Зуев Егор / wiki.dev

Go to a project
Toggle navigation
Toggle navigation pinning
Dan Brown
2c3fb557 1 parent 6b6f6d2c

Started social registration

Expand all
Inline Side-by-side
Showing 17 changed files with 217 additions and 68 deletions
......@@ -37,7 +37,7 @@ class AuthController extends Controller
*/
public function __construct(SocialAuthService $socialAuthService)
{
$this->middleware('guest', ['only' => ['getLogin', 'postLogin']]);
$this->middleware('guest', ['only' => ['getLogin', 'postLogin', 'getRegister']]);
$this->socialAuthService = $socialAuthService;
}
......@@ -72,6 +72,17 @@ class AuthController extends Controller
}
/**
* Show the application registration form.
*
* @return \Illuminate\Http\Response
*/
public function getRegister()
{
$socialDrivers = $this->socialAuthService->getActiveDrivers();
return view('auth.register', ['socialDrivers' => $socialDrivers]);
}
/**
* Show the application login form.
*
* @return \Illuminate\Http\Response
......@@ -84,7 +95,6 @@ class AuthController extends Controller
}
$socialDrivers = $this->socialAuthService->getActiveDrivers();
return view('auth.login', ['socialDrivers' => $socialDrivers]);
}
......
......@@ -31,12 +31,12 @@ abstract class Controller extends BaseController
{
// Get a user instance for the current user
$user = auth()->user();
if (!$user) {
$user = User::getDefault();
}
if (!$user) $user = User::getDefault();
// Share variables with views
view()->share('signedIn', auth()->check());
view()->share('currentUser', $user);
// Share variables with controllers
$this->currentUser = $user;
$this->signedIn = auth()->check();
......@@ -53,7 +53,7 @@ abstract class Controller extends BaseController
if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
Session::flash('error', trans('errors.permission'));
throw new HttpResponseException(
redirect()->back()
redirect('/')
);
}
......
......@@ -152,6 +152,8 @@ class UserController extends Controller
return $this->currentUser->id == $id;
});
$user = $this->user->findOrFail($id);
// Delete social accounts
$user->socialAccounts()->delete();
$user->delete();
return redirect('/users');
}
......
......@@ -34,8 +34,7 @@ class Authenticate
*/
public function handle($request, Closure $next)
{
$sitePublic = Setting::get('app-public', false) === 'true';
if ($this->auth->guest() && !$sitePublic) {
if ($this->auth->guest() && !Setting::get('app-public')) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
......
......@@ -87,6 +87,7 @@ Route::get('/login/service/{socialDriver}/detach', 'Auth\AuthController@detachSo
Route::get('/login', 'Auth\AuthController@getLogin');
Route::post('/login', 'Auth\AuthController@postLogin');
Route::get('/logout', 'Auth\AuthController@getLogout');
Route::get('/register', 'Auth\AuthController@getRegister');
// Password reset link request routes...
Route::get('/password/email', 'Auth\PasswordController@getEmail');
......
......@@ -7,6 +7,12 @@ use Illuminate\Database\Eloquent\Model;
class Role extends Model
{
/**
* Sets the default role name for newly registed users.
* @var string
*/
protected static $default = 'viewer';
/**
* The roles that belong to the role.
*/
public function users()
......@@ -31,4 +37,12 @@ class Role extends Model
$this->permissions()->attach($permission->id);
}
/**
* Get an instance of the default role.
* @return Role
*/
public static function getDefault()
{
return static::where('name', '=', static::$default)->first();
}
}
......
......@@ -33,7 +33,16 @@ class SettingService
public function get($key, $default = false)
{
$setting = $this->getSettingObjectByKey($key);
return $setting === null ? $default : $setting->value;
$value = $setting === null ? null : $setting->value;
// Change string booleans to actual booleans
if($value === 'true') $value = true;
if($value === 'false') $value = false;
// Set to default if empty
if($value === '') $value = $default;
return $value === null ? $default : $value;
}
/**
......
......@@ -63,8 +63,8 @@ class SocialAuthService
$isLoggedIn = auth()->check();
$currentUser = auth()->user();
// When a user is not logged in but a matching SocialAccount exists,
// Log the user found on the SocialAccount into the application.
// When a user is not logged in and a matching SocialAccount exists,
// Simply log the user into the application.
if (!$isLoggedIn && $socialAccount !== null) {
return $this->logUserIn($socialAccount->user);
}
......@@ -87,30 +87,16 @@ class SocialAuthService
// When a user is logged in, A social account exists but the users do not match.
// Change the user that the social account is assigned to.
