Advertisement
Guest User

Untitled

a guest
Sep 7th, 2018
124
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.75 KB | None | 0 0
  1. <?php
  2.  
  3. namespace App\Http\Controllers\Auth;
  4.  
  5. use App\Http\Controllers\Controller;
  6. use ATehnix;
  7. use App\Models\User;
  8. use Illuminate\Http\Request;
  9. use Illuminate\Support\Facades\Redis;
  10. use PragmaRX\Google2FA\Google2FA;
  11.  
  12. class LoginController extends Controller
  13. {
  14. /*
  15. |--------------------------------------------------------------------------
  16. | Login Controller
  17. |--------------------------------------------------------------------------
  18. |
  19. | This controller handles authenticating users for the application and
  20. | redirecting them to your home screen. The controller uses a trait
  21. | to conveniently provide its functionality to your applications.
  22. |
  23. */
  24.  
  25. use AuthenticatesUsers;
  26.  
  27. /**
  28. * Where to redirect users after login.
  29. *
  30. * @var string
  31. */
  32. protected $redirectTo = '/';
  33.  
  34. /**
  35. * Create a new controller instance.
  36. *
  37. * @return void
  38. */
  39. public function __construct()
  40. {
  41. $this->middleware('guest')->except('logout');
  42. }
  43.  
  44. public function username()
  45. {
  46. return 'login';
  47. }
  48.  
  49. public function showLoginForm(Request $request)
  50. {
  51. if($request->has('code')){
  52. $api = new ATehnix\VkClient\Client;
  53.  
  54. $auth = new ATehnix\VkClient\Auth(config('settings.vk_appid'), config('settings.vk_appsecret'), route('login'));
  55. $token = $auth->getToken($request->get('code'));
  56.  
  57. $vk_user = $api->request('users.get', [], $token)["response"][0];
  58.  
  59. $user = User::where('vk_id', $vk_user['id'])->get()->first();
  60. if ($user){
  61. \Auth::login($user, true);
  62. }
  63.  
  64. return redirect()->route('home');
  65. }
  66.  
  67. return view('auth.login');
  68. }
  69.  
  70. public function lauth(Request $request)
  71. {
  72. $user = User::fromLogin($request->get('login'));
  73. $password = $request->get('password');
  74.  
  75. if(!$user->email_checked)
  76. {
  77. return 'Вы не подтвердили свой почтовый ящик!';
  78. }
  79.  
  80. if($user){
  81. if(\Hash::check($password, $user->password) ){
  82. return "OK:" . $user->login;
  83. }else{
  84. return "Неверный логин или пароль!";
  85. }
  86. }else{
  87. return "Такого пользователя не существует!";
  88. }
  89. }
  90.  
  91. public function login(Request $request)
  92. {
  93. $user = User::fromLogin($request->get('login'));
  94.  
  95. if(!$user->email_checked)
  96. {
  97. return response()->json([
  98. 'success' => false,
  99. 'message' => 'У данного пользователя не подтверждена почта!'
  100. ]);
  101. }
  102.  
  103. $this->validateLogin($request);
  104.  
  105. if ($this->hasTooManyLoginAttempts($request)) {
  106. $this->fireLockoutEvent($request);
  107.  
  108. return $this->sendLockoutResponse($request);
  109. }
  110.  
  111. if ($this->attemptLogin($request)) {
  112. $otp_secret = Redis::get('otp_user_' . \Auth::id());
  113. if($otp_secret){
  114. $request->session()->flash('otp_user', \Auth::id());
  115. \Auth::logout();
  116. $request->session()->regenerate();
  117. return redirect()->route('otp');
  118. }
  119. return $this->sendLoginResponse($request);
  120. }else{
  121. if($user && $user->old_password){
  122. if (strtolower($user->old_password) == strtolower(md5(md5($request->get('password'))))){
  123. $user->password = bcrypt($request->get('password'));
  124. $user->old_password = null;
  125. $user->save();
  126.  
  127. \Auth::loginUsingId($user->id, true);
  128. return redirect()->home();
  129. }
  130. }
  131. }
  132.  
  133. $this->incrementLoginAttempts($request);
  134.  
  135. return $this->sendFailedLoginResponse($request);
  136. }
  137.  
  138. public function email($token)
  139. {
  140. $user = \App\Models\EmailChecked::where('token',$token);
  141. if($user->first())
  142. {
  143. User::where('id',$user->first()->user_id)->increment('email_checked', 1);
  144. \Auth::loginUsingId($user->first()->user_id, true);
  145. $user->delete();
  146.  
  147. return redirect()->route('home')->with([
  148. 'alert-success' => 'Вы успешно подтвердили свой почтовый адрес! Приятной игры на наших серверах :)'
  149. ]);
  150. }else{
  151. return redirect()->route('home')->with([
  152. 'alert-danger' => 'Ссылка подтверждения истекла либо её не существует!'
  153. ]);
  154. }
  155. }
  156.  
  157. public function otp(Request $request){
  158. $request->session()->reflash();
  159. return view('auth.otp');
  160. }
  161.  
  162. public function otp_login(Request $request){
  163. $user_id = $request->session()->get('otp_user');
  164. $secret = Redis::get('otp_user_' . $user_id);
  165. $code = $request->get('code');
  166. if($secret && $code){
  167. $google2fa = new Google2FA();
  168.  
  169. $secret = \Crypt::decryptString($secret);
  170. if($google2fa->verifyKey($secret, $code, 4)){
  171. \Auth::loginUsingId($user_id, true);
  172. return redirect()->home();
  173. }else{
  174. $request->session()->flash('alert-danger', 'Неверный OTP ключ!');
  175. return redirect()->home();
  176. }
  177. }
  178. $request->session()->flash('alert-danger', 'Ошибка при авторизации!');
  179. return redirect()->home();
  180. }
  181. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement