API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 23rd, 2016
179
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.60 KB | None | 0 0
raw download clone embed print report
  1. namespace AppHttpControllersAuth;
  2.  
  3. use AppUser;
  4. use Validator;
  5.  
  6. use IlluminateSupportFacadesAuth;
  7. use IlluminateHttpRequest;
  8.  
  9. use AppHttpControllersController;
  10. use IlluminateFoundationAuthThrottlesLogins;
  11. use IlluminateFoundationAuthAuthenticatesAndRegistersUsers;
  12.  
  13. use AdldapContractsAdldapInterface;
  14.  
  15. class AuthController extends Controller
  16. {
  17. /*
  18. |--------------------------------------------------------------------------
  19. | Registration & Login Controller
  20. |--------------------------------------------------------------------------
  21. |
  22. | This controller handles the registration of new users, as well as the
  23. | authentication of existing users. By default, this controller uses
  24. | a simple trait to add these behaviors. Why don't you explore it?
  25. |
  26. */
  27.  
  28. use AuthenticatesAndRegistersUsers, ThrottlesLogins;
  29.  
  30. /**
  31. * Where to redirect users after login / registration.
  32. *
  33. * @var string
  34. */
  35. protected $redirectTo = '/tickets';
  36.  
  37. /**
  38. * @var Adldap
  39. */
  40. protected $adldap;
  41.  
  42. /**
  43. * Create a new authentication controller instance.
  44. *
  45. * @return void
  46. */
  47. public function __construct(AdldapInterface $adldap)
  48. {
  49. $this->middleware($this->guestMiddleware(), ['except' => 'logout']);
  50. $this->adldap = $adldap;
  51. }
  52.  
  53. /**
  54. * Get a validator for an incoming registration request.
  55. *
  56. * @param array $data
  57. * @return IlluminateContractsValidationValidator
  58. */
  59. protected function validator(array $data)
  60. {
  61. return Validator::make($data, [
  62. 'name' => 'required|max:255',
  63. 'email' => 'required|email|max:255|unique:users',
  64. 'password' => 'required|min:6|confirmed',
  65. ]);
  66. }
  67.  
  68. /**
  69. * Create a new user instance after a valid registration.
  70. *
  71. * @param array $data
  72. * @return User
  73. */
  74. protected function create(array $data)
  75. {
  76. return User::create([
  77. 'name' => $data['name'],
  78. 'email' => $data['email'],
  79. 'password' => bcrypt($data['password']),
  80. ]);
  81. }
  82.  
  83. /**
  84. * Handle a login request to the application.
  85. *
  86. * @param IlluminateHttpRequest $request
  87. * @return IlluminateHttpResponse
  88. */
  89. public function login(Request $request)
  90. {
  91. if ($this->adldap->auth()->attempt($request->email, $request->password )) {
  92. return 'entro';
  93.  
  94.  
  95. // $this->validateLogin($request);
  96.  
  97. // // If the class is using the ThrottlesLogins trait, we can automatically throttle
  98. // // the login attempts for this application. We'll key this by the username and
  99. // // the IP address of the client making these requests into this application.
  100. // $throttles = $this->isUsingThrottlesLoginsTrait();
  101.  
  102. // if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
  103. // $this->fireLockoutEvent($request);
  104.  
  105. // return $this->sendLockoutResponse($request);
  106. // }
  107.  
  108. // $credentials = $this->getCredentials($request);
  109.  
  110. // if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) {
  111. // return $this->handleUserWasAuthenticated($request, $throttles);
  112. // }
  113.  
  114. // // If the login attempt was unsuccessful we will increment the number of attempts
  115. // // to login and redirect the user back to the login form. Of course, when this
  116. // // user surpasses their maximum number of attempts they will get locked out.
  117. // if ($throttles && ! $lockedOut) {
  118. // $this->incrementLoginAttempts($request);
  119. // }
  120.  
  121. // return $this->sendFailedLoginResponse($request);
  122. }
  123. }
  124.  
