| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  | <?php | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | namespace BookStack\Http\Controllers\Auth; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | use BookStack\Auth\Access\UserInviteService; | 
					
						
							|  |  |  | use BookStack\Auth\UserRepo; | 
					
						
							|  |  |  | use BookStack\Exceptions\UserTokenExpiredException; | 
					
						
							|  |  |  | use BookStack\Exceptions\UserTokenNotFoundException; | 
					
						
							|  |  |  | use BookStack\Http\Controllers\Controller; | 
					
						
							|  |  |  | use Exception; | 
					
						
							|  |  |  | use Illuminate\Contracts\View\Factory; | 
					
						
							|  |  |  | use Illuminate\Http\RedirectResponse; | 
					
						
							|  |  |  | use Illuminate\Http\Request; | 
					
						
							|  |  |  | use Illuminate\Routing\Redirector; | 
					
						
							|  |  |  | use Illuminate\View\View; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | class UserInviteController extends Controller | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |     protected $inviteService; | 
					
						
							|  |  |  |     protected $userRepo; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Create a new controller instance. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param UserInviteService $inviteService | 
					
						
							|  |  |  |      * @param UserRepo $userRepo | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function __construct(UserInviteService $inviteService, UserRepo $userRepo) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $this->inviteService = $inviteService; | 
					
						
							|  |  |  |         $this->userRepo = $userRepo; | 
					
						
							|  |  |  |         $this->middleware('guest'); | 
					
						
							|  |  |  |         parent::__construct(); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Show the page for the user to set the password for their account. | 
					
						
							|  |  |  |      * @param string $token | 
					
						
							|  |  |  |      * @return Factory|View|RedirectResponse | 
					
						
							|  |  |  |      * @throws Exception | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function showSetPassword(string $token) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         try { | 
					
						
							|  |  |  |             $this->inviteService->checkTokenAndGetUserId($token); | 
					
						
							|  |  |  |         } catch (Exception $exception) { | 
					
						
							|  |  |  |             return $this->handleTokenException($exception); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return view('auth.invite-set-password', [ | 
					
						
							|  |  |  |             'token' => $token, | 
					
						
							|  |  |  |         ]); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Sets the password for an invited user and then grants them access. | 
					
						
							|  |  |  |      * @param Request $request | 
					
						
							| 
									
										
										
										
											2019-09-16 01:53:30 +08:00
										 |  |  |      * @param string $token | 
					
						
							| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  |      * @return RedirectResponse|Redirector | 
					
						
							|  |  |  |      * @throws Exception | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2019-09-16 01:53:30 +08:00
										 |  |  |     public function setPassword(Request $request, string $token) | 
					
						
							| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  |     { | 
					
						
							|  |  |  |         $this->validate($request, [ | 
					
						
							| 
									
										
										
										
											2019-09-14 06:58:40 +08:00
										 |  |  |             'password' => 'required|min:8' | 
					
						
							| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  |         ]); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         try { | 
					
						
							|  |  |  |             $userId = $this->inviteService->checkTokenAndGetUserId($token); | 
					
						
							|  |  |  |         } catch (Exception $exception) { | 
					
						
							|  |  |  |             return $this->handleTokenException($exception); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         $user = $this->userRepo->getById($userId); | 
					
						
							|  |  |  |         $user->password = bcrypt($request->get('password')); | 
					
						
							|  |  |  |         $user->email_confirmed = true; | 
					
						
							|  |  |  |         $user->save(); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         auth()->login($user); | 
					
						
							| 
									
										
										
										
											2019-10-05 19:55:01 +08:00
										 |  |  |         $this->showSuccessNotification(trans('auth.user_invite_success', ['appName' => setting('app-name')])); | 
					
						
							| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  |         $this->inviteService->deleteByUser($user); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return redirect('/'); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check and validate the exception thrown when checking an invite token. | 
					
						
							|  |  |  |      * @param Exception $exception | 
					
						
							|  |  |  |      * @return RedirectResponse|Redirector | 
					
						
							|  |  |  |      * @throws Exception | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected function handleTokenException(Exception $exception) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         if ($exception instanceof UserTokenNotFoundException) { | 
					
						
							|  |  |  |             return redirect('/'); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         if ($exception instanceof UserTokenExpiredException) { | 
					
						
							| 
									
										
										
										
											2019-10-05 19:55:01 +08:00
										 |  |  |             $this->showErrorNotification(trans('errors.invite_token_expired')); | 
					
						
							| 
									
										
										
										
											2019-08-18 20:11:30 +08:00
										 |  |  |             return redirect('/password/email'); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         throw $exception; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | } |