diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php index bbb8acb5b..f6f00dba7 100644 --- a/app/Http/Controllers/Auth/AuthController.php +++ b/app/Http/Controllers/Auth/AuthController.php @@ -36,8 +36,8 @@ use Socialite; * * @author Ladybird */ -class AuthController extends Controller -{ +class AuthController extends Controller { + use AuthenticatesAndRegistersUsers; /* to redirect after login */ @@ -58,15 +58,13 @@ class AuthController extends Controller * * @return void */ - public function __construct(PhpMailController $PhpMailController, SocialMediaController $social) - { + public function __construct(PhpMailController $PhpMailController, SocialMediaController $social) { $this->PhpMailController = $PhpMailController; $social->configService(); $this->middleware('guest', ['except' => ['getLogout', 'verifyOTP', 'redirectToProvider']]); } - public function redirectToProvider($provider, $redirect = '') - { + public function redirectToProvider($provider, $redirect = '') { if ($redirect !== '') { $this->setSession($provider, $redirect); } @@ -76,8 +74,7 @@ class AuthController extends Controller return $s; } - public function handleProviderCallback($provider) - { + public function handleProviderCallback($provider) { try { //notice we are not doing any validation, you should do it $this->changeRedirect(); @@ -95,10 +92,10 @@ class AuthController extends Controller } $data = [ 'first_name' => $first_name, - 'email' => $user->getEmail(), - 'user_name' => $username, - 'role' => 'user', - 'active' => 1, + 'email' => $user->getEmail(), + 'user_name' => $username, + 'role' => 'user', + 'active' => 1, ]; $user = User::where('email', $data['email'])->first(); if (!$user) { @@ -121,8 +118,7 @@ class AuthController extends Controller * * @return type Response */ - public function getRegister(CommonSettings $settings) - { + public function getRegister(CommonSettings $settings) { // Event for login $settings = $settings->select('status')->where('option_name', '=', 'send_otp')->first(); $email_mandatory = $settings->select('status')->where('option_name', '=', 'email_mandatory')->first(); @@ -147,8 +143,7 @@ class AuthController extends Controller * * @return type Response */ - public function postRegister(User $user, RegisterRequest $request) - { + public function postRegister(User $user, RegisterRequest $request) { try { $request_array = $request->input(); $password = Hash::make($request->input('password')); @@ -185,7 +180,7 @@ class AuthController extends Controller // Event for login \Event::fire(new \App\Events\LoginEvent($request)); if ($request->input('email') !== '') { - $var = $this->PhpMailController->sendmail($from = $this->PhpMailController->mailfrom('1', '0'), $to = ['name' => $name, 'email' => $request->input('email')], $message = ['subject' => null, 'scenario' => 'registration'], $template_variables = ['user' => $name, 'email_address' => $request->input('email'), 'password_reset_link' => url('account/activate/'.$code)]); + $var = $this->PhpMailController->sendmail($from = $this->PhpMailController->mailfrom('1', '0'), $to = ['name' => $name, 'email' => $request->input('email')], $message = ['subject' => null, 'scenario' => 'registration'], $template_variables = ['user' => $name, 'email_address' => $request->input('email'), 'password_reset_link' => url('account/activate/' . $code)]); } if ($settings->status == 1 || $settings->status == '1') { if (count($sms) > 0) { @@ -218,8 +213,7 @@ class AuthController extends Controller * * @return type redirect */ - public function accountActivate($token) - { + public function accountActivate($token) { $user = User::where('remember_token', '=', $token)->first(); if ($user) { $user->active = 1; @@ -241,8 +235,7 @@ class AuthController extends Controller * * @return type Response */ - public function getMail($token, User $user) - { + public function getMail($token, User $user) { $user = $user->where('remember_token', $token)->where('active', 0)->first(); if ($user) { $user->active = 1; @@ -259,10 +252,9 @@ class AuthController extends Controller * * @return type Response */ - public function getLogin() - { + public function getLogin() { $directory = base_path(); - if (file_exists($directory.DIRECTORY_SEPARATOR.'