diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php index 9b14adb589..8f0100711e 100644 --- a/app/Http/Controllers/Auth/AuthController.php +++ b/app/Http/Controllers/Auth/AuthController.php @@ -56,48 +56,6 @@ class AuthController extends Controller parent::__construct(); } - /** - * Handle a login request to the application. - * - * @param \Illuminate\Http\Request $request - * - * @return \Illuminate\Http\Response - */ - public function login(Request $request) - { - - $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required',]); - $throttles = $this->isUsingThrottlesLoginsTrait(); - - if ($throttles && $this->hasTooManyLoginAttempts($request)) { - return $this->sendLockoutResponse($request); - } - - $credentials = $this->getCredentials($request); - $credentials['blocked'] = 0; // most not be blocked. - - if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) { - return $this->handleUserWasAuthenticated($request, $throttles); - } - - // check if user is blocked: - $errorMessage = ''; - /** @var User $foundUser */ - $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); - if (!is_null($foundUser)) { - // if it exists, show message: - $code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; - $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']])); - $this->reportBlockedUserLoginAttempt($foundUser, $code, $request->ip()); - } - - if ($throttles) { - $this->incrementLoginAttempts($request); - } - - return $this->sendFailedLoginResponse($request, $errorMessage); - } - /** * Handle a registration request for the application. * @@ -156,24 +114,6 @@ class AuthController extends Controller return redirect($this->redirectPath()); } - /** - * Show the application login form. - * - * @return \Illuminate\Http\Response - */ - public function showLoginForm() - { - // is allowed to? - $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; - $userCount = User::count(); - $allowRegistration = true; - if ($singleUserMode === true && $userCount > 0) { - $allowRegistration = false; - } - - return view('auth.login', compact('allowRegistration')); - } - /** * Show the application registration form. * @@ -220,24 +160,6 @@ class AuthController extends Controller return FireflyConfig::get('blocked-domains', [])->data; } - /** - * Get the failed login message. - * - * @param string $message - * - * @return string - */ - protected function getFailedLoginMessage(string $message) - { - if (strlen($message) > 0) { - return $message; - } - - return Lang::has('auth.failed') - ? Lang::get('auth.failed') - : 'These credentials do not match our records.'; - } - /** * @param string $email * @@ -255,24 +177,7 @@ class AuthController extends Controller return false; } - /** - * Get the failed login response instance. - * - * @param \Illuminate\Http\Request $request - * @param string $message - * - * @return \Illuminate\Http\RedirectResponse - */ - protected function sendFailedLoginResponse(Request $request, string $message) - { - return redirect()->back() - ->withInput($request->only($this->loginUsername(), 'remember')) - ->withErrors( - [ - $this->loginUsername() => $this->getFailedLoginMessage($message), - ] - ); - } + /** * Get a validator for an incoming registration request. @@ -318,34 +223,4 @@ class AuthController extends Controller Log::error($e->getMessage()); } } - - /** - * Send a message home about the blocked attempt to login. - * Perhaps in a later stage, simply log these messages. - * - * @param User $user - * @param string $code - * @param string $ipAddress - */ - private function reportBlockedUserLoginAttempt(User $user, string $code, string $ipAddress) - { - - try { - $email = env('SITE_OWNER', false); - $fields = [ - 'user_id' => $user->id, - 'user_address' => $user->email, - 'code' => $code, - 'ip' => $ipAddress, - ]; - - Mail::send( - ['emails.blocked-login-html', 'emails.blocked-login'], $fields, function (Message $message) use ($email, $user) { - $message->to($email, $email)->subject('Blocked a login attempt from ' . trim($user->email) . '.'); - } - ); - } catch (Swift_TransportException $e) { - Log::error($e->getMessage()); - } - } } diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index c26213e23c..4347728d38 100755 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -2,9 +2,23 @@ namespace FireflyIII\Http\Controllers\Auth; +use Config; +use FireflyConfig; use FireflyIII\Http\Controllers\Controller; +use FireflyIII\User; use Illuminate\Foundation\Auth\AuthenticatesUsers; +use Illuminate\Http\Request; +use Illuminate\Mail\Message; +use Lang; +use Log; +use Mail; +use Swift_TransportException; +/** + * Class LoginController + * + * @package FireflyIII\Http\Controllers\Auth + */ class LoginController extends Controller { /* @@ -30,10 +44,141 @@ class LoginController extends Controller /** * Create a new controller instance. * - * @return void */ public function __construct() { + parent::__construct(); $this->middleware('guest', ['except' => 'logout']); } + + /** + * Handle a login request to the application. + * + * @param \Illuminate\Http\Request $request + * + * @return \Illuminate\Http\Response + */ + public function login(Request $request) + { + $this->validateLogin($request); + + // If the class is using the ThrottlesLogins trait, we can automatically throttle + // the login attempts for this application. We'll key this by the username and + // the IP address of the client making these requests into this application. + if ($lockedOut = $this->hasTooManyLoginAttempts($request)) { + $this->fireLockoutEvent($request); + + return $this->sendLockoutResponse($request); + } + + $credentials = $this->credentials($request); + $credentials['blocked'] = 0; // most not be blocked. + + if ($this->guard()->attempt($credentials, $request->has('remember'))) { + return $this->sendLoginResponse($request); + } + + // check if user is blocked: + $errorMessage = ''; + /** @var User $foundUser */ + $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); + if (!is_null($foundUser)) { + // if it exists, show message: + $code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; + $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']])); + $this->reportBlockedUserLoginAttempt($foundUser, $code, $request->ip()); + } + + // If the login attempt was unsuccessful we will increment the number of attempts + // to login and redirect the user back to the login form. Of course, when this + // user surpasses their maximum number of attempts they will get locked out. + if (!$lockedOut) { + $this->incrementLoginAttempts($request); + } + + return $this->sendFailedLoginResponse($request, $errorMessage); + } + + /** + * Show the application login form. + * + * @return \Illuminate\Http\Response + */ + public function showLoginForm() + { + // is allowed to? + $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data; + $userCount = User::count(); + $allowRegistration = true; + if ($singleUserMode === true && $userCount > 0) { + $allowRegistration = false; + } + + return view('auth.login', compact('allowRegistration')); + } + + /** + * Get the failed login message. + * + * @param string $message + * + * @return string + */ + protected function getFailedLoginMessage(string $message) + { + if (strlen($message) > 0) { + return $message; + } + + return Lang::has('auth.failed') ? Lang::get('auth.failed') : 'These credentials do not match our records.'; + } + + /** + * Get the failed login response instance. + * + * @param \Illuminate\Http\Request $request + * @param string $message + * + * @return \Illuminate\Http\RedirectResponse + */ + protected function sendFailedLoginResponse(Request $request, string $message) + { + return redirect()->back() + ->withInput($request->only($this->username(), 'remember')) + ->withErrors( + [ + $this->username() => $this->getFailedLoginMessage($message), + ] + ); + } + + /** + * Send a message home about the blocked attempt to login. + * Perhaps in a later stage, simply log these messages. + * + * @param User $user + * @param string $code + * @param string $ipAddress + */ + private function reportBlockedUserLoginAttempt(User $user, string $code, string $ipAddress) + { + + try { + $email = env('SITE_OWNER', false); + $fields = [ + 'user_id' => $user->id, + 'user_address' => $user->email, + 'code' => $code, + 'ip' => $ipAddress, + ]; + + Mail::send( + ['emails.blocked-login-html', 'emails.blocked-login'], $fields, function (Message $message) use ($email, $user) { + $message->to($email, $email)->subject('Blocked a login attempt from ' . trim($user->email) . '.'); + } + ); + } catch (Swift_TransportException $e) { + Log::error($e->getMessage()); + } + } } diff --git a/routes/web.php b/routes/web.php index ddc158ee2a..3df871acdb 100755 --- a/routes/web.php +++ b/routes/web.php @@ -17,8 +17,8 @@ Route::group( ['middleware' => 'user-not-logged-in'], function () { // Authentication Routes... - Route::get('login', 'Auth\LoginController@showLoginForm')->name('login'); - Route::post('login', 'Auth\LoginController@login'); + Route::get('login', 'Auth\LoginController@showLoginForm')->name('login'); # + Route::post('login', 'Auth\LoginController@login'); # // Registration Routes... Route::get('/register', ['uses' => 'Auth\RegisterController@showRegistrationForm', 'as' => 'register']);