Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace App\Http\Controllers\Auth;
- use App\Http\Controllers\Controller;
- use ATehnix;
- use App\Models\User;
- use Illuminate\Http\Request;
- use Illuminate\Support\Facades\Redis;
- use PragmaRX\Google2FA\Google2FA;
- class LoginController extends Controller
- {
- /*
- |--------------------------------------------------------------------------
- | Login Controller
- |--------------------------------------------------------------------------
- |
- | This controller handles authenticating users for the application and
- | redirecting them to your home screen. The controller uses a trait
- | to conveniently provide its functionality to your applications.
- |
- */
- use AuthenticatesUsers;
- /**
- * Where to redirect users after login.
- *
- * @var string
- */
- protected $redirectTo = '/';
- /**
- * Create a new controller instance.
- *
- * @return void
- */
- public function __construct()
- {
- $this->middleware('guest')->except('logout');
- }
- public function username()
- {
- return 'login';
- }
- public function showLoginForm(Request $request)
- {
- if($request->has('code')){
- $api = new ATehnix\VkClient\Client;
- $auth = new ATehnix\VkClient\Auth(config('settings.vk_appid'), config('settings.vk_appsecret'), route('login'));
- $token = $auth->getToken($request->get('code'));
- $vk_user = $api->request('users.get', [], $token)["response"][0];
- $user = User::where('vk_id', $vk_user['id'])->get()->first();
- if ($user){
- \Auth::login($user, true);
- }
- return redirect()->route('home');
- }
- return view('auth.login');
- }
- public function lauth(Request $request)
- {
- $user = User::fromLogin($request->get('login'));
- $password = $request->get('password');
- if(!$user->email_checked)
- {
- return 'Вы не подтвердили свой почтовый ящик!';
- }
- if($user){
- if(\Hash::check($password, $user->password) ){
- return "OK:" . $user->login;
- }else{
- return "Неверный логин или пароль!";
- }
- }else{
- return "Такого пользователя не существует!";
- }
- }
- public function login(Request $request)
- {
- $user = User::fromLogin($request->get('login'));
- if(!$user->email_checked)
- {
- return response()->json([
- 'success' => false,
- 'message' => 'У данного пользователя не подтверждена почта!'
- ]);
- }
- $this->validateLogin($request);
- if ($this->hasTooManyLoginAttempts($request)) {
- $this->fireLockoutEvent($request);
- return $this->sendLockoutResponse($request);
- }
- if ($this->attemptLogin($request)) {
- $otp_secret = Redis::get('otp_user_' . \Auth::id());
- if($otp_secret){
- $request->session()->flash('otp_user', \Auth::id());
- \Auth::logout();
- $request->session()->regenerate();
- return redirect()->route('otp');
- }
- return $this->sendLoginResponse($request);
- }else{
- if($user && $user->old_password){
- if (strtolower($user->old_password) == strtolower(md5(md5($request->get('password'))))){
- $user->password = bcrypt($request->get('password'));
- $user->old_password = null;
- $user->save();
- \Auth::loginUsingId($user->id, true);
- return redirect()->home();
- }
- }
- }
- $this->incrementLoginAttempts($request);
- return $this->sendFailedLoginResponse($request);
- }
- public function email($token)
- {
- $user = \App\Models\EmailChecked::where('token',$token);
- if($user->first())
- {
- User::where('id',$user->first()->user_id)->increment('email_checked', 1);
- \Auth::loginUsingId($user->first()->user_id, true);
- $user->delete();
- return redirect()->route('home')->with([
- 'alert-success' => 'Вы успешно подтвердили свой почтовый адрес! Приятной игры на наших серверах :)'
- ]);
- }else{
- return redirect()->route('home')->with([
- 'alert-danger' => 'Ссылка подтверждения истекла либо её не существует!'
- ]);
- }
- }
- public function otp(Request $request){
- $request->session()->reflash();
- return view('auth.otp');
- }
- public function otp_login(Request $request){
- $user_id = $request->session()->get('otp_user');
- $secret = Redis::get('otp_user_' . $user_id);
- $code = $request->get('code');
- if($secret && $code){
- $google2fa = new Google2FA();
- $secret = \Crypt::decryptString($secret);
- if($google2fa->verifyKey($secret, $code, 4)){
- \Auth::loginUsingId($user_id, true);
- return redirect()->home();
- }else{
- $request->session()->flash('alert-danger', 'Неверный OTP ключ!');
- return redirect()->home();
- }
- }
- $request->session()->flash('alert-danger', 'Ошибка при авторизации!');
- return redirect()->home();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement