/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\Response */ public function login(Request $request) { $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required']); $throttles = $this->isUsingThrottlesLoginsTrait(); if ($throttles && $this->hasTooManyLoginAttempts($request)) { return $this->sendLockoutResponse($request); } $credentials = $this->getCredentials($request); $credentials['blocked'] = 0; // most not be blocked. if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) { return $this->handleUserWasAuthenticated($request, $throttles); } // check if user is blocked: $message = ''; /** @var User $foundUser */ $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); if (!is_null($foundUser)) { // if it exists, show message: $code = $foundUser->blocked_code; if (strlen($code) == 0) { $code = 'general_blocked'; } $message = trans('firefly.' . $code . '_error', ['email' => $credentials['email']]); } if ($throttles) { $this->incrementLoginAttempts($request); } return $this->sendFailedLoginResponse($request, $message); }
/** * Firefly doesn't have anything that should be in the a cron job, except maybe this one, and it's fairly exceptional. * * If you use SendGrid like I do, you can detect bounces and thereby check if users gave an invalid address. If they did, * it's easy to block them and change their password. Optionally, you could notify yourself about it and send them a message. * * But thats something not supported right now. */ public function sendgrid() { if (strlen(env('SENDGRID_USERNAME')) > 0 && strlen(env('SENDGRID_PASSWORD')) > 0) { $set = ['blocks' => 'https://api.sendgrid.com/api/blocks.get.json', 'bounces' => 'https://api.sendgrid.com/api/bounces.get.json', 'invalids' => 'https://api.sendgrid.com/api/invalidemails.get.json']; echo '<pre>'; foreach ($set as $name => $URL) { $parameters = ['api_user' => env('SENDGRID_USERNAME'), 'api_key' => env('SENDGRID_PASSWORD'), 'date' => 1, 'days' => 7]; $fullURL = $URL . '?' . http_build_query($parameters); $data = json_decode(file_get_contents($fullURL)); /* * Loop the result, if any. */ if (is_array($data)) { echo 'Found ' . count($data) . ' entries in the SendGrid ' . $name . ' list.' . "\n"; foreach ($data as $entry) { $address = $entry->email; $user = User::where('email', $address)->where('blocked', 0)->first(); if (!is_null($user)) { echo 'Found a user: '******', who is now blocked.' . "\n"; $user->blocked = 1; $user->blocked_code = 'bounced'; $user->password = '******'; $user->save(); } else { echo 'Found no user: '******', did nothing.' . "\n"; } } } } echo 'Done!' . "\n"; } else { echo 'Please fill in SendGrid details.'; } }
/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\Response */ public function postLogin(Request $request) { $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required']); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. $throttles = $this->isUsingThrottlesLoginsTrait(); if ($throttles && $this->hasTooManyLoginAttempts($request)) { return $this->sendLockoutResponse($request); } $credentials = $this->getCredentials($request); $credentials['blocked'] = 0; // most not be blocked. if (Auth::attempt($credentials, $request->has('remember'))) { return $this->handleUserWasAuthenticated($request, $throttles); } // default error message: $message = $this->getFailedLoginMessage(); // try to find a blocked user with this email address. /** @var User $foundUser */ $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); if (!is_null($foundUser)) { // if it exists, show message: $code = $foundUser->blocked_code; $message = trans('firefly.' . $code . '_error', ['email' => $credentials['email']]); } // try // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. if ($throttles) { $this->incrementLoginAttempts($request); } return redirect($this->loginPath())->withInput($request->only($this->loginUsername(), 'remember'))->withErrors([$this->loginUsername() => $message]); }
/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\Response */ public function login(Request $request) { $this->validateLogin($request); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. if ($lockedOut = $this->hasTooManyLoginAttempts($request)) { $this->fireLockoutEvent($request); return $this->sendLockoutResponse($request); } $credentials = $this->credentials($request); $credentials['blocked'] = 0; // most not be blocked. if ($this->guard()->attempt($credentials, $request->has('remember'))) { return $this->sendLoginResponse($request); } // check if user is blocked: $errorMessage = ''; /** @var User $foundUser */ $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); if (!is_null($foundUser)) { // if it exists, show message: $code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']])); $this->reportBlockedUserLoginAttempt($foundUser, $code, $request->ip()); } // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. if (!$lockedOut) { $this->incrementLoginAttempts($request); } return $this->sendFailedLoginResponse($request, $errorMessage); }