.env')) { + if (file_exists($directory . DIRECTORY_SEPARATOR . '.env')) { if (Auth::user()) { if (Auth::user()->role == 'admin' || Auth::user()->role == 'agent') { return \Redirect::route('dashboard'); @@ -284,61 +276,64 @@ class AuthController extends Controller * * @return type Response */ - public function postLogin(LoginRequest $request) - { - // dd($request->input()); - \Event::fire('auth.login.event', []); //added 5/5/2016 - // Set login attempts and login time - $value = $_SERVER['REMOTE_ADDR']; - $usernameinput = $request->input('email'); - $password = $request->input('password'); - if ($request->input('referer')) { - $referer = 'form'; - } else { - $referer = '/'; - } - $field = filter_var($usernameinput, FILTER_VALIDATE_EMAIL) ? 'email' : 'user_name'; - $result = $this->confirmIPAddress($value, $usernameinput); + public function postLogin(LoginRequest $request) { + try { + // dd($request->input()); + \Event::fire('auth.login.event', []); //added 5/5/2016 + // Set login attempts and login time + $value = $_SERVER['REMOTE_ADDR']; + $usernameinput = $request->input('email'); + $password = $request->input('password'); + if ($request->input('referer')) { + $referer = 'form'; + } else { + $referer = '/'; + } + $field = filter_var($usernameinput, FILTER_VALIDATE_EMAIL) ? 'email' : 'user_name'; + $result = $this->confirmIPAddress($value, $usernameinput); - // If attempts > 3 and time < 30 minutes - $security = Security::whereId('1')->first(); - if ($result == 1) { - return redirect()->back()->withErrors('email', 'Incorrect details')->with(['error' => $security->lockout_message, 'referer' => $referer]); - } + // If attempts > 3 and time < 30 minutes + $security = Security::whereId('1')->first(); + if ($result == 1) { + return redirect()->back()->withErrors('email', 'Incorrect details')->with(['error' => $security->lockout_message, 'referer' => $referer]); + } - $check_active = User::where('email', '=', $request->input('email'))->orwhere('user_name', '=', $request->input('email'))->first(); - if (!$check_active) { //check if user exists or not - //if user deos not exist then return back with error that user is not registered - return redirect()->back() - ->withInput($request->only('email', 'remember')) - ->withErrors([ - 'email' => $this->getFailedLoginMessage(), - 'password' => $this->getFailedLoginMessage(), - ])->with(['error' => Lang::get('lang.not-registered'), - 'referer' => $referer, ]); - } + $check_active = User::where('email', '=', $request->input('email'))->orwhere('user_name', '=', $request->input('email'))->first(); + if (!$check_active) { //check if user exists or not + //if user deos not exist then return back with error that user is not registered + return redirect()->back() + ->withInput($request->only('email', 'remember')) + ->withErrors([ + 'email' => $this->getFailedLoginMessage(), + 'password' => $this->getFailedLoginMessage(), + ])->with(['error' => Lang::get('lang.not-registered'), + 'referer' => $referer,]); + } - //if user exists - $settings = CommonSettings::select('status')->where('option_name', '=', 'send_otp')->first(); + //if user exists + $settings = CommonSettings::select('status')->where('option_name', '=', 'send_otp')->first(); - if ($settings->status == '1' || $settings->status == 1) { // check for otp verification setting - // setting is enabled - $sms = Plugin::select('status')->where('name', '=', 'SMS')->first(); - if ($sms) { //check sms plugin installed or not - // plugin is installed - if ($sms->status == 1 || $sms->status === '1') { //check plugin is active or not - // plugin is active - if (!$check_active->active) { //check account is active or not - // account is not active show verify otp window - if ($check_active->mobile) { //check user has mobile or not - // user has mobile number return verify OTP screen - return \Redirect::route('otp-verification') - ->withInput($request->input()) - ->with(['values' => $request->input(), - 'referer' => $referer, - 'name' => $check_active->first_name, - 'number' => $check_active->mobile, - 'code' => $check_active->country_code, ]); + if ($settings->status == '1' || $settings->status == 1) { // check for otp verification setting + // setting is enabled + $sms = Plugin::select('status')->where('name', '=', 'SMS')->first(); + if ($sms) { //check sms plugin installed or not + // plugin is installed + if ($sms->status == 1 || $sms->status === '1') { //check plugin is active or not + // plugin is active + if (!