public function performSignup(Request $request)
{
if (env('POLR_ALLOW_ACCT_CREATION') == false) {
return redirect(route('index'))->with('error', 'Sorry, but registration is disabled.');
}
$username = $request->input('username');
$password = $request->input('password');
$email = $request->input('email');
if (!self::checkRequiredArgs([$username, $password, $email])) {
// missing a required argument
return redirect(route('signup'))->with('error', 'Please fill in all required fields.');
}
$ip = $request->ip();
$user_exists = UserHelper::userExists($username);
$email_exists = UserHelper::emailExists($email);
if ($user_exists || $email_exists) {
// if user or email email
return redirect(route('signup'))->with('error', 'Sorry, your email or username already exists. Try again.');
}
$email_valid = UserHelper::validateEmail($email);
if ($email_valid == false) {
return redirect(route('signup'))->with('error', 'Please use a valid email to sign up.');
}
$acct_activation_needed = env('POLR_ACCT_ACTIVATION');
if ($acct_activation_needed == false) {
// if no activation is necessary
$active = 1;
$response = redirect(route('login'))->with('success', 'Thanks for signing up! You may now log in.');
} else {
// email activation is necessary
$response = redirect(route('login'))->with('success', 'Thanks for signing up! Please confirm your email to continue..');
$active = 0;
}
$api_active = false;
$api_key = null;
if (env('SETTING_AUTO_API') == 'on') {
// if automatic API key assignment is on
$api_active = 1;
$api_key = CryptoHelper::generateRandomHex(env('_API_KEY_LENGTH'));
}
$user = UserFactory::createUser($username, $email, $password, $active, $ip, $api_key, $api_active);
if ($acct_activation_needed) {
Mail::send('emails.activation', ['username' => $username, 'recovery_key' => $user->recovery_key, 'ip' => $ip], function ($m) use($user) {
$m->from(env('MAIL_FROM_ADDRESS'), env('MAIL_FROM_NAME'));
$m->to($email, $username)->subject(env('APP_NAME') . ' account activation');
});
}
return $response;
}
public static function finishSetup(Request $request)
{
// get data from cookie, decode JSON
if (!isset($_COOKIE['setup_arguments'])) {
abort(404);
}
$setup_finish_args_raw = $_COOKIE['setup_arguments'];
$setup_finish_args = json_decode($setup_finish_args_raw);
// unset cookie
setcookie('setup_arguments', '', time() - 3600);
$transaction_authorised = env('TMP_SETUP_AUTH_KEY') == $setup_finish_args->setup_auth_key;
if ($transaction_authorised != true) {
abort(403, 'Transaction unauthorised.');
}
$database_created = self::createDatabase();
if (!$database_created) {
return redirect(route('setup'))->with('error', 'Could not create database. Perhaps some credentials were incorrect?');
}
$user = UserFactory::createUser($setup_finish_args->acct_username, $setup_finish_args->acct_email, $setup_finish_args->acct_password, 1, $request->ip());
$user->role = 'admin';
$user->save();
return view('setup_thanks')->with('success', 'Set up completed! Thanks for using Polr!');
}