topaLE
/
Heimdall
1
0
Fork 0
Code Issues 163 Pull Requests 18 Projects Releases 47 Wiki Activity
Browse Source

changes

pull/260/head
Chris 6 years ago
parent
cb9e014cf3
commit
10b70d4a09
15 changed files with 158 additions and 26 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 67
      app/Http/Controllers/Auth/LoginController.php
  2. 2
      app/Http/Controllers/Auth/RegisterController.php
  3. 2
      app/Http/Controllers/Auth/ResetPasswordController.php
  4. 2
      app/Http/Controllers/HomeController.php
  5. 5
      app/Http/Controllers/ItemController.php
  6. 7
      app/Http/Controllers/SettingsController.php
  7. 4
      app/Http/Controllers/TagController.php
  8. 25
      app/Http/Controllers/UserController.php
  9. 1
      app/Http/Kernel.php
  10. 46
      app/Http/Middleware/CheckAllowed.php
  11. 2
      app/Http/Middleware/RedirectIfAuthenticated.php
  12. 1
      app/User.php
  13. 16
      resources/views/auth/login.blade.php
  14. 2
      resources/views/users/index.blade.php
  15. 2
      routes/web.php

67
app/Http/Controllers/Auth/LoginController.php
View File

@ -5,6 +5,10 @@ namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\URL;
class LoginController extends Controller
{
@ -35,16 +39,54 @@ class LoginController extends Controller
*/
public function __construct()
{
Session::put('backUrl', URL::previous());
$this->middleware('guest')->except('logout');
}
/**
* Handle a login request to the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
*
* @throws \Illuminate\Validation\ValidationException
*/
public function login(Request $request)
{
$current_user = User::currentUser();
$request->merge(['email' => $current_user->email]);
//die(print_r($request->all()));
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if ($this->attemptLogin($request)) {
return $this->sendLoginResponse($request);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
public function index()
{
$data['users'] = User::all();
return view('userselect', $data);
}
public function setUser(User $user)
{
Auth::logout();
session(['current_user' => $user]);
return redirect()->route('dash');
}
@ -53,4 +95,25 @@ class LoginController extends Controller
{
}
/**
* Show the application's login form.
*
* @return \Illuminate\Http\Response
*/
public function showLoginForm()
{
return view('auth.login');
}
protected function authenticated(Request $request, $user)
{
return back();
}
public function redirectTo()
{
return Session::get('url.intended') ? Session::get('url.intended') : $this->redirectTo;
}
}

2
app/Http/Controllers/Auth/RegisterController.php
View File

@ -27,7 +27,7 @@ class RegisterController extends Controller
*
* @var string
*/
protected $redirectTo = '/home';
protected $redirectTo = '/';
/**
* Create a new controller instance.

2
app/Http/Controllers/Auth/ResetPasswordController.php
View File

@ -25,7 +25,7 @@ class ResetPasswordController extends Controller
*
* @var string
*/
protected $redirectTo = '/home';
protected $redirectTo = '/';
/**
* Create a new controller instance.

2
app/Http/Controllers/HomeController.php
View File

@ -23,6 +23,6 @@ class HomeController extends Controller
*/
public function index()
{
return view('home');
return redirect()->route('dash');
}
}

5
app/Http/Controllers/ItemController.php
View File

@ -11,7 +11,10 @@ use Illuminate\Support\Facades\Storage;
class ItemController extends Controller
{
public function __construct()
{
$this->middleware('allowed');
}
/**
* Display a listing of the resource on the dashboard.
*

7
app/Http/Controllers/SettingsController.php
View File

@ -5,15 +5,22 @@ namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Setting;
use App\SettingGroup;
use App\User;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
class SettingsController extends Controller
{
public function __construct()
{
}
/**
* @return \Illuminate\View\View
*/
public function index()
{
User::checkAuthOrLogin();
$settings = SettingGroup::with([
'settings',
])->orderBy('order', 'ASC')->get();

4
app/Http/Controllers/TagController.php
View File

@ -8,6 +8,10 @@ use DB;
class TagController extends Controller
{
public function __construct()
{
$this->middleware('allowed');
}
/**
* Display a listing of the resource.
*

25
app/Http/Controllers/UserController.php
View File

@ -6,9 +6,14 @@ use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Auth;
class UserController extends Controller
{
public function __construct()
{
$this->middleware('allowed')->except(['selectUser']);
}
/**
* Display a listing of the resource.
*
@ -31,6 +36,14 @@ class UserController extends Controller
return view('users.create', $data);
}
public function selectUser()
{
Auth::logout();
$data['users'] = User::all();
return view('userselect', $data);
}
/**
* Store a newly created resource in storage.
*
@ -53,7 +66,7 @@ class UserController extends Controller
$password = $request->input('password');
if(!empty($password)) {
$user->password = bcrypt();
$user->password = bcrypt($password);
}
if($request->hasFile('file')) {
@ -149,8 +162,14 @@ class UserController extends Controller
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
public function destroy(User $user)
{
//
if($user->id !== 1) {
$user->delete();
$route = route('dash', [], false);
return redirect($route)
->with('success',__('app.alert.success.user_deleted'));
}
}
}

1
app/Http/Kernel.php
View File

@ -51,6 +51,7 @@ class Kernel extends HttpKernel
* @var array
*/
protected $routeMiddleware = [
'allowed' => \App\Http\Middleware\CheckAllowed::class,
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,

46
app/Http/Middleware/CheckAllowed.php
View File

@ -0,0 +1,46 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use App\User;
use Illuminate\Support\Facades\Route;
use Session;
class CheckAllowed
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$route = Route::currentRouteName();
$current_user = User::currentUser();
if(str_is('users*', $route)) {
if($current_user->id !== 1) {
return redirect()->route('dash');
}
}
if($route == 'dash') {
if((bool)$current_user->public_front === true) return $next($request);
}
if(empty($current_user->password)) return $next($request);
// Check if user is logged in as $current_user
if (Auth::check()) {
$loggedin_user = Auth::user();
if($loggedin_user->id === $current_user->id) return $next($request);
}
return Auth::authenticate();
}
}

2
app/Http/Middleware/RedirectIfAuthenticated.php
View File

@ -18,7 +18,7 @@ class RedirectIfAuthenticated
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/home');
return redirect()->intended();
}
return $next($request);

1
app/User.php
View File

@ -56,4 +56,5 @@ class User extends Authenticatable
}
}

16
resources/views/auth/login.blade.php
View File

@ -5,26 +5,12 @@
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-heading">Login as {{ \App\User::currentUser()->name }}</div>
<div class="panel-body">
<form class="form-horizontal" method="POST" action="{{ route('login') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label for="email" class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required autofocus>
@if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>

2
resources/views/users/index.blade.php
View File

@ -41,9 +41,11 @@
</td>
<td class="text-center"><a{{ $user->target }} href="{!! route('users.edit', [$user->id], false) !!}" title="{{ __('user.settings.edit') }} {!! $user->title !!}"><i class="fas fa-edit"></i></a></td>
<td class="text-center">
@if($user->id !== 1)
{!! Form::open(['method' => 'DELETE','route' => ['users.destroy', $user->id],'style'=>'display:inline']) !!}
<button class="link" type="submit"><i class="fa fa-trash-alt"></i></button>
{!! Form::close() !!}
@endif
</td>
</tr>
@endforeach

2
routes/web.php
View File

@ -12,7 +12,7 @@
*/
Route::get('/userselect/{user}', 'Auth\LoginController@setUser')->name('user.set');
Route::get('/userselect', 'Auth\LoginController@index')->name('user.select');
Route::get('/userselect', 'UserController@selectUser')->name('user.select');
Route::get('/autologin/{uuid}', 'Auth\LoginController@autologin')->name('user.autologin');
Route::get('/', 'ItemController@dash')->name('dash');

Write Preview
Loading…
Cancel
Save