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
$socialAccount->user_id = $currentUser->id;
$socialAccount->save();
\Session::flash('success', 'This ' . title_case($socialDriver) . ' account is now attached to your profile.');
\Session::flash('success', 'This ' . title_case($socialDriver) . ' account is already used buy another user.');
return redirect($currentUser->getEditUrl());
}
if ($user === null) {
throw new SocialSignInException('A system user with the email ' . $socialUser->getEmail() .
' was not found and this ' . $socialDriver . ' account is not linked to any users.', '/login');
// Otherwise let the user know this social account is not used by anyone.
$message = 'This ' . $socialDriver . ' account is not linked to any users. Please attach it in your profile settings';
if(\Setting::get('registration-enabled')) {
$message .= 'or, If you do not yet have an account, You can register an account using the ' . $socialDriver . ' option';
}
return $this->authenticateUserWithNewSocialAccount($user, $socialUser, $socialUser);
}
/**
* Logs a user in and creates a new social account entry for future usage.
* @param User $user
* @param string $socialDriver
* @param \Laravel\Socialite\Contracts\User $socialUser
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
private function authenticateUserWithNewSocialAccount($user, $socialDriver, $socialUser)
{
$this->fillSocialAccount($socialDriver, $socialUser);
$user->socialAccounts()->save($this->socialAccount);
return $this->logUserIn($user);
throw new SocialSignInException($message . '.', '/login');
}
private function logUserIn($user)
......
......@@ -29,6 +29,7 @@ label {
font-weight: 500;
color: #666;
padding-bottom: 2px;
margin-bottom: 0.2em;
}
label.radio, label.checkbox {
......@@ -38,6 +39,10 @@ label.radio, label.checkbox {
}
}
label + p.small {
margin-bottom: 0.8em;
}
input[type="text"], input[type="number"], input[type="email"], input[type="search"], input[type="url"], input[type="password"], select, textarea {
@extend .input-base;
}
......
......@@ -42,9 +42,12 @@ div[class^="col-"] img {
}
.center-box {
margin: 15vh auto 0 auto;
margin: $-xl auto 0 auto;
padding: $-m $-xxl $-xl*2 $-xxl;
max-width: 346px;
display: inline-block;
text-align: left;
vertical-align: top;
&.login {
background-color: #EEE;
box-shadow: 0 0 2px 0 rgba(0, 0, 0, 0.1);
......
@extends('public')
@section('header-buttons')
@if(Setting::get('registration-enabled'))
<a href="/register"><i class="zmdi zmdi-account-add"></i>Sign up</a>
@endif
@stop
@section('content')
<div class="center-box">
<h1>Log In</h1>
<form action="/login" method="POST">
{!! csrf_field() !!}
<div class="form-group">
<label for="email">Email</label>
@include('form/text', ['name' => 'email'])
</div>
<div class="form-group">
<label for="password">Password</label>
@include('form/password', ['name' => 'password'])
<span class="block small"><a href="/password/email">Forgot Password?</a></span>
</div>
<div class="from-group">
<button class="button block pos">Sign In</button>
</div>
</form>
@if(count($socialDrivers) > 0)
<hr class="margin-top">
<h3 class="text-muted">Social Login</h3>
@if(isset($socialDrivers['google']))
<a href="/login/service/google" style="color: #DC4E41;"><i class="zmdi zmdi-google-plus-box zmdi-hc-4x"></i></a>
@endif
@if(isset($socialDrivers['github']))
<a href="/login/service/github" style="color:#444;"><i class="zmdi zmdi-github zmdi-hc-4x"></i></a>
<div class="text-center">
<div class="center-box">
<h1>Log In</h1>
<form action="/login" method="POST">
{!! csrf_field() !!}
<div class="form-group">
<label for="email">Email</label>
@include('form/text', ['name' => 'email'])
</div>
<div class="form-group">
<label for="password">Password</label>
@include('form/password', ['name' => 'password'])
<span class="block small"><a href="/password/email">Forgot Password?</a></span>
</div>
<div class="from-group">
<button class="button block pos">Sign In</button>
</div>
</form>
@if(count($socialDrivers) > 0)
<hr class="margin-top">
<h3 class="text-muted">Social Login</h3>
@if(isset($socialDrivers['google']))
<a href="/login/service/google" style="color: #DC4E41;"><i class="zmdi zmdi-google-plus-box zmdi-hc-4x"></i></a>
@endif
@if(isset($socialDrivers['github']))
<a href="/login/service/github" style="color:#444;"><i class="zmdi zmdi-github zmdi-hc-4x"></i></a>
@endif
@endif
@endif
</div>
</div>
@stop
\ No newline at end of file
......
