mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
flexisip-account-manager/flexiapi/app/Http/Controllers/Account/AuthenticateController.php
Timothée Jaussoin 1d3c3b8c13 Fix FLEXIAPI-276 Complete the translations
2025-03-13 13:50:10 +00:00

142 lines
4.2 KiB
PHP
Raw Blame History

<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Str;
use App\Account;
use App\AuthToken;
class AuthenticateController extends Controller
{
public static $emailCodeSize = 13;
public function login(Request $request)
{
if ($request->user()) {
if ($request->user()->superAdmin) {
return redirect()->route('admin.spaces.index');
} elseif ($request->user()->admin) {
return redirect()->route('admin.spaces.me');
}
return redirect()->route('account.dashboard');
}
return view('account.login', [
'count' => Account::where('activated', true)->count()
]);
}
public function authenticate(Request $request)
{
$request->validate([
'username' => 'required',
'password' => 'required'
]);
$account = Account::where('username', $request->get('username'))
->first();
if (!$account) {
$account = Account::where('phone', $request->get('username'))->first();
}
if (!$account) {
return redirect()->back()->withErrors(['authentication' => __('Wrong username or password')]);
}
// Try out the passwords
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
bchash($account->username, $account->resolvedRealm, $request->get('password'), $password->algorithm)
)) {
Auth::login($account);
return redirect()->route('account.home');
}
}
return redirect()->back()->withErrors(['authentication' => __('Wrong username or password')]);
}
/**
* Deprecated
*/
public function validateEmail(Request $request, string $code)
{
$request->merge(['code' => $code]);
$request->validate(['code' => 'required|size:' . self::$emailCodeSize]);
$account = Account::where('confirmation_key', $code)->first();
if (!$account) {
return redirect()->route('account.login');
}
$account->confirmation_key = null;
$account->activated = true;
$account->save();
Auth::login($account);
return redirect()->route('account.home');
}
public function loginAuthToken(Request $request, ?string $token = null)
{
$authToken = null;
if (!empty($token)) {
$authToken = AuthToken::where('token', $token)->valid()->first();
}
if ($authToken == null) {
$authToken = new AuthToken;
$authToken->token = Str::random(32);
$authToken->fillRequestInfo($request);
$authToken->save();
return redirect()->route('account.authenticate.auth_token', ['token' => $authToken->token]);
}
// If the $authToken was flashed by an authenticated user
if ($authToken->account_id) {
Auth::login($authToken->account);
$authToken->delete();
return redirect()->route('account.home');
}
return view('account.authenticate.auth_token', [
'authToken' => $authToken
]);
}
public function logout(Request $request)
{
Auth::logout();
return redirect()->route('account.login');
}
}
Reference in a new issue View git blame Copy permalink