$check_active->active) { //check account is active or not + // account is not active show verify otp window + if ($check_active->mobile) { //check user has mobile or not + // user has mobile number return verify OTP screen + return \Redirect::route('otp-verification') + ->withInput($request->input()) + ->with(['values' => $request->input(), + 'referer' => $referer, + 'name' => $check_active->first_name, + 'number' => $check_active->mobile, + 'code' => $check_active->country_code,]); + } else { + goto a; //attenmpt login (be careful while using goto statements) + } } else { goto a; //attenmpt login (be careful while using goto statements) } @@ -349,69 +344,69 @@ class AuthController extends Controller goto a; //attenmpt login (be careful while using goto statements) } } else { - goto a; //attenmpt login (be careful while using goto statements) - } - } else { - // setting is disabled - a: if (!$check_active->active) { //check account is active or not - // if accoutn is not active return back with error message that account is inactive - return redirect()->back() - ->withInput($request->only('email', 'remember')) - ->withErrors([ - 'email' => $this->getFailedLoginMessage(), - 'password' => $this->getFailedLoginMessage(), - ])->with(['error' => Lang::get('lang.this_account_is_currently_inactive'), - 'referer' => $referer, ]); - } else { - // try login - $loginAttempts = 1; - // If session has login attempts, retrieve attempts counter and attempts time - if (\Session::has('loginAttempts')) { - $loginAttempts = \Session::get('loginAttempts'); - $loginAttemptTime = \Session::get('loginAttemptTime'); - $this->addLoginAttempt($value, $usernameinput); - // $credentials = $request->only('email', 'password'); - $usernameinput = $request->input('email'); - $password = $request->input('password'); - $field = filter_var($usernameinput, FILTER_VALIDATE_EMAIL) ? 'email' : 'user_name'; - // If attempts > 3 and time < 10 minutes - if ($loginAttempts > $security->backlist_threshold && (time() - $loginAttemptTime <= ($security->lockout_period * 60))) { - return redirect()->back()->withErrors('email', 'incorrect email')->with('error', $security->lockout_message); - } - // If time > 10 minutes, reset attempts counter and time in session - if (time() - $loginAttemptTime > ($security->lockout_period * 60)) { - \Session::put('loginAttempts', 1); - \Session::put('loginAttemptTime', time()); - } - } else { // If no login attempts stored, init login attempts and time - \Session::put('loginAttempts', $loginAttempts); - \Session::put('loginAttemptTime', time()); - $this->clearLoginAttempts($value, $usernameinput); - } - // If auth ok, redirect to restricted area - \Session::put('loginAttempts', $loginAttempts + 1); - if (Auth::Attempt([$field => $usernameinput, 'password' => $password], $request->has('remember'))) { - if (Auth::user()->role == 'user') { - if ($request->input('referer')) { - return \Redirect::route($request->input('referer')); + // setting is disabled + a: if (!$check_active->active) { //check account is active or not + // if accoutn is not active return back with error message that account is inactive + return redirect()->back() + ->withInput($request->only('email', 'remember')) + ->withErrors([ + 'email' => $this->getFailedLoginMessage(), + 'password' => $this->getFailedLoginMessage(), + ])->with(['error' => Lang::get('lang.this_account_is_currently_inactive'), + 'referer' => $referer,]); + } else { + // try login + $loginAttempts = 1; + // If session has login attempts, retrieve attempts counter and attempts time + if (\Session::has('loginAttempts')) { + $loginAttempts = \Session::get('loginAttempts'); + $loginAttemptTime = \Session::get('loginAttemptTime'); + $this->addLoginAttempt($value, $usernameinput); + // $credentials = $request->only('email', 'password'); + $usernameinput = $request->input('email'); + $password = $request->input('password'); + $field = filter_var($usernameinput, FILTER_VALIDATE_EMAIL) ? 