2014-11-24 15:33:36 +00:00
|
|
|
<?php
|
|
|
|
|
|
2015-04-19 08:52:39 +01:00
|
|
|
/*
|
|
|
|
|
* This file is part of Cachet.
|
|
|
|
|
*
|
|
|
|
|
* (c) James Brooks <james@cachethq.io>
|
2015-05-19 10:45:38 +01:00
|
|
|
* (c) Joseph Cohen <joseph.cohen@dinkbit.com>
|
|
|
|
|
* (c) Graham Campbell <graham@mineuk.com>
|
2015-04-19 08:52:39 +01:00
|
|
|
*
|
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
|
*/
|
|
|
|
|
|
2015-01-02 00:18:19 +00:00
|
|
|
namespace CachetHQ\Cachet\Http\Controllers;
|
2015-01-01 15:45:04 +00:00
|
|
|
|
2015-01-02 12:05:50 +00:00
|
|
|
use GrahamCampbell\Binput\Facades\Binput;
|
2015-01-02 12:09:29 +00:00
|
|
|
use GrahamCampbell\Throttle\Facades\Throttle;
|
2015-01-01 15:45:04 +00:00
|
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
|
use Illuminate\Support\Facades\Redirect;
|
2015-01-01 16:18:24 +00:00
|
|
|
use Illuminate\Support\Facades\Request;
|
2015-01-09 09:03:07 +00:00
|
|
|
use Illuminate\Support\Facades\Session;
|
2015-01-01 15:45:04 +00:00
|
|
|
use Illuminate\Support\Facades\View;
|
2015-01-09 09:03:07 +00:00
|
|
|
use PragmaRX\Google2FA\Vendor\Laravel\Facade as Google2FA;
|
2015-01-01 15:45:04 +00:00
|
|
|
|
2014-11-27 16:05:00 +00:00
|
|
|
/**
|
2014-12-29 23:07:46 +00:00
|
|
|
* Logs users into their account.
|
2014-11-27 16:05:00 +00:00
|
|
|
*/
|
2015-03-21 02:21:20 -06:00
|
|
|
class AuthController extends AbstractController
|
2014-12-20 21:20:17 +00:00
|
|
|
{
|
2014-12-01 08:38:26 +00:00
|
|
|
/**
|
|
|
|
|
* Shows the login view.
|
2014-12-29 23:07:46 +00:00
|
|
|
*
|
2014-12-01 08:38:26 +00:00
|
|
|
* @return \Illuminate\View\View
|
|
|
|
|
*/
|
2014-12-20 21:20:17 +00:00
|
|
|
public function showLogin()
|
|
|
|
|
{
|
2014-11-27 16:05:00 +00:00
|
|
|
return View::make('auth.login');
|
|
|
|
|
}
|
2014-11-24 15:33:36 +00:00
|
|
|
|
2014-12-01 08:38:26 +00:00
|
|
|
/**
|
|
|
|
|
* Logs the user in.
|
2014-12-29 23:07:46 +00:00
|
|
|
*
|
2014-12-01 08:38:26 +00:00
|
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
|
|
|
*/
|
2014-12-20 21:20:17 +00:00
|
|
|
public function postLogin()
|
|
|
|
|
{
|
2015-01-09 09:03:07 +00:00
|
|
|
$loginData = Binput::only(['email', 'password']);
|
|
|
|
|
// Validate login credentials.
|
|
|
|
|
if (Auth::validate($loginData)) {
|
|
|
|
|
// Log the user in for one request.
|
|
|
|
|
Auth::once($loginData);
|
|
|
|
|
// Do we have Two Factor Auth enabled?
|
2015-01-09 14:21:53 -06:00
|
|
|
if (Auth::user()->hasTwoFactor) {
|
2015-01-09 09:03:07 +00:00
|
|
|
// Temporarily store the user.
|
|
|
|
|
Session::put('2fa_id', Auth::user()->id);
|
|
|
|
|
|
|
|
|
|
return Redirect::route('two-factor');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We probably wan't to add support for "Remember me" here.
|
|
|
|
|
Auth::attempt(Binput::only(['email', 'password']));
|
|
|
|
|
|
2014-11-27 16:05:00 +00:00
|
|
|
return Redirect::intended('dashboard');
|
|
|
|
|
}
|
2015-01-01 15:45:04 +00:00
|
|
|
|
|
|
|
|
Throttle::hit(Request::instance(), 10, 10);
|
|
|
|
|
|
|
|
|
|
return Redirect::back()
|
2015-01-02 12:05:50 +00:00
|
|
|
->withInput(Binput::except('password'))
|
2015-01-13 11:55:26 +00:00
|
|
|
->with('error', trans('forms.login.invalid'));
|
2014-11-27 16:05:00 +00:00
|
|
|
}
|
2014-11-24 15:33:36 +00:00
|
|
|
|
2015-01-09 09:03:07 +00:00
|
|
|
/**
|
|
|
|
|
* Shows the two-factor-auth view.
|
|
|
|
|
*
|
|
|
|
|
* @return \Illuminate\View\View
|
|
|
|
|
*/
|
|
|
|
|
public function showTwoFactorAuth()
|
|
|
|
|
{
|
|
|
|
|
return View::make('auth.two-factor-auth');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Validates the Two Factor token.
|
|
|
|
|
*
|
|
|
|
|
* This feels very hacky, but we have to juggle authentication and codes.
|
|
|
|
|
*
|
|
|
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
|
|
|
*/
|
|
|
|
|
public function postTwoFactor()
|
|
|
|
|
{
|
|
|
|
|
// Check that we have a session.
|
|
|
|
|
if ($userId = Session::pull('2fa_id')) {
|
|
|
|
|
$code = Binput::get('code');
|
|
|
|
|
|
|
|
|
|
// Maybe a temp login here.
|
|
|
|
|
Auth::loginUsingId($userId);
|
|
|
|
|
|
|
|
|
|
$valid = Google2FA::verifyKey(Auth::user()->google_2fa_secret, $code);
|
|
|
|
|
|
|
|
|
|
if ($valid) {
|
|
|
|
|
return Redirect::intended('dashboard');
|
|
|
|
|
} else {
|
|
|
|
|
// Failed login, log back out.
|
|
|
|
|
Auth::logout();
|
|
|
|
|
|
2015-01-13 11:55:26 +00:00
|
|
|
return Redirect::route('login')->with('error', trans('forms.login.invalid-token'));
|
2015-01-09 09:03:07 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-13 11:55:26 +00:00
|
|
|
return Redirect::route('login')->with('error', trans('forms.login.invalid-token'));
|
2015-01-09 09:03:07 +00:00
|
|
|
}
|
|
|
|
|
|
2014-12-01 08:38:26 +00:00
|
|
|
/**
|
|
|
|
|
* Logs the user out, deleting their session etc.
|
2014-12-29 23:07:46 +00:00
|
|
|
*
|
2014-12-01 08:38:26 +00:00
|
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
|
|
|
*/
|
2014-12-20 21:20:17 +00:00
|
|
|
public function logoutAction()
|
|
|
|
|
{
|
2014-11-27 16:05:00 +00:00
|
|
|
Auth::logout();
|
2014-12-20 21:20:17 +00:00
|
|
|
|
2014-11-27 16:05:00 +00:00
|
|
|
return Redirect::to('/');
|
|
|
|
|
}
|
2014-11-27 22:08:28 +00:00
|
|
|
}
|
