/**
* @param View $view
*/
public function compose(View $view)
{
$view->with('currentUser', $this->sentinel->getUser());
$view->with('mode', array_get($view->getData(), 'mode', ''));
$view->with('breadcrumbs', config('shapeshifter.breadcrumbs') ? $this->breadcrumbService->breadcrumbs() : []);
$view->with('menu', $this->menuService->generateMenu());
}
/**
* @param string $context
* @param SecurityContextConfiguration $configuration
* @return Security
*/
public function create($context, SecurityContextConfiguration $configuration)
{
$persistences = $this->repositories->createPersistenceRepository($context);
$roles = $this->repositories->createRoleRepository($context);
$users = $this->repositories->createUserRepository($context, $persistences, $roles);
$sentinel = new Sentinel($persistences, $users, $roles, $this->repositories->createActivationRepository($context), $this->container->make(Dispatcher::class));
foreach ($configuration->listCheckpoints() as $key => $checkpoint) {
$sentinel->addCheckpoint($key, $this->makeCheckpoint($checkpoint, $configuration));
}
$sentinel->setReminderRepository($this->repositories->createReminderRepository($context, $users));
$sentinel->setRequestCredentials(function () {
$request = $this->container->make('request');
$login = $request->getUser();
$password = $request->getPassword();
if ($login === null && $password === null) {
return;
}
return compact('login', 'password');
});
$sentinel->creatingBasicResponse(function () {
$headers = ['WWW-Authenticate' => 'Basic'];
return new Response('Invalid credentials.', 401, $headers);
});
$security = new Security($sentinel, $this->repositories->createPermissionRepository($context));
$this->bindUrlGenerator($security);
$security->setLoginRoute($configuration->getLoginRoute());
return $security;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
app('alerts')->error(trans('message.not_logged_in'));
return redirect()->guest('login');
}
}
return $next($request);
}
public function getLogout()
{
try {
if (!!($user = $this->sentinel->check())) {
$this->setResponseData($this->sentinel->logout(null, true));
} else {
throw new \Exception("Can't get current user");
}
} catch (\Exception $e) {
$this->setErrorData($e->getMessage());
}
return $this->responseJson();
}
public function postRemoveCustomDataById(Request $request)
{
try {
$data = $this->getRequestData($request);
if (!!($user = $this->sentinel->check())) {
$this->setResponseData($this->userCustomerDataModel->removeCustomDataById($data['id'], $user));
} else {
throw new \Exception("Can't get current user");
}
} catch (\Exception $e) {
$this->setErrorData($e->getMessage());
}
return $this->responseJson();
}
/**
* Creates a sentinel instance.
*
* @return \Cartalyst\Sentinel\Sentinel
*/
public function createSentinel()
{
$persistence = $this->createPersistence();
$users = $this->createUsers();
$roles = $this->createRoles();
$activations = $this->createActivations();
$dispatcher = $this->getEventDispatcher();
$sentinel = new Sentinel($persistence, $users, $roles, $activations, $dispatcher);
$ipAddress = $this->getIpAddress();
$checkpoints = $this->createCheckpoints($activations, $ipAddress);
foreach ($checkpoints as $key => $checkpoint) {
$sentinel->addCheckpoint($key, $checkpoint);
}
$reminders = $this->createReminders($users);
$sentinel->setActivationRepository($activations);
$sentinel->setReminderRepository($reminders);
return $sentinel;
}
/**
* {@inheritDoc}
*/
public function create(array $data, $validate = true)
{
$this->rules = ['slug' => 'required|alpha_dash|unique:roles', 'name' => 'required|alpha_dash|unique:roles'];
if ($validate) {
$this->validate($data);
}
// Convert the checkbox values of "1" to true, so permission checking works with Sentinel.
if (isset($data['permissions'])) {
foreach ($data['permissions'] as $permission => $value) {
$data['permissions'][$permission] = true;
}
}
try {
$role = $this->sentinel->getRoleRepository()->createModel()->create($data);
} catch (QueryException $e) {
throw new RolesException(trans('dashboard::dashboard.errors.role.create'));
}
return $role;
}
/**
* @return mixed
*/
public function postLogin()
{
/*
* Login Facebook
* Người dùng login bằng javascriptSDK sau đó sẽ gửi short token-key lên server.
* Server sẽ dùng short token-key này để lấy long-lived token-key
* Tiếp tục dùng long-lived token key để lấy thông tin của người dùng: id-facebook + email + name....
* Kiểm tra người dùng trên hệ thống. Lưu ý đây là người dùng facebook. Sẽ link sang user-sentinel bằng user_id.
