275 lines
10 KiB
PHP
Executable File
275 lines
10 KiB
PHP
Executable File
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use App\Models;
|
|
use Spatie\Activitylog\Models\Activity;
|
|
use Illuminate\Support\Str;
|
|
use App\Jobs\SendOtpEmailAlert;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Session;
|
|
|
|
|
|
class LoginController extends Controller
|
|
{
|
|
public function getLoginPage(){
|
|
$designation = Models\Designation::pluck('name', 'id');
|
|
$data = [
|
|
'designation' => $designation
|
|
];
|
|
return view('login.index', $data);
|
|
}
|
|
public function passwordResetPage(){
|
|
$data = [
|
|
'page_title' => "Password Reset"
|
|
];
|
|
return view('login.reset_form', $data);
|
|
}
|
|
public function passwordResetLink(Request $request){
|
|
$request->validate([
|
|
'email' => 'required',
|
|
]);
|
|
// dd($request->email);
|
|
$logged_in = Models\StaffMember::where('email', $request->email)->first();
|
|
|
|
if($logged_in == false ){
|
|
return redirect()->back()->withErrors(array("Email not found. Check and try again!"));
|
|
}
|
|
|
|
$request->session()->regenerate(true);
|
|
$request->session()->put('current_reset_user.id', $logged_in->id);
|
|
$request->session()->put('current_reset_user.email', $logged_in->email);
|
|
// $data = [
|
|
// 'page_title' => "Password Reset",
|
|
// 'user_id' => base64_encode($logged_in->id)
|
|
// ];
|
|
return redirect('reset_form_show');
|
|
}
|
|
public function passwordResetFormShow(){
|
|
|
|
$data = [
|
|
'page_title' => "Password Reset"
|
|
];
|
|
return view('login.reset_submit', $data);
|
|
}
|
|
public function passwordReset(Request $request){
|
|
$request->validate([
|
|
'password' => 'required|confirmed|min:6',
|
|
]);
|
|
|
|
if($request->password == 'password' ){
|
|
return redirect()->back()->withErrors(array("It is extremely dangerous to use password as your password."));
|
|
}
|
|
$user_id = session('current_reset_user.id');
|
|
$user_email = session('current_reset_user.email');
|
|
$staff = Models\StaffMember::where('email', $user_email)->first();
|
|
|
|
$staff->password = Hash::make($request->password);
|
|
$staff->save();
|
|
|
|
$data = [
|
|
'page_title' => "Password Reset"
|
|
];
|
|
$content = $user_email . " Successfully changed their password";
|
|
$this->logUsersActivity($type = 'staff', $content, $user_id);
|
|
$this->deleteLoggedUser();
|
|
$this->storeLoggedUser();
|
|
|
|
Session::flash('success_message', 'Password successfully reset');
|
|
return redirect('login');
|
|
#return view('login.index', $data);
|
|
}
|
|
|
|
public function passwordResetHandle(Request $request){
|
|
$request->validate([
|
|
'email' => 'required',
|
|
'password' => 'required',
|
|
'confirm_password' => 'required',
|
|
]);
|
|
dd($request->all());
|
|
|
|
$data = [
|
|
'page_title' => "Password Reset"
|
|
];
|
|
return view('login.index', $data);
|
|
}
|
|
public function resendOtp(){
|
|
if(!request()->session()->has('current_otpuser')){
|
|
return redirect(url('login'))->withErrors("No session found. You need to be logged in!");
|
|
}
|
|
$otp_code = Str::random(6);
|
|
request()->session()->put('current_otpuser.otp', $otp_code);
|
|
$otp_user = session('current_otpuser');
|
|
|
|
$otp_set = [
|
|
'otp' => $otp_code,
|
|
'email' => $otp_user['email'],
|
|
'auth_name' => $otp_user['name']
|
|
];
|
|
dispatch(new SendOtpEmailAlert($otp_set));
|
|
\Log::info($otp_code);
|
|
$data = [
|
|
'otp_user_id' => $otp_user['id'],
|
|
'page_title' => 'Login OTP',
|
|
'auth_name' => $otp_user['name']
|
|
];
|
|
return view('login.otp', $data);
|
|
}
|
|
public function showOtpPage(){
|
|
if(!request()->session()->has('current_otpuser')){
|
|
$random = uniqid();
|
|
return redirect(url('login'))->withErrors("$random | You need to be logged in ");
|
|
}
|
|
$otp_user = session('current_otpuser');
|
|
|
|
// dump(session('current_otpuser.otp'));
|
|
\Log::info(session('current_otpuser.otp'));
|
|
$data = [
|
|
'otp_user_id' => $otp_user['id'],
|
|
'page_title' => 'Login OTP',
|
|
'auth_name' => $otp_user['name']
|
|
];
|
|
return view('login.otp', $data);
|
|
}
|
|
public function handleLoginOtp(Request $request){
|
|
$this->validate($request, ['email' => 'required', 'password' => 'required']);
|
|
//system user : $table = "auth_users";
|
|
$logged_in = Models\SystemUser::with('designation_info')->where('email', $request->email)->where('password', md5($request->password))->first();
|
|
|
|
if(empty($logged_in)){
|
|
return redirect("/")->withErrors(array("Incorrect Email/Password. Check and try again!"))->withInput();
|
|
}
|
|
if ($logged_in->is_password_changed == 'NO') {
|
|
$hashedPassword = Hash::make($request->password);
|
|
$staff_member = Models\StaffMember::where('email', $logged_in->email)->first();
|
|
if ($staff_member) {
|
|