  125. }
  126.  
  127. /*
  128. |--------------------------------------------------------------------------
  129. | Connections
  130. |--------------------------------------------------------------------------
  131. |
  132. | This array stores the connections that are added to Adldap. You can add
  133. | as many connections as you like.
  134. |
  135. | The key is the name of the connection you wish to use and the value is
  136. | an array of configuration settings.
  137. |
  138. */
  139.  
  140. 'connections' => [
  141.  
  142. 'default' => [
  143.  
  144. /*
  145. |--------------------------------------------------------------------------
  146. | Auto Connect
  147. |--------------------------------------------------------------------------
  148. |
  149. | If auto connect is true, anytime Adldap is instantiated it will automatically
  150. | connect to your AD server. If this is set to false, you must connect manually
  151. | using: Adldap::connect().
  152. |
  153. */
  154.  
  155. 'auto_connect' => true,
  156.  
  157. /*
  158. |--------------------------------------------------------------------------
  159. | Connection
  160. |--------------------------------------------------------------------------
  161. |
  162. | The connection class to use to run operations on.
  163. |
  164. | You can also set this option to `null` to use the default connection class.
  165. |
  166. | Custom connection classes must implement AdldapContractsConnectionsConnectionInterface
  167. |
  168. */
  169.  
  170. 'connection' => AdldapConnectionsLdap::class,
  171.  
  172. /*
  173. |--------------------------------------------------------------------------
  174. | Schema
  175. |--------------------------------------------------------------------------
  176. |
  177. | The schema class to use for retrieving attributes and generating models.
  178. |
  179. | You can also set this option to `null` to use the default schema class.
  180. |
  181. | Custom schema classes must implement AdldapContractsSchemasSchemaInterface
  182. |
  183. */
  184.  
  185. 'schema' => AdldapSchemasActiveDirectory::class,
  186.  
  187. /*
  188. |--------------------------------------------------------------------------
  189. | Connection Settings
  190. |--------------------------------------------------------------------------
  191. |
  192. | This connection settings array is directly passed into the Adldap constructor.
  193. |
  194. | Feel free to add or remove settings you don't need.
  195. |
  196. */
  197.  
  198. 'connection_settings' => [
  199.  
  200. /*
  201. |--------------------------------------------------------------------------
  202. | Account Prefix
  203. |--------------------------------------------------------------------------
  204. |
  205. | The account prefix option is the prefix of your user accounts in AD.
  206. |
  207. | For example, if you'd prefer your users to use only their username instead
  208. | of specifying a domain ('ACMEjdoe'), enter your domain name.
  209. |
  210. */
  211.  
  212. 'account_prefix' => '',
  213.  
  214. /*
  215. |--------------------------------------------------------------------------
  216. | Account Suffix
  217. |--------------------------------------------------------------------------
  218. |
  219. | The account suffix option is the suffix of your user accounts in AD.
  220. |
  221. | For example, if your domain DN is DC=corp,DC=acme,DC=org, then your
  222. | account suffix would be @corp.acme.org. This is then appended to
  223. | then end of your user accounts on authentication.
  224. |
  225. */
  226.  
  227. 'account_suffix' => '',
  228.  
  229. /*
  230. |--------------------------------------------------------------------------
  231. | Domain Controllers
  232. |--------------------------------------------------------------------------
  233. |
  234. | The domain controllers option is an array of servers located on your
  235. | network that serve Active Directory. You can insert as many servers or
  236. | as little as you'd like depending on your forest (with the
  237. | minimum of one of course).
  238. |
  239. | These can be IP addresses of your server(s), or the host name.
  240. |
  241. */
  242.  
  243. 'domain_controllers' => ['190.168.124.147'],
  244.  
  245. /*
  246. |--------------------------------------------------------------------------
  247. | Port
  248. |--------------------------------------------------------------------------
  249. |
  250. | The port option is used for authenticating and binding to your AD server.
  251. |
  252. */
  253.  
