Use simple usernames for login

Enforce configuration domain for Accounts
2026-01-17 10:08:05 +00:00 · 2020-05-12 10:52:59 +02:00 · 2020-05-12 10:52:59 +02:00 · d0039165d6
commit d0039165d6
parent 5b34fc623e
3 changed files with 12 additions and 8 deletions
--- a/flexiapi/app/Account.php
+++ b/flexiapi/app/Account.php
@ -29,6 +29,13 @@ class Account extends Authenticatable
    protected $dates = ['creation_time'];
    public $timestamps = false;

+    protected static function booted()
+    {
+        static::addGlobalScope('domain', function (Builder $builder) {
+            $builder->where('domain', config('app.sip_domain'));
+        });
+    }
+
    public function passwords()
    {
        return $this->hasMany('App\Password');
--- a/flexiapi/app/Http/Controllers/AccountController.php
+++ b/flexiapi/app/Http/Controllers/AccountController.php
@ -106,7 +106,7 @@ class AccountController extends Controller
        $request->validate(['identifier' => 'required|same:identifier_confirm']);

        Auth::logout();
-        //$request->user()->delete();
+        $request->user()->delete();

        return redirect()->route('account.login');
    }
@ -114,21 +114,18 @@ class AccountController extends Controller
    public function authenticate(Request $request)
    {
        $request->validate([
-            'username' => ['required', new SIP],
+            'username' => 'required',
            'password' => 'required'
        ]);

-        list($username, $domain) = explode('@', $request->get('username'));
-
-        $account = Account::where('username', $username)
-                          ->where('domain', $domain)
+        $account = Account::where('username', $request->get('username'))
                          ->firstOrFail();

        // Try out the passwords
        foreach ($account->passwords as $password) {
            if (hash_equals(
                $password->password,
-                Utils::bchash($username, $domain, $request->get('password'), $password->algorithm)
+                Utils::bchash($request->get('username'), config('app.sip_domain'), $request->get('password'), $password->algorithm)
            )) {
                Auth::login($account);
                return redirect()->route('account.index');
--- a/flexiapi/resources/views/account/login.blade.php
+++ b/flexiapi/resources/views/account/login.blade.php
@ -7,7 +7,7 @@
        {!! Form::open(['route' => 'account.authenticate']) !!}
            <div class="form-group">
                {!! Form::label('username', 'Username') !!}
-                {!! Form::text('username', old('username'), ['class' => 'form-control', 'placeholder' => 'username@'.config('app.sip_domain'), 'required']) !!}
+                {!! Form::text('username', old('username'), ['class' => 'form-control', 'placeholder' => 'username', 'required']) !!}
            </div>
            <div class="form-group">
                {!! Form::label('password', 'Password') !!}