/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$Referer = $request->getHeader('Referer');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = FigResponseCookies::set($response, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/'));
$response = $this->rememberer->remember($response, $token);
} elseif ($response->getStatusCode() === 401) {
$responseNew = $this->apiClient->send(PingxxTokenController::class, $actor, [], $params);
if ($responseNew->getStatusCode() === 200) {
$data = json_decode($responseNew->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$responseNew = FigResponseCookies::set($responseNew, SetCookie::create("lastLoginName")->withValue($request->getParsedBody()['identification'])->withPath('/')->withDomain('dashboard.pingxx.com'));
$responseNew = $this->rememberer->remember($responseNew, $token);
return $responseNew;
} else {
return $response;
}
}
return $response;
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request)
{
try {
$token = array_get($request->getQueryParams(), 'token');
$user = $this->bus->dispatch(new ConfirmEmail($token));
} catch (InvalidConfirmationTokenException $e) {
return new HtmlResponse('Invalid confirmation token');
}
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
return new RedirectResponse($this->app->url());
}
public function make(Request $request, array $identification, array $suggestions = [])
{
if (isset($suggestions['username'])) {
$suggestions['username'] = $this->sanitizeUsername($suggestions['username']);
}
$user = User::where($identification)->first();
$payload = $this->getPayload($identification, $suggestions, $user);
$response = $this->getResponse($payload);
if ($user) {
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
$response = $this->rememberer->rememberUser($response, $user->id);
}
return $response;
}
/**
* @param Request $request
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request)
{
$actor = $request->getAttribute('actor');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send(TokenController::class, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $data->userId);
$token = AccessToken::find($data->token);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $token));
$response = $this->rememberer->remember($response, $token);
}
return $response;
}
/**
* @param Request $request
* @return JsonResponse
*/
public function handle(Request $request)
{
$controller = 'Flarum\\Api\\Controller\\CreateUserController';
$actor = $request->getAttribute('actor');
$body = ['data' => ['attributes' => $request->getParsedBody()]];
$response = $this->api->send($controller, $actor, [], $body);
$body = json_decode($response->getBody());
if (isset($body->data)) {
$userId = $body->data->id;
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $userId);
$response = $this->rememberer->rememberUser($response, $userId);
}
return $response;
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
* @throws TokenMismatchException
*/
public function handle(Request $request)
{
$session = $request->getAttribute('session');
$response = new RedirectResponse($this->app->url());
if ($user = User::find($session->get('user_id'))) {
if (array_get($request->getQueryParams(), 'token') !== $session->get('csrf_token')) {
throw new TokenMismatchException();
}
$this->authenticator->logOut($session);
$user->accessTokens()->delete();
$this->events->fire(new UserLoggedOut($user));
$response = $this->rememberer->forget($response);
}
return $response;
}
/**
* @param Request $request
* @return RedirectResponse
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$token = PasswordToken::findOrFail(array_get($input, 'passwordToken'));
$password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation');
if (!$password || $password !== $confirmation) {
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}
$token->user->changePassword($password);
$token->user->save();
$token->delete();
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $token->user->id);
return new RedirectResponse($this->url->toBase());
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$data = new DefaultsDataProvider();
$data->setDatabaseConfiguration(['driver' => 'mysql', 'host' => array_get($input, 'mysqlHost'), 'database' => array_get($input, 'mysqlDatabase'), 'username' => array_get($input, 'mysqlUsername'), 'password' => array_get($input, 'mysqlPassword'), 'prefix' => array_get($input, 'tablePrefix')]);
$data->setAdminUser(['username' => array_get($input, 'adminUsername'), 'password' => array_get($input, 'adminPassword'), 'password_confirmation' => array_get($input, 'adminPasswordConfirmation'), 'email' => array_get($input, 'adminEmail')]);
$baseUrl = rtrim((string) $request->getAttribute('originalUri'), '/');
$data->setBaseUrl($baseUrl);
$data->setSetting('forum_title', array_get($input, 'forumTitle'));
$data->setSetting('mail_from', 'noreply@' . preg_replace('/^www\\./i', '', parse_url($baseUrl, PHP_URL_HOST)));
$data->setSetting('welcome_title', 'Welcome to ' . array_get($input, 'forumTitle'));
$body = fopen('php://temp', 'wb+');
$input = new StringInput('');
$output = new StreamOutput($body);
$this->command->setDataSource($data);
try {
$this->command->run($input, $output);
} catch (Exception $e) {
return new HtmlResponse($e->getMessage(), 500);
}
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, 1);
return new Response($body);
}
/**
* @param Request $request
* @return RedirectResponse
*/
public function handle(Request $request)
{
$input = $request->getParsedBody();
$token = PasswordToken::findOrFail(array_get($input, 'passwordToken'));
$password = array_get($input, 'password');
try {
// todo: probably shouldn't use the user validator for this,
// passwords should be validated separately
$this->validator->assertValid(compact('password'));
$validator = $this->validatorFactory->make($input, ['password' => 'required|confirmed']);
if ($validator->fails()) {
throw new ValidationException($validator);
}
} catch (ValidationException $e) {
$request->getAttribute('session')->set('error', $e->errors()->first());
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}
$token->user->changePassword($password);
$token->user->save();
$token->delete();
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $token->user->id);
return new RedirectResponse($this->url->toBase());
}
/**
* @param Request $request
* @throws SingleSOException
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function createCodeResponse(Request $request)
{
$session = $request->getAttribute('session');
// Load settings or fail.
$authSettings = SingleSO::settingsAuth($this->settings, true);
// Get parameters.
$params = $request->getQueryParams();
$code = array_get($params, 'code');
$state = array_get($params, 'state');
// Get the state from the URL or fail.
if (!$state) {
throw new SingleSOException(['No state parameter supplied.']);
}
// Check the state against the session and remove or throw.
$stateData = $this->sessionStateValid($session, $state);
$this->sessionStateRemove($session);
// Get user info from supplied token.
$userInfo = SingleSO::getOauthUserInfo($authSettings['endpoint_url'], ['code' => $code, 'client_id' => $authSettings['client_id'], 'client_secret' => $authSettings['client_secret'], 'redirect_uri' => $this->getRedirectURI()], $authSettings['endpoint_ip_forced'] ? $authSettings['endpoint_ip_forced'] : null);
// Ensure a user for the info.
$actor = $request->getAttribute('actor');
$user = SingleSO::ensureUser($userInfo, $this->events, $actor);
// Create the redirect response, with redirect from state if set.
$response = new RedirectResponse($this->expandRedirect($stateData));
// Authenticate user on the current session.
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
// Generate remember me token (3600 is the time Flarum uses).
$token = AccessToken::generate($user->id, 3600);
$token->save();
// Trigger the login event.
$this->events->fire(new UserLoggedIn($user, $token));
// Attach the token as a remember me cookie unless using auto-login.
// If using auto-login, let the auth server handled remembering.
if (!$authSettings['global_cookie']) {
$response = $this->rememberer->remember($response, $token);
}
// Return the redirect response.
return $response;
}