  254. 'port' => 80,
  255.  
  256. /*
  257. |--------------------------------------------------------------------------
  258. | Timeout
  259. |--------------------------------------------------------------------------
  260. |
  261. | The timeout option allows you to configure the amount of time in
  262. | seconds that your application waits until a response
  263. | is received from your LDAP server.
  264. |
  265. */
  266.  
  267. 'timeout' => 5,
  268.  
  269. /*
  270. |--------------------------------------------------------------------------
  271. | Base Distinguished Name
  272. |--------------------------------------------------------------------------
  273. |
  274. | The base distinguished name is the base distinguished name you'd like
  275. | to perform operations on. An example base DN would be DC=corp,DC=acme,DC=org.
  276. |
  277. | If one is not defined, then Adldap will try to find it automatically
  278. | by querying your server. It's recommended to include it to
  279. | limit queries executed per request.
  280. |
  281. */
  282.  
  283. 'base_dn' => '',
  284.  
  285. /*
  286. |--------------------------------------------------------------------------
  287. | Administrator Account Suffix
  288. |--------------------------------------------------------------------------
  289. |
  290. | This option allows you to set a different account suffix for your
  291. | configured administrator account upon binding.
  292. |
  293. | If left empty, your `account_suffix` option will be used.
  294. |
  295. */
  296.  
  297. 'admin_account_suffix' => '',
  298.  
  299. /*
  300. |--------------------------------------------------------------------------
  301. | Administrator Username & Password
  302. |--------------------------------------------------------------------------
  303. |
  304. | When connecting to your AD server, a username and password is required
  305. | to be able to query and run operations on your server(s). You can
  306. | use any user account that has these permissions. This account
  307. | does not need to be a domain administrator unless you
  308. | require changing and resetting user passwords.
  309. |
  310. */
  311.  
  312. 'admin_username' => env('ADLDAP_ADMIN_USERNAME', 'foosaaa'),
  313. 'admin_password' => env('ADLDAP_ADMIN_PASSWORD', 'kaa@taa'),
  314.  
  315. /*
  316. |--------------------------------------------------------------------------
  317. | Follow Referrals
  318. |--------------------------------------------------------------------------
  319. |
  320. | The follow referrals option is a boolean to tell active directory
  321. | to follow a referral to another server on your network if the
  322. | server queried knows the information your asking for exists,
  323. | but does not yet contain a copy of it locally.
  324. |
  325. | This option is defaulted to false.
  326. |
  327. */
  328.  
  329. 'follow_referrals' => false,
  330.  
  331. /*
  332. |--------------------------------------------------------------------------
  333. | SSL & TLS
  334. |--------------------------------------------------------------------------
  335. |
  336. | If you need to be able to change user passwords on your server, then an
  337. | SSL or TLS connection is required. All other operations are allowed
  338. | on unsecured protocols. One of these options are definitely recommended
  339. | if you have the ability to connect to your server securely.
  340. |
  341. */
  342.  
  343. 'use_ssl' => false,
  344. 'use_tls' => false,
  345.  
  346. public function bind($username, $password, $prefix = null, $suffix = null)
  347. {
  348. // We'll allow binding with a null username and password
  349. // if their empty. This will allow us to anonymously
  350. // bind to our servers if needed.
  351. $username = $username ?: null;
  352. $password = $password ?: null;
  353.  
  354. if ($username) {
  355. // If the username isn't empty, we'll append the configured
  356. // account prefix and suffix to bind to the LDAP server.
  357. $prefix = is_null($prefix) ? $this->configuration->getAccountPrefix() : $prefix;
  358. $suffix = is_null($suffix) ? $this->configuration->getAccountSuffix() : $suffix;
  359.  
  360. $username = $prefix.$username.$suffix;
  361. }
  362.  
  363. // We'll mute any exceptions / warnings here. All we need to know
  364. // is if binding failed and we'll throw our own exception.
