public function signin_onSubmit()
{
$rules = ['login' => 'required|min:2|max:32', 'password' => 'required|min:2'];
$validation = Validator::make(post(), $rules);
if ($validation->fails()) {
throw new ValidationException($validation);
}
// Authenticate user
$user = BackendAuth::authenticate(['login' => post('login'), 'password' => post('password')], true);
// Load version updates
UpdateManager::instance()->update();
// Log the sign in event
AccessLog::add($user);
// User cannot access the dashboard
if (!$user->hasAccess('backend.access_dashboard')) {
$true = function () {
return true;
};
if ($first = array_first(BackendMenu::listMainMenuItems(), $true)) {
return Redirect::intended($first->url);
}
}
// Redirect to the intended page after successful sign in
return Redirect::intended(Backend::url('backend'));
}
public function signin_onSubmit()
{
$rules = ['login' => 'required|min:2|max:32', 'password' => 'required|min:2'];
$validation = Validator::make(post(), $rules);
if ($validation->fails()) {
throw new ValidationException($validation);
}
// Authenticate user
$user = BackendAuth::authenticate(['login' => post('login'), 'password' => post('password')], true);
// Load version updates
UpdateManager::instance()->update();
// Log the sign in event
AccessLog::add($user);
// Redirect to the intended page after successful sign in
return Backend::redirectIntended('backend');
}
protected function loadData()
{
$this->vars['user'] = $user = BackendAuth::getUser();
$this->vars['appName'] = BrandSetting::get('app_name');
$this->vars['lastSeen'] = AccessLog::getRecent($user);
}
public function index()
{
# CHECK SETTINGS ARE DEFINED
$this->checkSettings(['google_client_id', 'google_client_secret']);
# CREATE GOOGLE CLIENT
$client = new Google_Client();
$client->setClientId(Settings::get('google_client_id'));
$client->setClientSecret(Settings::get('google_client_secret'));
$client->setRedirectUri(Backend::url('martin/ssologin/google'));
$client->setScopes('email');
# HANDLE LOGOUTS
if (Input::has('logout')) {
Session::forget('access_token');
return;
}
# AUTHENTICATE GOOGLE USER
if (Input::has('code')) {
$client->authenticate(Input::get('code'));
Session::put('access_token', $client->getAccessToken());
}
# SET ACCESS TOKEN OR GET A NEW ONE
if (Session::has('access_token')) {
$client->setAccessToken(Session::get('access_token'));
} else {
$authUrl = $client->createAuthUrl();
// Redirect::to() doesn't work here. Send header manually.
header("Location: {$authUrl}");
exit;
}
# PARSE USER DETAILS
if ($client->getAccessToken()) {
Session::put('access_token', $client->getAccessToken());
$token_data = $client->verifyIdToken();
}
# FORGET ACCESS TOKEN
Session::forget('access_token');
# CHECK MAIL EXISTS
if (!isset($token_data['email'])) {
# RECORD FAILED LOGIN
$log = new Log();
$log->provider = 'Google';
$log->result = 'failed';
$log->email = $email;
$log->ip = Request::getClientIp();
$log->save();
Flash::error(trans('martin.ssologin::lang.errors.google.invalid_user'));
return Backend::redirect('backend/auth/signin');
}
# FIND USER BY EMAIL
$email = $token_data['email'];
$user = User::where('email', $email)->first();
# IF NO USER, GET BACK TO LOGIN SCREEN
if (!$user) {
# RECORD FAILED LOGIN
$log = new Log();
$log->provider = 'Google';
$log->result = 'failed';
$log->email = $email;
$log->ip = Request::getClientIp();
$log->save();
Flash::error(trans('martin.ssologin::lang.errors.google.invalid_user'));
return Backend::redirect('backend/auth/signin');
}
# LOGIN USER ON BACKEND
BackendAuth::login($user, true);
# RECORD SUCCESSFUL LOGIN
$log = new Log();
$log->provider = 'Google';
$log->result = 'successful';
$log->user_id = $user->id;
$log->email = $email;
$log->ip = Request::getClientIp();
$log->save();
// Load version updates
UpdateManager::instance()->update();
// Log the sign in event
AccessLog::add($user);
// Redirect to the intended page after successful sign in
return Backend::redirectIntended('backend');
}
