1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Backpack\CRUD\app\Library\Auth; |
4
|
|
|
|
5
|
|
|
use Illuminate\Http\Request; |
6
|
|
|
use Illuminate\Http\Response; |
7
|
|
|
use Illuminate\Support\Facades\Auth; |
8
|
|
|
use Illuminate\Validation\ValidationException; |
9
|
|
|
|
10
|
|
|
trait AuthenticatesUsers |
11
|
|
|
{ |
12
|
|
|
use RedirectsUsers, ThrottlesLogins; |
13
|
|
|
|
14
|
|
|
/** |
15
|
|
|
* Show the application's login form. |
16
|
|
|
* |
17
|
|
|
* @return \Illuminate\Http\Response |
|
|
|
|
18
|
|
|
*/ |
19
|
|
|
public function showLoginForm() |
20
|
|
|
{ |
21
|
|
|
$this->data['title'] = trans('backpack::base.login'); // set the page title |
|
|
|
|
22
|
|
|
$this->data['username'] = $this->username(); |
23
|
|
|
|
24
|
|
|
return view(backpack_view('auth.login'), $this->data); |
25
|
|
|
} |
26
|
|
|
|
27
|
|
|
/** |
28
|
|
|
* Handle a login request to the application. |
29
|
|
|
* |
30
|
|
|
* @param \Illuminate\Http\Request $request |
31
|
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse |
32
|
|
|
* |
33
|
|
|
* @throws \Illuminate\Validation\ValidationException |
34
|
|
|
*/ |
35
|
|
|
public function login(Request $request) |
36
|
|
|
{ |
37
|
|
|
$this->validateLogin($request); |
38
|
|
|
|
39
|
|
|
// If the class is using the ThrottlesLogins trait, we can automatically throttle |
40
|
|
|
// the login attempts for this application. We'll key this by the username and |
41
|
|
|
// the IP address of the client making these requests into this application. |
42
|
|
|
if (method_exists($this, 'hasTooManyLoginAttempts') && |
43
|
|
|
$this->hasTooManyLoginAttempts($request)) { |
44
|
|
|
$this->fireLockoutEvent($request); |
45
|
|
|
|
46
|
|
|
return $this->sendLockoutResponse($request); |
47
|
|
|
} |
48
|
|
|
|
49
|
|
|
if ($this->attemptLogin($request)) { |
50
|
|
|
return $this->sendLoginResponse($request); |
51
|
|
|
} |
52
|
|
|
|
53
|
|
|
// If the login attempt was unsuccessful we will increment the number of attempts |
54
|
|
|
// to login and redirect the user back to the login form. Of course, when this |
55
|
|
|
// user surpasses their maximum number of attempts they will get locked out. |
56
|
|
|
$this->incrementLoginAttempts($request); |
57
|
|
|
|
58
|
|
|
return $this->sendFailedLoginResponse($request); |
59
|
|
|
} |
60
|
|
|
|
61
|
|
|
/** |
62
|
|
|
* Validate the user login request. |
63
|
|
|
* |
64
|
|
|
* @param \Illuminate\Http\Request $request |
65
|
|
|
* @return void |
66
|
|
|
* |
67
|
|
|
* @throws \Illuminate\Validation\ValidationException |
68
|
|
|
*/ |
69
|
|
|
protected function validateLogin(Request $request) |
70
|
|
|
{ |
71
|
|
|
$request->validate([ |
72
|
|
|
$this->username() => 'required|string', |
73
|
|
|
'password' => 'required|string', |
74
|
|
|
]); |
75
|
|
|
} |
76
|
|
|
|
77
|
|
|
/** |
78
|
|
|
* Attempt to log the user into the application. |
79
|
|
|
* |
80
|
|
|
* @param \Illuminate\Http\Request $request |
81
|
|
|
* @return bool |
82
|
|
|
*/ |
83
|
|
|
protected function attemptLogin(Request $request) |
84
|
|
|
{ |
85
|
|
|
return $this->guard()->attempt( |
86
|
|
|
$this->credentials($request), $request->filled('remember') |
87
|
|
|
); |
88
|
|
|
} |
89
|
|
|
|
90
|
|
|
/** |
91
|
|
|
* Get the needed authorization credentials from the request. |
92
|
|
|
* |
93
|
|
|
* @param \Illuminate\Http\Request $request |
94
|
|
|
* @return array |
95
|
|
|
*/ |
96
|
|
|