'email' : 'user_name'; + // If attempts > 3 and time < 10 minutes + if ($loginAttempts > $security->backlist_threshold && (time() - $loginAttemptTime <= ($security->lockout_period * 60))) { + return redirect()->back()->withErrors('email', 'incorrect email')->with('error', $security->lockout_message); } + // If time > 10 minutes, reset attempts counter and time in session + if (time() - $loginAttemptTime > ($security->lockout_period * 60)) { + \Session::put('loginAttempts', 1); + \Session::put('loginAttemptTime', time()); + } + } else { // If no login attempts stored, init login attempts and time + \Session::put('loginAttempts', $loginAttempts); + \Session::put('loginAttemptTime', time()); + $this->clearLoginAttempts($value, $usernameinput); + } + // If auth ok, redirect to restricted area + \Session::put('loginAttempts', $loginAttempts + 1); + if (Auth::Attempt([$field => $usernameinput, 'password' => $password], $request->has('remember'))) { + if (Auth::user()->role == 'user') { + if ($request->input('referer')) { + return \Redirect::route($request->input('referer')); + } - return \Redirect::route('/'); - } else { - return redirect()->intended($this->redirectPath()); + return \Redirect::route('/'); + } else { + return redirect()->intended($this->redirectPath()); + } } } } - } - return redirect()->back() - ->withInput($request->only('email', 'remember')) - ->withErrors([ - 'email' => $this->getFailedLoginMessage(), - 'password' => $this->getFailedLoginMessage(), - ])->with(['error' => Lang::get('lang.invalid'), - 'referer' => $referer, ]); - // Increment login attempts + return redirect()->back() + ->withInput($request->only('email', 'remember')) + ->withErrors([ + 'email' => $this->getFailedLoginMessage(), + 'password' => $this->getFailedLoginMessage(), + ])->with(['error' => Lang::get('lang.invalid'), + 'referer' => $referer,]); + // Increment login attempts + } catch (\Exception $e) { + return redirect()->back()->with('fails', $e->getMessage()); + } } /** @@ -421,8 +416,7 @@ class AuthController extends Controller * * @return type Response */ - public function addLoginAttempt($value, $field) - { + public function addLoginAttempt($value, $field) { $result = DB::table('login_attempts')->where('IP', '=', $value)->first(); $data = $result; $security = Security::whereId('1')->first(); @@ -449,8 +443,7 @@ class AuthController extends Controller * * @return type Response */ - public function clearLoginAttempts($value, $field) - { + public function clearLoginAttempts($value, $field) { $data = DB::table('login_attempts')->where('IP', '=', $value)->orWhere('User', '=', $field)->update(['attempts' => '0']); return $data; @@ -463,14 +456,13 @@ class AuthController extends Controller * * @return type Response */ - public function confirmIPAddress($value, $field) - { + public function confirmIPAddress($value, $field) { $security = Security::whereId('1')->first(); $time = $security->lockout_period; $max_attempts = $security->backlist_threshold; $table = 'login_attempts'; - $result = DB::select('SELECT Attempts, (CASE when LastLogin is not NULL and DATE_ADD(LastLogin, INTERVAL '.$time.' MINUTE)>NOW() then 1 else 0 end) as Denied '. - ' FROM '.$table." WHERE IP = '$value' OR User = '$field'"); + $result = DB::select('SELECT Attempts, (CASE when LastLogin is not NULL and DATE_ADD(LastLogin, INTERVAL ' . $time . ' MINUTE)>NOW() then 1 else 0 end) as Denied ' . + ' FROM ' . $table . " WHERE IP = '$value' OR User = '$field'"); $data = $result; //Verify that at least one login attempt is in database if (!$data) { @@ -494,20 +486,18 @@ class AuthController extends Controller * * @return type string */ - protected function getFailedLoginMessage() - { + protected function getFailedLoginMessage() { return Lang::get('lang.this_field_do_not_match_our_records'); } /** - *@category function to show verify OTP page + * @category function to show verify OTP page * - *@param null + * @param null * - *@return response|view + * @return response|view */ - public function getVerifyOTP() - { + public function getVerifyOTP() { if (\Session::has('values')) { return view('auth.otp-verify'); } else { @@ -516,22 +506,21 @@ class AuthController extends Controller } /** - *@category function to verify OTP + * @category function to verify OTP * - *@param $request + * @param $request * - *@return int|string + * @return int|string */ - public function verifyOTP(LoginRequest $request) - { + public function verifyOTP(LoginRequest $request) { $user = User::select('id', 'mobile', 'user_name')->where('email', '=', $request->input('email')) - ->orWhere('user_name', '=', $request->input('email'))->first(); + ->orWhere('user_name', '=', $request->input('email'))->first(); $otp_length = strlen($request->input('otp')); if (!