/** * Create a new user instance after a valid registration. * * @param array $data * @return User */ protected function create(array $request) { $data = $request->all(); //Demographic Insert /* Demographic details captured below are the only values that are nessary for users, customer demographics will use the same table however more details will be required on the post array. */ $demo = new Demographic(); $demo->email = $data['email']; $demo->first_name = $data['name']; $demo->last_name = $data['usr_surname']; $demo->title_id = $data['usr_title']; $demo->d_active = 1; $demo->date = Carbon::now(); $demo->save(); //Password Insert /* Password input in Database must be salted there after the password must be stored in a separate password table so the password history can be maintained. */ $pass = new Password(); $random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true)); $password = hash('sha512', $data['p'] . $random_salt); $pass->password = $password; $pass->p_active = '1'; $pass->p_date = Carbon::now(); $pass->save(); //Salt Insert /* Random Salt must be saved in database so that the password can be un-salted and compared to the user's password captured upon login. */ $salt = new Salt(); $salt->salt = $random_salt; $salt->save(); //Creat Login and Associate to Demo/Pass/Salt /* Only once the required associated data is captured can a login be created. It is important to maintain an environment that can be scaled out, we're doing this by maintaining high levels of normalization. */ $login = new Login(); $login->login = $data['email']; $login->p_id = $pass->p_id; $login->s_id = $salt->s_id; $login->r_id = $data['usr_role']; $login->d_id = $demo->d_id; $login->usr_active = 0; $successfull = $login->save(); //Get Security Control Key /* This function always certain security keys to be retireved from the database and used in functions/arguments here. */ //Set Email verification key /* To ensure that we are not spammed, we will need to only allow users/customer whom have a verified email address to login, therefore until the user verifies their email address their login will not be active. */ $email = new verify_emailaddress(); $email->key = md5('3m@!l01' . time()); $email->key_active = 1; $email->d_id = $demo->d_id; $email->save(); //Open Route upon success/fail /* The below opens the route depending on the outcome of the registration login model save. */ if (!$successfull) { return redirect('signup_failed'); } else { return redirect('signup_success'); } }
/** * login a user with username and password * * @param string $username * @param string $password * @param bool|false $remember * @return mixed */ protected function entry($username, $password, $remember = false) { return Login::login($username, Crypt::encode($password), $remember); }