$staff_member->password = $hashedPassword;
|
|
$staff_member->permissions = $logged_in->permissions;
|
|
$staff_member->designation = $logged_in->designation;
|
|
$staff_member->save();
|
|
|
|
$logged_in->is_password_changed = 'YES';
|
|
$logged_in->save();
|
|
}
|
|
}
|
|
$otp_code = Str::random(6);
|
|
$request->session()->regenerate(true);
|
|
$request->session()->put('current_otpuser.id', $logged_in->id);
|
|
$request->session()->put('current_otpuser.otp', $otp_code);
|
|
$request->session()->put('current_otpuser.name', $logged_in->name);
|
|
$request->session()->put('current_otpuser.email', $logged_in->email);
|
|
$request->session()->put('current_otpuser.phone', $logged_in->phone);
|
|
$request->session()->put('current_otpuser.datetime_sent', date('Y-m-d H:i:s'));
|
|
$request->session()->put('current_otpuser.permissions', $logged_in->permissions);
|
|
$request->session()->put('current_otpuser.designation', $logged_in->designation_info->name);
|
|
|
|
$otp_set = ['otp' => $otp_code, 'email' => $logged_in->email, 'auth_name' => $logged_in->name];
|
|
dispatch(new SendOtpEmailAlert($otp_set));
|
|
return redirect(url('showotp'));
|
|
}
|
|
public function handleLogin(Request $request){
|
|
// dump($request->all());
|
|
$this->validate($request, ['otp' => 'required', 'otp_user_id' => 'required']);
|
|
//system user : $table = "auth_users";
|
|
$current_date = date('Y-m-d H:i:s');
|
|
$otp_user = session('current_otpuser');
|
|
|
|
$date1 = new \DateTime($otp_user['datetime_sent']);
|
|
$date2 = new \DateTime($current_date);
|
|
|
|
$interval = $date1->diff($date2);
|
|
$minutes = ($interval->h * 60) + $interval->i;
|
|
// dd($minutes);
|
|
if($minutes > 2 ){
|
|
return redirect("showotp")->withErrors(array("OTP Time Out. Resend and try again!"));
|
|
}
|
|
|
|
$otp_user = session('current_otpuser');
|
|
if(strtoupper($otp_user['otp']) !== strtoupper($request->otp)){
|
|
|
|
return redirect("showotp")->withErrors(array("Incorrect OTP. Check and try again!"))->withInput();
|
|
}
|
|
#$logged_in = Models\SystemUser::with('designation_info')->where('email', $request->email)->where('password', md5($request->password))->first();
|
|
/*
|
|
if(empty($logged_in)){
|
|
return redirect("/")->withErrors(array("Incorrect Email/Password. Check and try again!"))->withInput();
|
|
}
|
|
*/
|
|
$request->session()->regenerate(true);
|
|
$request->session()->put('current_user.id', $otp_user['id']);
|
|
$request->session()->put('current_user.name', $otp_user['name']);
|
|
$request->session()->put('current_user.email', $otp_user['email']);
|
|
$request->session()->put('current_user.phone', $otp_user['phone']);
|
|
$request->session()->put('current_user.permissions', $otp_user['permissions']);
|
|
$request->session()->put('current_user.designation', $otp_user['designation']);
|
|
|
|
|
|
\Log::info($otp_user['name']. ' Successfully logged in at : ' . date('Y-m-d H:i:s'));
|
|
|
|
$content = $otp_user['name'] . " Successfully Logged In";
|
|
// dd($content);
|
|
#activity()->log($otp_user['name']. ' Successfully logged in at : ' . date('Y-m-d H:i:s'));
|
|
|
|
$this->logUsersActivity($type = 'staff', $content, $otp_user['id']);
|
|
$this->deleteLoggedUser();
|
|
$this->storeLoggedUser();
|
|
|
|
return redirect(url('/'));
|
|
/*
|
|
switch ($otp_user['designation_info']) {
|
|
case 'Administrator':
|
|
return redirect(url('finance')); // change it to a combined dashboard
|
|
break;
|
|
case 'Accounts & Finance':
|
|
return redirect(url('finance'));
|
|
break;
|
|
|
|
default:
|
|
return redirect(url('/'));
|
|
break;
|
|
}
|
|
*/
|
|
}
|
|
|
|
public function handle_logout(Request $request) {
|
|
$this->deleteLoggedUser();
|
|
$user_id = session('current_user.id');
|
|
$username = session('current_user.name');
|
|
$content = $username . " Logged Out";
|
|
|
|
$request->session()->forget('current_user');
|
|
$request->session()->flush();
|
|
$request->session()->regenerate(true);
|
|
|
|
#activity()->log($username . " Logged Out : " . date('Y-m-d H:i:s'));
|
|
$this->logUsersActivity($type = 'staff', $content, $user_id);
|
|
|
|
return redirect("/");
|
|
}
|
|
|
|
public function registerAccount(Request $request){
|
|
dd($request->all());
|
|
$request->validate([
|
|
'name' => 'required',
|
|
'designation' => 'required',
|
|
'email' => 'required',
|
|
'phone' => 'required',
|
|
'password' => 'required',
|
|
'confirm_password' => 'same:password',
|
|
]);
|
|
|
|
$make_account = [
|
|
'name' => $request->name,
|
|
'designation' => $request->designation,
|
|
'email' => $request->email,
|
|
'phone' => $request->phone,
|
|
'password' => md5($request->password)
|
|
];
|
|
|
|
$inserted = Models\Account::create($make_account);
|
|
Session::flash('success_message', 'Account successfully added');
|
|
return redirect(url('/'));
|
|
}
|
|
}
|