\Schema::hasTable('user_verification')) { $message = Lang::get('lang.opt-can-not-be-verified'); } else { $otp = Otp::select('otp', 'updated_at')->where('user_id', '=', $user->id) - ->first(); + ->first(); if ($otp != null) { if (($otp_length == 6 && !preg_match('/[a-z]/i', $request->input('otp')))) { $otp2 = Hash::make($request->input('otp')); @@ -566,13 +555,12 @@ class AuthController extends Controller return \Redirect::route('otp-verification') ->withInput($request->input()) ->with(['values' => $request->input(), - 'number' => $user->mobile, - 'name' => $user->user_name, - 'fails' => $message, ]); + 'number' => $user->mobile, + 'name' => $user->user_name, + 'fails' => $message,]); } - public function resendOTP(OtpVerifyRequest $request) - { + public function resendOTP(OtpVerifyRequest $request) { if (!\Schema::hasTable('user_verification') || !\Schema::hasTable('sms')) { $message = Lang::get('lang.opt-can-not-be-verified'); @@ -600,8 +588,7 @@ class AuthController extends Controller * * @author manish.verma@ladybirdweb.com */ - public function openTicketAfterVerification($id) - { + public function openTicketAfterVerification($id) { // dd($id); $ticket = Tickets::select('id') ->where(['user_id' => $id, 'status' => 6]) @@ -612,23 +599,22 @@ class AuthController extends Controller foreach ($ticket as $value) { $ticket_id = $value->id; Ticket_Thread::where('ticket_id', '=', $ticket_id) - ->update(['updated_at' => date('Y-m-d H:i:s')]); + ->update(['updated_at' => date('Y-m-d H:i:s')]); } } } - public function changeRedirect() - { + public function changeRedirect() { $provider = \Session::get('provider'); - $url = \Session::get($provider.'redirect'); + $url = \Session::get($provider . 'redirect'); \Config::set("services.$provider.redirect", $url); } - public function setSession($provider, $redirect) - { + public function setSession($provider, $redirect) { $url = url($redirect); \Session::set('provider', $provider); - \Session::set($provider.'redirect', $url); + \Session::set($provider . 'redirect', $url); $this->changeRedirect(); } + } diff --git a/app/Http/Controllers/Common/SettingsController.php b/app/Http/Controllers/Common/SettingsController.php index ea9f5e7e5..f71ebe2a8 100644 --- a/app/Http/Controllers/Common/SettingsController.php +++ b/app/Http/Controllers/Common/SettingsController.php @@ -408,7 +408,7 @@ class SettingsController extends Controller $app = base_path().DIRECTORY_SEPARATOR.'config'.DIRECTORY_SEPARATOR.'app.php'; chmod($app, 0644); $str = "\n\n\t\t\t'App\\Plugins\\$filename"."\\ServiceProvider',"; - $line_i_am_looking_for = 185; + $line_i_am_looking_for = 190; $lines = file($app, FILE_IGNORE_NEW_LINES); $lines[$line_i_am_looking_for] = $str; file_put_contents($app, implode("\n", $lines)); @@ -580,7 +580,7 @@ class SettingsController extends Controller if (!$plug) { $app = base_path().DIRECTORY_SEPARATOR.'config'.DIRECTORY_SEPARATOR.'app.php'; $str = "\n'App\\Plugins\\$slug"."\\ServiceProvider',"; - $line_i_am_looking_for = 185; + $line_i_am_looking_for = 190; $lines = file($app, FILE_IGNORE_NEW_LINES); $lines[$line_i_am_looking_for] = $str; file_put_contents($app, implode("\n", $lines)); @@ -594,7 +594,7 @@ class SettingsController extends Controller $app = base_path().DIRECTORY_SEPARATOR.'config'.DIRECTORY_SEPARATOR.'app.php'; $str = "\n'App\\Plugins\\$slug"."\\ServiceProvider',"; - $line_i_am_looking_for = 185; + $line_i_am_looking_for = 190; $lines = file($app, FILE_IGNORE_NEW_LINES); $lines[$line_i_am_looking_for] = $str; file_put_contents($app, implode("\n", $lines)); diff --git a/config/app.php b/config/app.php index 6c74a4407..73e432c26 100644 --- a/config/app.php +++ b/config/app.php @@ -187,6 +187,8 @@ return [ App\FaveoLog\LaravelLogViewerServiceProvider::class, App\FaveoStorage\StorageServiceProvider::class, Yajra\Datatables\DatatablesServiceProvider::class, + + ], /* diff --git a/resources/views/themes/default1/agent/layout/agent.blade.php b/resources/views/themes/default1/agent/layout/agent.blade.php index 6f032b588..338787375 100644 --- a/resources/views/themes/default1/agent/layout/agent.blade.php +++ b/resources/views/themes/default1/agent/layout/agent.blade.php @@ -310,7 +310,7 @@ @endforeach - + @else @endif diff --git a/resources/views/themes/default1/client/layout/client.blade.php b/resources/views/themes/default1/client/layout/client.blade.php index e97cbb7ad..e5bf16bd1 100644 --- a/resources/views/themes/default1/client/layout/client.blade.php +++ b/resources/views/themes/default1/client/layout/client.blade.php @@ -166,6 +166,7 @@
{!! Form::password('password',['placeholder'=>Lang::get('lang.password'),'class' => 'form-control']) !!} + {!! Lang::get('lang.forgot_password') !!}