
return $this->handleUserWasAuthenticated($request, $throttles);
}
/*
* --------------------------------------------------------------------------
* Counting login attempt
* --------------------------------------------------------------------------
* Check if user now throttling by attempting login in row and not locked
* out yet and then throw back to login page because credential is invalid
* or maybe user never been exist on storage before.
*/
if ($throttles && !$lockedOut) {
$this->incrementLoginAttempts($request);
}
return $this->sendFailedLoginResponse($request);
}
/**
* Store a newly created account in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function login(Request $request)
{
$user = Contributor::where('email', $request->input('username'))->orWhere('username', $request->input('username'))->first();
$respond = ['request_id' => uniqid(), 'timestamp' => Carbon::now()];
if (count($user)) {
$respond['status'] = $user->status;
if ($user->status != 'activated') {
$respond['login'] = '******';
$respond['message'] = 'The account is pending or suspended';
$respond['token'] = $user->token;
$code = 403;
} else {
$field = filter_var($request->input('username'), FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
$request->merge([$field => $request->input('username')]);
$credentials = $request->only($field, 'password');
if (Auth::attempt($credentials)) {
$contributor = new Contributor();
$user = $contributor->profile($user->username, true);
$user->article_total = $user->articles()->where('status', 'published')->count();
$user->followers_total = $user->followers()->count();
$user->following_total = $user->following()->count();
$respond['login'] = '******';
$respond['message'] = 'Credentials are valid';
$respond['user'] = $user;
$code = 200;
} else {
$respond['login'] = '******';
$respond['message'] = 'Username or password is incorrect';
$code = 401;
}
}
} else {
$respond['status'] = 'unregistered';
$respond['login'] = '******';
$respond['message'] = 'These credentials do not match our records';
$code = 403;
}
return response()->json($respond, $code);
}