* Nếu người dùng chưa tồn tại trên hệ thống thì sẽ tạo 1 user mới để đăng nhập. User này do sentinel quản lý. Email/pass word do mình tự generate ra.
* Nếu người dùng tồn tại trên hệ thống rồi => lấy user-sentinel => login-sentinel
*/
try {
$token = $this->laravelFacebookSdk->getJavaScriptHelper()->getAccessToken();
if (!$token) {
// User hasn't logged in using the JS SDK yet
$this->setErrorData('not_authorized');
} else {
// Get long-lived access token
$longLiveAccessToken = $this->facebookHelper->extendToken($token);
// Use long-lived access token above to get UserData
$facebookUser = $this->facebookHelper->getSocialUserByLongLivedAccessToken($longLiveAccessToken);
// Check current facebook user existed in user database
$userSentinel = $this->facebookUser->isFacebookUserExisted($facebookUser);
if (!$userSentinel) {
$credentials = $facebookUser->toArray();
$credentials['password'] = md5(microtime());
/** @var \Modules\IzCustomer\Entities\User $userSentinel */
$userSentinel = $this->sentinel->registerAndActivate($credentials);
// update relationship
$userSentinel->facebook()->save($facebookUser);
}
// Login and remember to sentinel
$this->sentinel->loginAndRemember($userSentinel);
// set output
$this->setResponseData($userSentinel->toArray());
}
} catch (FacebookSDKException $e) {
$this->setResponseCode(400);
$this->setErrorData($e->getMessage());
}
return $this->responseJson();
}
/**
* {@inheritDoc}
*/
public function updatePassword(array $data, $validate = true)
{
$user = $this->auth->authenticate($data);
$this->rules = ['new_password' => 'required|confirmed', 'new_password_confirmation' => 'required'];
if ($validate) {
$this->validate($data);
}
$updatedData = ['password' => $data['new_password']];
$this->sentinel->update($user, $updatedData);
return;
}
/** @test */
public function authenticate_with_oauth1_with_unlinked_non_existent_user()
{
$manager = $this->mockManager('make');
$user = m::mock('Cartalyst\\Sentinel\\Users\\UserInterface');
$manager->shouldReceive('make')->with('foo', 'http://example.com/callback')->once()->andReturn($provider = m::mock('League\\OAuth1\\Client\\Server\\Server'));
// Request proxy
$this->requestProvider->shouldReceive('getOAuth1TemporaryCredentialsIdentifier')->once()->andReturn('identifier');
$this->requestProvider->shouldReceive('getOAuth1Verifier')->once()->andReturn('verifier');
// Mock retrieving credentials from the underlying package
$this->session->shouldReceive('get')->andReturn($temporaryCredentials = m::mock('League\\OAuth1\\Client\\Credentials\\TemporaryCredentials'));
$provider->shouldReceive('getTokenCredentials')->with($temporaryCredentials, 'identifier', 'verifier')->once()->andReturn($tokenCredentials = m::mock('League\\OAuth1\\Client\\Credentials\\TokenCredentials'));
// Unique ID
$provider->shouldReceive('getUserUid')->once()->andReturn(789);
// Finding an appropriate link
$this->linkRepository->shouldReceive('findLink')->with('foo', 789)->once()->andReturn($link = m::mock('Cartalyst\\Sentinel\\Addons\\Social\\Models\\LinkInterface'));
$link->shouldReceive('storeToken')->with($tokenCredentials)->once();
$this->sentinel->shouldReceive('getUser')->once();
$link->shouldReceive('getUser')->once();
$link->shouldReceive('getUser')->once()->andReturn($user);
$link->shouldReceive('setUser')->with($user)->once();
$provider->shouldReceive('getUserEmail')->once()->andReturn('*****@*****.**');
$this->sentinel->shouldReceive('findByCredentials')->with(['login' => '*****@*****.**'])->once();
$this->sentinel->shouldReceive('getUserRepository')->once()->andReturn($users = m::mock('Cartalyst\\Sentinel\\Users\\UserRepositoryInterface'));
$users->shouldReceive('createModel')->once()->andReturn($user);
$provider->shouldReceive('getUserScreenName')->once()->andReturn(['Ben', 'Corlett']);
$this->sentinel->shouldReceive('registerAndActivate')->once()->andReturn($user);
$this->sentinel->shouldReceive('authenticate')->with($user, true)->once()->andReturn($user);
$manager->registering(function ($link, $provider, $token, $slug) {
$_SERVER['__sentinel_social_registering'] = true;
});
$manager->registered(function ($link, $provider, $token, $slug) {
$_SERVER['__sentinel_social_registered'] = true;
});
$user = $manager->authenticate('foo', 'http://example.com/callback', function () {
$_SERVER['__sentinel_social_linking'] = func_get_args();
}, true);
$this->assertTrue(isset($_SERVER['__sentinel_social_registering']));
$this->assertTrue(isset($_SERVER['__sentinel_social_registered']));
$this->assertTrue(isset($_SERVER['__sentinel_social_linking']));
$eventArgs = $_SERVER['__sentinel_social_linking'];
unset($_SERVER['__sentinel_social_registering']);
unset($_SERVER['__sentinel_social_registered']);
unset($_SERVER['__sentinel_social_linking']);
$this->assertCount(4, $eventArgs);
list($_link, $_provider, $_tokenCredentials, $_slug) = $eventArgs;
$this->assertEquals($link, $_link);
$this->assertEquals($provider, $_provider);
$this->assertEquals($tokenCredentials, $_tokenCredentials);
$this->assertEquals('foo', $_slug);
}
/**
* Returns the activations repository.
*
* @return ActivationRepository
*/
public function activations()
{
return $this->sentinel->getActivationRepository();
}
/**
* Get the currently authenticated user.
*
* @return \Cartalyst\Sentinel\Users\UserInterface
*/
public function user()
{
return $this->sentinel->getUser();
}
/**
* @param $route
*
* @return bool
*/
private function hasAccessToRoute($route)
{
return !config('shapeshifter.menu_strict_auth_checking') || $route === null || $this->auth->getUser()->hasAnyAccess($route, 'superuser');
}
/**
* Disables the event dispatcher.
*
* @return $this
* @static
*/
public static function disableDispatcher()
{
return \Cartalyst\Sentinel\Sentinel::disableDispatcher();
}
/**
* Creates a default links repository if none has been specified.
*
* @return \Cartalyst\Sentinel\Addons\Social\Repositories\LinkRepository
*/
protected function createLinksRepository()
{
$model = 'Cartalyst\\Sentinel\\Addons\\Social\\Models\\Link';
$users = $this->sentinel->getUserRepository();
return new LinkRepository($users, $model);
}
/**
* Registers sentinel.
*
* @return void
*/
protected function registerSentinel()
{
$this->app->singleton('sentinel', function ($app) {
$sentinel = new Sentinel($app['sentinel.persistence'], $app['sentinel.users'], $app['sentinel.roles'], $app['sentinel.activations'], $app['events']);
if (isset($app['sentinel.checkpoints'])) {
foreach ($app['sentinel.checkpoints'] as $key => $checkpoint) {
$sentinel->addCheckpoint($key, $checkpoint);
}
}
$sentinel->setActivationRepository($app['sentinel.activations']);
$sentinel->setReminderRepository($app['sentinel.reminders']);
$sentinel->setRequestCredentials(function () use($app) {
$request = $app['request'];
$login = $request->getUser();
$password = $request->getPassword();
if ($login === null && $password === null) {
return;
}
return compact('login', 'password');
});
$sentinel->creatingBasicResponse(function () {
$headers = ['WWW-Authenticate' => 'Basic'];
return new Response('Invalid credentials.', 401, $headers);
});
return $sentinel;
});
$this->app->alias('sentinel', 'Cartalyst\\Sentinel\\Sentinel');
}
/**
* Logs the given user into Sentinel.
*
* @param \Cartalyst\Sentinel\Users\UserInterface $user
* @param bool $remember
* @return void
*/
protected function login(UserInterface $user, $remember = false)
{
return $this->sentinel->authenticate($user, $remember);
}
/**
* Get value from the user to be saved as the author.
*
* @return string|null
*/
protected function getUserFieldValue()
{
if ($user = $this->provider->getUser()) {
return ($field = $this->field) ? (string) $user->{$field} : $user->getLogin();
}
}
/**
* {@inheritDoc}
*/
public function logout()
{
return $this->sentinel->logout();
}
/**
* Constructor.
*
* @param \Cartalyst\Sentinel\Sentinel $sentinel
* @return void
*/
public function __construct(Sentinel $sentinel)
{
$this->user = $sentinel->getUser();
}
/**
* Constructor.
*
* @param \Cartalyst\Cart\Cart $cart
* @param \Cartalyst\Sentinel\Sentinel $sentinel
* @return void
*/
public function __construct(Cart $cart, Sentinel $sentinel)
{
$this->cart = $cart;
$this->wishlist = app('wishlist');
$this->user = $sentinel->getUser();
}