]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/Auth/RegisterController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'laravel-upgrade'
[bookstack] / app / Http / Controllers / Auth / RegisterController.php
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index 0fa005e1fbe0b77fee9b997c186602121cdc58e9..3b9738835791dcd617716b020720aba181155020 100644 (file)
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -2,20 +2,26 @@
 
 namespace BookStack\Http\Controllers\Auth;
 
 
 namespace BookStack\Http\Controllers\Auth;
 
-use BookStack\Exceptions\ConfirmationEmailException;
+use BookStack\Auth\Access\EmailConfirmationService;
+use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Auth\SocialAccount;
+use BookStack\Auth\User;
+use BookStack\Auth\UserRepo;
+use BookStack\Exceptions\SocialDriverNotConfigured;
+use BookStack\Exceptions\SocialSignInAccountNotUsed;
 use BookStack\Exceptions\SocialSignInException;
 use BookStack\Exceptions\UserRegistrationException;
 use BookStack\Exceptions\SocialSignInException;
 use BookStack\Exceptions\UserRegistrationException;
-use BookStack\Repos\UserRepo;
-use BookStack\Services\EmailConfirmationService;
-use BookStack\Services\SocialAuthService;
-use BookStack\SocialAccount;
-use BookStack\User;
+use BookStack\Http\Controllers\Controller;
 use Exception;
 use Exception;
+use Illuminate\Foundation\Auth\RegistersUsers;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
+use Illuminate\Routing\Redirector;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Str;
+use Laravel\Socialite\Contracts\User as SocialUser;
 use Validator;
 use Validator;
-use BookStack\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\RegistersUsers;
 
 class RegisterController extends Controller
 {
 
 class RegisterController extends Controller
 {
@@ -57,8 +63,8 @@ class RegisterController extends Controller
         $this->socialAuthService = $socialAuthService;
         $this->emailConfirmationService = $emailConfirmationService;
         $this->userRepo = $userRepo;
         $this->socialAuthService = $socialAuthService;
         $this->emailConfirmationService = $emailConfirmationService;
         $this->userRepo = $userRepo;
-        $this->redirectTo = baseUrl('/');
-        $this->redirectPath = baseUrl('/');
+        $this->redirectTo = url('/');
+        $this->redirectPath = url('/');
         parent::__construct();
     }
 
         parent::__construct();
     }
 
@@ -71,9 +77,9 @@ class RegisterController extends Controller
     protected function validator(array $data)
     {
         return Validator::make($data, [
     protected function validator(array $data)
     {
         return Validator::make($data, [
-            'name' => 'required|max:255',
+            'name' => 'required|min:2|max:255',
             'email' => 'required|email|max:255|unique:users',
             'email' => 'required|email|max:255|unique:users',
-            'password' => 'required|min:6',
+            'password' => 'required|min:8',
         ]);
     }
 
         ]);
     }
 
@@ -91,6 +97,7 @@ class RegisterController extends Controller
     /**
      * Show the application registration form.
      * @return Response
     /**
      * Show the application registration form.
      * @return Response
+     * @throws UserRegistrationException
      */
     public function getRegister()
     {
      */
     public function getRegister()
     {
@@ -101,21 +108,14 @@ class RegisterController extends Controller
 
     /**
      * Handle a registration request for the application.
 
     /**
      * Handle a registration request for the application.
-     * @param Request|\Illuminate\Http\Request $request
-     * @return Response
+     * @param Request|Request $request
+     * @return RedirectResponse|Redirector
      * @throws UserRegistrationException
      * @throws UserRegistrationException
-     * @throws \Illuminate\Validation\ValidationException
      */
     public function postRegister(Request $request)
     {
         $this->checkRegistrationAllowed();
      */
     public function postRegister(Request $request)
     {
         $this->checkRegistrationAllowed();
-        $validator = $this->validator($request->all());
-
-        if ($validator->fails()) {
-            $this->throwValidationException(
-                $request, $validator
-            );
-        }
+        $this->validator($request->all())->validate();
 
         $userData = $request->all();
         return $this->registerUser($userData);
 
         $userData = $request->all();
         return $this->registerUser($userData);
@@ -131,7 +131,7 @@ class RegisterController extends Controller
         return User::create([
             'name' => $data['name'],
             'email' => $data['email'],
         return User::create([
             'name' => $data['name'],
             'email' => $data['email'],
-            'password' => bcrypt($data['password']),
+            'password' => Hash::make($data['password']),
         ]);
     }
 
         ]);
     }
 
@@ -139,26 +139,28 @@ class RegisterController extends Controller
      * The registrations flow for all users.
      * @param array $userData
      * @param bool|false|SocialAccount $socialAccount
      * The registrations flow for all users.
      * @param array $userData
      * @param bool|false|SocialAccount $socialAccount
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     * @param bool $emailVerified
+     * @return RedirectResponse|Redirector
      * @throws UserRegistrationException
      * @throws UserRegistrationException
-     * @throws ConfirmationEmailException
      */
      */
-    protected function registerUser(array $userData, $socialAccount = false)
+    protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false)
     {
     {
-        if (setting('registration-restrict')) {
-            $restrictedEmailDomains = explode(',', str_replace(' ', '', setting('registration-restrict')));
-            $userEmailDomain = $domain = substr(strrchr($userData['email'], "@"), 1);
+        $registrationRestrict = setting('registration-restrict');
+
+        if ($registrationRestrict) {
+            $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict));
+            $userEmailDomain = $domain = mb_substr(mb_strrchr($userData['email'], "@"), 1);
             if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
                 throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register');
             }
         }
 
             if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
                 throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register');
             }
         }
 
-        $newUser = $this->userRepo->registerNew($userData);
+        $newUser = $this->userRepo->registerNew($userData, $emailVerified);
         if ($socialAccount) {
             $newUser->socialAccounts()->save($socialAccount);
         }
 
         if ($socialAccount) {
             $newUser->socialAccounts()->save($socialAccount);
         }
 
-        if (setting('registration-confirmation') || setting('registration-restrict')) {
+        if ($this->emailConfirmationService->confirmationRequired() && !$emailVerified) {
             $newUser->save();
 
             try {
             $newUser->save();
 
             try {
@@ -175,70 +177,12 @@ class RegisterController extends Controller
         return redirect($this->redirectPath());
     }
 
         return redirect($this->redirectPath());
     }
 
-    /**
-     * Show the page to tell the user to check their email
-     * and confirm their address.
-     */
-    public function getRegisterConfirmation()
-    {
-        return view('auth/register-confirm');
-    }
-
-    /**
-     * Confirms an email via a token and logs the user into the system.
-     * @param $token
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     * @throws UserRegistrationException
-     */
-    public function confirmEmail($token)
-    {
-        $confirmation = $this->emailConfirmationService->getEmailConfirmationFromToken($token);
-        $user = $confirmation->user;
-        $user->email_confirmed = true;
-        $user->save();
-        auth()->login($user);
-        session()->flash('success', trans('auth.email_confirm_success'));
-        $this->emailConfirmationService->deleteConfirmationsByUser($user);
-        return redirect($this->redirectPath);
-    }
-
-    /**
-     * Shows a notice that a user's email address has not been confirmed,
-     * Also has the option to re-send the confirmation email.
-     * @return \Illuminate\View\View
-     */
-    public function showAwaitingConfirmation()
-    {
-        return view('auth/user-unconfirmed');
-    }
-
-    /**
-     * Resend the confirmation email
-     * @param Request $request
-     * @return \Illuminate\View\View
-     */
-    public function resendConfirmation(Request $request)
-    {
-        $this->validate($request, [
-            'email' => 'required|email|exists:users,email'
-        ]);
-        $user = $this->userRepo->getByEmail($request->get('email'));
-
-        try {
-            $this->emailConfirmationService->sendConfirmation($user);
-        } catch (Exception $e) {
-            session()->flash('error', trans('auth.email_confirm_send_error'));
-            return redirect('/register/confirm');
-        }
-
-        session()->flash('success', trans('auth.email_confirm_resent'));
-        return redirect('/register/confirm');
-    }
-
     /**
      * Redirect to the social site for authentication intended to register.
      * @param $socialDriver
      * @return mixed
     /**
      * Redirect to the social site for authentication intended to register.
      * @param $socialDriver
      * @return mixed
+     * @throws UserRegistrationException
+     * @throws SocialDriverNotConfigured
      */
     public function socialRegister($socialDriver)
     {
      */
     public function socialRegister($socialDriver)
     {
@@ -250,25 +194,52 @@ class RegisterController extends Controller
     /**
      * The callback for social login services.
      * @param $socialDriver
     /**
      * The callback for social login services.
      * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     * @param Request $request
+     * @return RedirectResponse|Redirector
      * @throws SocialSignInException
      * @throws SocialSignInException
+     * @throws UserRegistrationException
+     * @throws SocialDriverNotConfigured
      */
      */
-    public function socialCallback($socialDriver)
+    public function socialCallback($socialDriver, Request $request)
     {
         if (!session()->has('social-callback')) {
             throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login');
         }
 
     {
         if (!session()->has('social-callback')) {
             throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login');
         }
 
+        // Check request for error information
+        if ($request->has('error') && $request->has('error_description')) {
+            throw new SocialSignInException(trans('errors.social_login_bad_response', [
+                'socialAccount' => $socialDriver,
+                'error' => $request->get('error_description'),
+            ]), '/login');
+        }
+
         $action = session()->pull('social-callback');
         $action = session()->pull('social-callback');
-        if ($action == 'login') return $this->socialAuthService->handleLoginCallback($socialDriver);
-        if ($action == 'register') return $this->socialRegisterCallback($socialDriver);
+
+        // Attempt login or fall-back to register if allowed.
+        $socialUser = $this->socialAuthService->getSocialUser($socialDriver);
+        if ($action == 'login') {
+            try {
+                return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser);
+            } catch (SocialSignInAccountNotUsed $exception) {
+                if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) {
+                    return $this->socialRegisterCallback($socialDriver, $socialUser);
+                }
+                throw $exception;
+            }
+        }
+
+        if ($action == 'register') {
+            return $this->socialRegisterCallback($socialDriver, $socialUser);
+        }
+
         return redirect()->back();
     }
 
     /**
      * Detach a social account from a user.
      * @param $socialDriver
         return redirect()->back();
     }
 
     /**
      * Detach a social account from a user.
      * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     * @return RedirectResponse|Redirector
      */
     public function detachSocialAccount($socialDriver)
     {
      */
     public function detachSocialAccount($socialDriver)
     {
@@ -277,22 +248,23 @@ class RegisterController extends Controller
 
     /**
      * Register a new user after a registration callback.
 
     /**
      * Register a new user after a registration callback.
-     * @param $socialDriver
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     * @param string $socialDriver
+     * @param SocialUser $socialUser
+     * @return RedirectResponse|Redirector
      * @throws UserRegistrationException
      */
      * @throws UserRegistrationException
      */
-    protected function socialRegisterCallback($socialDriver)
+    protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser)
     {
     {
-        $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver);
+        $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser);
         $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
         $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
+        $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver);
 
         // Create an array of the user data to create a new user instance
         $userData = [
             'name' => $socialUser->getName(),
             'email' => $socialUser->getEmail(),
 
         // Create an array of the user data to create a new user instance
         $userData = [
             'name' => $socialUser->getName(),
             'email' => $socialUser->getEmail(),
-            'password' => str_random(30)
+            'password' => Str::random(30)
         ];
         ];
-        return $this->registerUser($userData, $socialAccount);
+        return $this->registerUser($userData, $socialAccount, $emailVerified);
     }
     }
-
-}
\ No newline at end of file
+}
The core source code for the BookStack project.