@extends('public')
@section('header-buttons')
<a href="/login"><i class="zmdi zmdi-sign-in"></i>Sign in</a>
@stop
@section('content')
<div class="text-center">
<div class="center-box">
<h1>Register</h1>
<form action="/login" method="POST">
{!! csrf_field() !!}
<div class="form-group">
<label for="email">Name</label>
@include('form/text', ['name' => 'name'])
</div>
<div class="form-group">
<label for="email">Email</label>
@include('form/text', ['name' => 'email'])
</div>
<div class="form-group">
<label for="password">Password</label>
@include('form/password', ['name' => 'password'])
</div>
<div class="from-group">
<button class="button block pos">Sign In</button>
</div>
</form>
@if(count($socialDrivers) > 0)
<hr class="margin-top">
<h3 class="text-muted">Social Registration</h3>
@if(isset($socialDrivers['google']))
<a href="/register/service/google" style="color: #DC4E41;"><i class="zmdi zmdi-google-plus-box zmdi-hc-4x"></i></a>
@endif
@if(isset($socialDrivers['github']))
<a href="/register/service/github" style="color:#444;"><i class="zmdi zmdi-github zmdi-hc-4x"></i></a>
@endif
@endif
</div>
</div>
@stop
......@@ -5,7 +5,7 @@
@if($errors->has($name)) class="neg" @endif
@if(isset($model) || old($name)) @if(old($name) && old($name) === $option->id) selected @elseif(isset($model) && $model->role->id === $option->id) selected @endif @endif
>
{{ $option->$displayKey }}
{{ $option->display_name }}
</option>
@endforeach
</select>
......
......@@ -26,6 +26,23 @@
</div>
@endif
<header id="header">
<div class="container">
<div class="row">
<div class="col-md-6">
<a href="/" class="logo">{{ Setting::get('app-name', 'BookStack') }}</a>
</div>
<div class="col-md-6">
<div class="float right">
<div class="links text-center">
@yield('header-buttons')
</div>
</div>
</div>
</div>
</div>
</header>
<section class="container">
@yield('content')
</section>
......
......@@ -10,17 +10,61 @@
<form action="/settings" method="POST">
{!! csrf_field() !!}
<h3>App Settings</h3>
<div class="form-group">
<label for="setting-app-name">Application Name</label>
<label for="setting-app-name">Application name</label>
<input type="text" value="{{ Setting::get('app-name', 'BookStack') }}" name="setting-app-name" id="setting-app-name">
</div>
<div class="form-group">
<label for="setting-app-public">Allow public viewing?</label>
<label><input type="radio" name="setting-app-public" @if(Setting::get('app-public') == 'true') checked @endif value="true"> Yes</label>
<label><input type="radio" name="setting-app-public" @if(Setting::get('app-public') == 'false') checked @endif value="false"> No</label>
<label><input type="radio" name="setting-app-public" @if(Setting::get('app-public')) checked @endif value="true"> Yes</label>
<label><input type="radio" name="setting-app-public" @if(!Setting::get('app-public')) checked @endif value="false"> No</label>
</div>
<hr class="margin-top">
<h3>Registration Settings</h3>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="setting-registration-enabled">Allow registration?</label>
<label><input type="radio" name="setting-registration-enabled" @if(Setting::get('registration-enabled')) checked @endif value="true"> Yes</label>
<label><input type="radio" name="setting-registration-enabled" @if(!Setting::get('registration-enabled')) checked @endif value="false"> No</label>
</div>
<div class="form-group">
<label for="setting-registration-role">Default user role after registration</label>
<select id="setting-registration-role" name="setting-registration-role" @if($errors->has('setting-registration-role')) class="neg" @endif>
@foreach(\Oxbow\Role::all() as $role)
<option value="{{$role->id}}"
@if(\Setting::get('registration-role', \Oxbow\Role::getDefault()->id) == $role->id) selected @endif
>
{{ $role->display_name }}
</option>
@endforeach
</select>
</div>
<div class="form-group">
<label for="setting-registration-confirmation">Require Email Confirmation?</label>
<p class="small">If domain restriction is used then email confirmation will be required and the below value will be ignored.</p>
<label><input type="radio" name="setting-registration-confirmation" @if(Setting::get('registration-confirmation')) checked @endif value="true"> Yes</label>
<label><input type="radio" name="setting-registration-confirmation" @if(!Setting::get('registration-confirmation')) checked @endif value="false"> No</label>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="setting-registration-restrict">Restrict registration to domain</label>
<p class="small">Enter a comma separated list of email domains you would like to restrict registration to. Users will be sent an email to confirm their address before being allowed to interact with the application.
<br> Note that users will be able to change their email addresses after successful registration.</p>
<input type="text" id="setting-registration-restrict" name="setting-registration-restrict" placeholder="No restriction set" value="{{ Setting::get('registration-restrict', '') }}">
</div>
</div>
</div>
<hr class="margin-top">
<div class="form-group">
<button type="submit" class="button pos">Update Settings</button>
<button type="submit" class="button pos">Save Settings</button>
</div>
</form>
......