  365. if (!@$this->connection->bind($username, $password)) {
  366. throw new BindException($this->connection->getLastError(), $this->connection->errNo());
  367. }
  368. }
  369.  
  370. /*
  371. |--------------------------------------------------------------------------
  372. | Authentication Defaults
  373. |--------------------------------------------------------------------------
  374. |
  375. | This option controls the default authentication "guard" and password
  376. | reset options for your application. You may change these defaults
  377. | as required, but they're a perfect start for most applications.
  378. |
  379. */
  380.  
  381. 'defaults' => [
  382. 'guard' => 'web',
  383. 'passwords' => 'users',
  384. ],
  385.  
  386. /*
  387. |--------------------------------------------------------------------------
  388. | Authentication Guards
  389. |--------------------------------------------------------------------------
  390. |
  391. | Next, you may define every authentication guard for your application.
  392. | Of course, a great default configuration has been defined for you
  393. | here which uses session storage and the Eloquent user provider.
  394. |
  395. | All authentication drivers have a user provider. This defines how the
  396. | users are actually retrieved out of your database or other storage
  397. | mechanisms used by this application to persist your user's data.
  398. |
  399. | Supported: "session", "token"
  400. |
  401. */
  402.  
  403. 'guards' => [
  404. 'web' => [
  405. 'driver' => 'session',
  406. 'provider' => 'users',
  407. ],
  408.  
  409. 'api' => [
  410. 'driver' => 'token',
  411. 'provider' => 'users',
  412. ],
  413. ],
  414.  
  415. /*
  416. |--------------------------------------------------------------------------
  417. | User Providers
  418. |--------------------------------------------------------------------------
  419. |
  420. | All authentication drivers have a user provider. This defines how the
  421. | users are actually retrieved out of your database or other storage
  422. | mechanisms used by this application to persist your user's data.
  423. |
  424. | If you have multiple user tables or models you may configure multiple
  425. | sources which represent each model / table. These sources may then
  426. | be assigned to any extra authentication guards you have defined.
  427. |
  428. | Supported: "database", "eloquent"
  429. |
  430. */
  431.  
  432. 'providers' => [
  433. 'users' => [
  434. 'driver' => 'adldap',
  435. 'model' => AppUser::class,
  436. ],
  437.  
  438. // 'users' => [
  439. // 'driver' => 'database',
  440. // 'table' => 'users',
  441. // ],
  442. ],
  443.  
  444. /*
  445. |--------------------------------------------------------------------------
  446. | Resetting Passwords
  447. |--------------------------------------------------------------------------
  448. |
  449. | Here you may set the options for resetting passwords including the view
  450. | that is your password reset e-mail. You may also set the name of the
  451. | table that maintains all of the reset tokens for your application.
  452. |
  453. | You may specify multiple password reset configurations if you have more
  454. | than one user table or model in the application and you want to have
  455. | separate password reset settings based on the specific user types.
  456. |
  457. | The expire time is the number of minutes that the reset token should be
  458. | considered valid. This security feature keeps tokens short-lived so
  459. | they have less time to be guessed. You may change this as needed.
  460. |
  461. */
  462.  
  463. 'passwords' => [
  464. 'users' => [
  465. 'provider' => 'users',
  466. 'email' => 'auth.emails.password',
  467. 'table' => 'password_resets',
  468. 'expire' => 60,
  469. ],
  470. ],
  471.  
  472. <?php
  473.  
  474. namespace App;
  475.  
  476. use IlluminateFoundationAuthUser as Authenticatable;
  477.  
  478. class User extends Authenticatable
  479. {
  480. /**
  481. * The attributes that are mass assignable.
  482. *
  483. * @var array
  484. */
  485. protected $fillable = [
  486. 'name', 'email', 'password','username'
  487. ];
  488.  
  489. /**
  490. * The attributes that should be hidden for arrays.
  491. *
  492. * @var array
  493. */
  494. protected $hidden = [
  495. 'password', 'remember_token',
  496. ];
  497. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!