protected function credentials(Request $request) |
97
|
|
|
{ |
98
|
|
|
return $request->only($this->username(), 'password'); |
99
|
|
|
} |
100
|
|
|
|
101
|
|
|
/** |
102
|
|
|
* Send the response after the user was authenticated. |
103
|
|
|
* |
104
|
|
|
* @param \Illuminate\Http\Request $request |
105
|
|
|
* @return \Illuminate\Http\Response |
106
|
|
|
*/ |
107
|
|
|
protected function sendLoginResponse(Request $request) |
108
|
|
|
{ |
109
|
|
|
$request->session()->regenerate(); |
|
|
|
|
110
|
|
|
|
111
|
|
|
$this->clearLoginAttempts($request); |
112
|
|
|
|
113
|
|
|
if ($response = $this->authenticated($request, $this->guard()->user())) { |
114
|
|
|
return $response; |
115
|
|
|
} |
116
|
|
|
|
117
|
|
|
return $request->wantsJson() |
118
|
|
|
? new Response('', 204) |
119
|
|
|
: redirect()->intended($this->redirectPath()); |
120
|
|
|
} |
121
|
|
|
|
122
|
|
|
/** |
123
|
|
|
* The user has been authenticated. |
124
|
|
|
* |
125
|
|
|
* @param \Illuminate\Http\Request $request |
126
|
|
|
* @param mixed $user |
127
|
|
|
* @return mixed |
128
|
|
|
*/ |
129
|
|
|
protected function authenticated(Request $request, $user) |
|
|
|
|
130
|
|
|
{ |
131
|
|
|
// |
132
|
|
|
} |
133
|
|
|
|
134
|
|
|
/** |
135
|
|
|
* Get the failed login response instance. |
136
|
|
|
* |
137
|
|
|
* @param \Illuminate\Http\Request $request |
138
|
|
|
* @return \Symfony\Component\HttpFoundation\Response |
|
|
|
|
139
|
|
|
* |
140
|
|
|
* @throws \Illuminate\Validation\ValidationException |
141
|
|
|
*/ |
142
|
|
|
protected function sendFailedLoginResponse(Request $request) |
|
|
|
|
143
|
|
|
{ |
144
|
|
|
throw ValidationException::withMessages([ |
145
|
|
|
$this->username() => [trans('auth.failed')], |
146
|
|
|
]); |
147
|
|
|
} |
148
|
|
|
|
149
|
|
|
/** |
150
|
|
|
* Get the login username to be used by the controller. |
151
|
|
|
* |
152
|
|
|
* @return string |
153
|
|
|
*/ |
154
|
|
|
public function username() |
155
|
|
|
{ |
156
|
|
|
return 'email'; |
157
|
|
|
} |
158
|
|
|
|
159
|
|
|
/** |
160
|
|
|
* Log the user out of the application. |
161
|
|
|
* |
162
|
|
|
* @param \Illuminate\Http\Request $request |
163
|
|
|
* @return \Illuminate\Http\Response |
164
|
|
|
*/ |
165
|
|
|
public function logout(Request $request) |
166
|
|
|
{ |
167
|
|
|
$this->guard()->logout(); |
168
|
|
|
|
169
|
|
|
$request->session()->invalidate(); |
170
|
|
|
|
171
|
|
|
$request->session()->regenerateToken(); |
|
|
|
|
172
|
|
|
|
173
|
|
|
if ($response = $this->loggedOut($request)) { |
174
|
|
|
return $response; |
175
|
|
|
} |
176
|
|
|
|
177
|
|
|
return $request->wantsJson() |
178
|
|
|
? new Response('', 204) |
179
|
|
|
: redirect('/'); |
180
|
|
|
} |
181
|
|
|
|
182
|
|
|
/** |
183
|
|
|
* The user has logged out of the application. |
184
|
|
|
* |
185
|
|
|
* @param \Illuminate\Http\Request $request |
186
|
|
|
* @return mixed |
187
|
|
|
*/ |
188
|
|
|
protected function loggedOut(Request $request) |
|
|
|
|
189
|
|
|
{ |
190
|
|
|
// |
191
|
|
|
} |
192
|
|
|
|
193
|
|
|
/** |
194
|
|
|
* Get the guard to be used during authentication. |
195
|
|
|
* |
196
|
|
|
* @return \Illuminate\Contracts\Auth\StatefulGuard |
197
|
|
|
*/ |
198
|
|
|
protected function guard() |
199
|
|
|
{ |
200
|
|
|
return Auth::guard(); |
201
|
|
|
} |
202
|
|
|
} |
203
|
|
|
|
This check compares the return type specified in the
@return
annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch.