| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | <?php | 
					
						
							| 
									
										
										
										
											2016-09-17 07:57:32 +02:00
										 |  |  | /** | 
					
						
							|  |  |  |  * LoginController.php | 
					
						
							|  |  |  |  * Copyright (C) 2016 thegrumpydictator@gmail.com | 
					
						
							|  |  |  |  * | 
					
						
							| 
									
										
										
										
											2016-10-05 06:52:15 +02:00
										 |  |  |  * This software may be modified and distributed under the terms of the | 
					
						
							|  |  |  |  * Creative Commons Attribution-ShareAlike 4.0 International License. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * See the LICENSE file for details. | 
					
						
							| 
									
										
										
										
											2016-09-17 07:57:32 +02:00
										 |  |  |  */ | 
					
						
							|  |  |  | declare(strict_types = 1); | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | namespace FireflyIII\Http\Controllers\Auth; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | use Config; | 
					
						
							|  |  |  | use FireflyConfig; | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | use FireflyIII\Http\Controllers\Controller; | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | use FireflyIII\User; | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | use Illuminate\Foundation\Auth\AuthenticatesUsers; | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | use Illuminate\Http\Request; | 
					
						
							|  |  |  | use Lang; | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | /** | 
					
						
							|  |  |  |  * Class LoginController | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * @package FireflyIII\Http\Controllers\Auth | 
					
						
							|  |  |  |  */ | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | class LoginController extends Controller | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     use AuthenticatesUsers; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Where to redirect users after login / registration. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @var string | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-12-09 16:30:33 +01:00
										 |  |  |     protected $redirectTo = '/'; | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Create a new controller instance. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function __construct() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |         parent::__construct(); | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  |         $this->middleware('guest', ['except' => 'logout']); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Handle a login request to the application. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-12-23 07:02:45 +01:00
										 |  |  |      * @param Request $request | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-12-23 07:02:45 +01:00
										 |  |  |      * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function login(Request $request) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $this->validateLogin($request); | 
					
						
							| 
									
										
										
										
											2016-11-26 09:16:06 +01:00
										 |  |  |         $lockedOut = $this->hasTooManyLoginAttempts($request); | 
					
						
							|  |  |  |         if ($lockedOut) { | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |             $this->fireLockoutEvent($request); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |             return $this->sendLockoutResponse($request); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         $credentials            = $this->credentials($request); | 
					
						
							| 
									
										
										
										
											2016-12-09 16:30:33 +01:00
										 |  |  |         $credentials['blocked'] = 0; // must not be blocked.
 | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |         if ($this->guard()->attempt($credentials, $request->has('remember'))) { | 
					
						
							|  |  |  |             return $this->sendLoginResponse($request); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-12-28 18:49:30 +01:00
										 |  |  |         $errorMessage = $this->getBlockedError($credentials['email']); | 
					
						
							| 
									
										
										
										
											2016-12-13 20:37:38 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |         if (!$lockedOut) { | 
					
						
							|  |  |  |             $this->incrementLoginAttempts($request); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $this->sendFailedLoginResponse($request, $errorMessage); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Show the application login form. | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-10-09 07:58:27 +02:00
										 |  |  |      * @param Request $request | 
					
						
							|  |  |  |      * | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |      * @return \Illuminate\Http\Response | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-09-16 13:29:56 +02:00
										 |  |  |     public function showLoginForm(Request $request) | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |     { | 
					
						
							|  |  |  |         // is allowed to?
 | 
					
						
							|  |  |  |         $singleUserMode    = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; | 
					
						
							|  |  |  |         $userCount         = User::count(); | 
					
						
							|  |  |  |         $allowRegistration = true; | 
					
						
							|  |  |  |         if ($singleUserMode === true && $userCount > 0) { | 
					
						
							|  |  |  |             $allowRegistration = false; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-16 13:29:56 +02:00
										 |  |  |         $email    = $request->old('email'); | 
					
						
							|  |  |  |         $remember = $request->old('remember'); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return view('auth.login', compact('allowRegistration', 'email', 'remember')); | 
					
						
							| 
									
										
										
										
											2016-09-16 07:22:57 +02:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the failed login message. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param string $message | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected function getFailedLoginMessage(string $message) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         if (strlen($message) > 0) { | 
					
						
							|  |  |  |             return $message; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return Lang::has('auth.failed') ? Lang::get('auth.failed') : 'These credentials do not match our records.'; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the failed login response instance. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param \Illuminate\Http\Request $request | 
					
						
							|  |  |  |      * @param string                   $message | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return \Illuminate\Http\RedirectResponse | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected function sendFailedLoginResponse(Request $request, string $message) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return redirect()->back() | 
					
						
							|  |  |  |                          ->withInput($request->only($this->username(), 'remember')) | 
					
						
							|  |  |  |                          ->withErrors( | 
					
						
							|  |  |  |                              [ | 
					
						
							|  |  |  |                                  $this->username() => $this->getFailedLoginMessage($message), | 
					
						
							|  |  |  |                              ] | 
					
						
							|  |  |  |                          ); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-12-28 18:49:30 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * @param string $email | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     private function getBlockedError(string $email): string | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         // check if user is blocked:
 | 
					
						
							|  |  |  |         $errorMessage = ''; | 
					
						
							|  |  |  |         /** @var User $foundUser */ | 
					
						
							|  |  |  |         $foundUser = User::where('email', $email)->where('blocked', 1)->first(); | 
					
						
							|  |  |  |         if (!is_null($foundUser)) { | 
					
						
							|  |  |  |             // user exists, but is blocked:
 | 
					
						
							|  |  |  |             $code         = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; | 
					
						
							|  |  |  |             $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $email])); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         return $errorMessage; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-09-16 06:19:40 +02:00
										 |  |  | } |