119 lines
4.2 KiB
PHP
119 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\LoanerType;
|
|
use App\Models\Permission;
|
|
use App\Models\Role;
|
|
use App\Models\User;
|
|
use Illuminate\Contracts\Foundation\Application;
|
|
use Illuminate\Contracts\View\Factory;
|
|
use Illuminate\Contracts\View\View;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Session;
|
|
|
|
class LoginController extends Controller
|
|
{
|
|
|
|
/**
|
|
* checks login credentials
|
|
* @param Request $request
|
|
* @return RedirectResponse
|
|
*/
|
|
public function authenticate(Request $request)
|
|
{
|
|
//validates username and password
|
|
$credentials = $request->validate([
|
|
'username' => ['required','string'],
|
|
'password' => ['required'],
|
|
|
|
]);
|
|
|
|
//gets the user
|
|
$user = User::firstWhere('username', "=", $request['username']);
|
|
//if user is an AD User or not in the database Check login with AD LDAP
|
|
switch(config('app.login_mode')){
|
|
case('db'):
|
|
if (Auth::guard('nadUser')->attempt($credentials)) {
|
|
$request->session()->regenerate();
|
|
return $this->getRedirect($user);
|
|
}
|
|
break;
|
|
default:
|
|
if (empty($user)) {
|
|
//check if user exist on the AD and if it does import the data form the ad and make it an AD User
|
|
if ($adUser = \LdapRecord\Models\ActiveDirectory\User::findBy('samaccountname', $request['username'])) {
|
|
echo $adUser;
|
|
$ad_parts = explode(',',$adUser);
|
|
$name_parts = explode('=',$ad_parts[0]);
|
|
$name = $name_parts[1];
|
|
|
|
$ad_user = new User();
|
|
$ad_user->guid = $adUser->getConvertedGuid();
|
|
$ad_user->domain = 'default';
|
|
$ad_user->name = $name;
|
|
$ad_user->username = $request['username'];
|
|
$ad_user->password = Hash::make($request['password']);
|
|
$ad_user->loanerType()->associate(LoanerType::firstWhere('name', "=", 'adUser')->id);
|
|
$ad_user->role()->associate(Role::firstWhere('name', "=", 'Elev')->id);
|
|
$ad_user->save();
|
|
|
|
//login with AD
|
|
if (Auth::guard('adUser')->attempt(['samaccountname' => $credentials['username'], 'password' => $credentials['password']])) {
|
|
$request->session()->regenerate();
|
|
return redirect()->route('users.show',['user' => $user]);
|
|
}
|
|
}
|
|
}
|
|
elseif($user->loanerType->name === 'adUser'){
|
|
if (Auth::guard('adUser')->attempt(['samaccountname' => $credentials['username'], 'password' => $credentials['password']])) {
|
|
$request->session()->regenerate();
|
|
return redirect()->route('users.show',['user' => $user]);
|
|
}
|
|
}
|
|
elseif ($user->loanerType->name === 'nadUser') {
|
|
if (Auth::guard('nadUser')->attempt($credentials)) {
|
|
$request->session()->regenerate();
|
|
return redirect()->route('users.show',['user' => $user]);
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
|
|
//if the login fails
|
|
Auth::logout();
|
|
Session::flush();
|
|
return back()->withInput($request->input())->withErrors([
|
|
'username' => 'The provided credentials do not match our records.',
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* returns the login page
|
|
* @return Application|Factory|View|RedirectResponse
|
|
*/
|
|
public function login()
|
|
{
|
|
if(Auth::check()){
|
|
return $this->getRedirect(Auth::user());
|
|
}
|
|
|
|
return view('login');
|
|
}
|
|
|
|
/**
|
|
* logs a user out of the system
|
|
* @return RedirectResponse
|
|
*/
|
|
public function logout()
|
|
{
|
|
Auth::logout();
|
|
Session::flush();
|
|
return redirect()->intended('login');
|
|
}
|
|
}
|