Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/SignupController.php
Show All 31 Lines | class SignupController extends Controller | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse JSON response | * @return \Illuminate\Http\JsonResponse JSON response | ||||
*/ | */ | ||||
public function plans(Request $request) | public function plans(Request $request) | ||||
{ | { | ||||
$plans = []; | $plans = []; | ||||
// Use reverse order just to have individual on left, group on right ;) | // Use reverse order just to have individual on left, group on right ;) | ||||
Plan::withEnvTenantContext()->orderByDesc('title')->get() | // But prefer monthly on left, yearly on right | ||||
Plan::withEnvTenantContext()->orderBy('months')->orderByDesc('title')->get() | |||||
->map(function ($plan) use (&$plans) { | ->map(function ($plan) use (&$plans) { | ||||
// Allow themes to set custom button label | // Allow themes to set custom button label | ||||
$button = \trans('theme::app.planbutton-' . $plan->title); | $button = \trans('theme::app.planbutton-' . $plan->title); | ||||
if ($button == 'theme::app.planbutton-' . $plan->title) { | if ($button == 'theme::app.planbutton-' . $plan->title) { | ||||
$button = \trans('app.planbutton', ['plan' => $plan->name]); | $button = \trans('app.planbutton', ['plan' => $plan->name]); | ||||
} | } | ||||
$plans[] = [ | $plans[] = [ | ||||
'title' => $plan->title, | 'title' => $plan->title, | ||||
'name' => $plan->name, | 'name' => $plan->name, | ||||
'button' => $button, | 'button' => $button, | ||||
'description' => $plan->description, | 'description' => $plan->description, | ||||
'mode' => $plan->mode ?: 'email', | 'mode' => $plan->mode ?: 'email', | ||||
'isDomain' => $plan->hasDomain(), | |||||
]; | ]; | ||||
}); | }); | ||||
return response()->json(['status' => 'success', 'plans' => $plans]); | return response()->json(['status' => 'success', 'plans' => $plans]); | ||||
} | } | ||||
/** | /** | ||||
* Returns list of public domains for signup. | |||||
* | |||||
* @param \Illuminate\Http\Request $request HTTP request | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse JSON response | |||||
*/ | |||||
public function domains(Request $request) | |||||
{ | |||||
return response()->json(['status' => 'success', 'domains' => Domain::getPublicDomains()]); | |||||
} | |||||
/** | |||||
* Starts signup process. | * Starts signup process. | ||||
* | * | ||||
* Verifies user name and email/phone, sends verification email/sms message. | * Verifies user name and email/phone, sends verification email/sms message. | ||||
* Returns the verification code. | * Returns the verification code. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request HTTP request | * @param \Illuminate\Http\Request $request HTTP request | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse JSON response | * @return \Illuminate\Http\JsonResponse JSON response | ||||
▲ Show 20 Lines • Show All 156 Lines • ▼ Show 20 Lines | public function signup(Request $request) | ||||
'voucher' => 'max:32', | 'voucher' => 'max:32', | ||||
] | ] | ||||
); | ); | ||||
if ($v->fails()) { | if ($v->fails()) { | ||||
return response()->json(['status' => 'error', 'errors' => $v->errors()], 422); | return response()->json(['status' => 'error', 'errors' => $v->errors()], 422); | ||||
} | } | ||||
$settings = []; | |||||
// Plan parameter is required/allowed in mandate mode | |||||
if (!empty($request->plan) && empty($request->code) && empty($request->invitation)) { | |||||
mollekopf: Shouldn't empty($request->code) && empty($request->invitation) be validation, and not silently… | |||||
$plan = Plan::withEnvTenantContext()->where('title', $request->plan)->first(); | |||||
if (!$plan || $plan->mode != 'mandate') { | |||||
$msg = \trans('validation.exists', ['attribute' => 'plan']); | |||||
return response()->json(['status' => 'error', 'errors' => ['plan' => $msg]], 422); | |||||
} | |||||
} elseif ($request->invitation) { | |||||
// Signup via invitation | // Signup via invitation | ||||
if ($request->invitation) { | |||||
$invitation = SignupInvitation::withEnvTenantContext()->find($request->invitation); | $invitation = SignupInvitation::withEnvTenantContext()->find($request->invitation); | ||||
if (empty($invitation) || $invitation->isCompleted()) { | if (empty($invitation) || $invitation->isCompleted()) { | ||||
return $this->errorResponse(404); | return $this->errorResponse(404); | ||||
} | } | ||||
// Check required fields | // Check required fields | ||||
$v = Validator::make( | $v = Validator::make( | ||||
$request->all(), | $request->all(), | ||||
[ | [ | ||||
'first_name' => 'max:128', | 'first_name' => 'max:128', | ||||
'last_name' => 'max:128', | 'last_name' => 'max:128', | ||||
'voucher' => 'max:32', | |||||
] | ] | ||||
); | ); | ||||
$errors = $v->fails() ? $v->errors()->toArray() : []; | $errors = $v->fails() ? $v->errors()->toArray() : []; | ||||
if (!empty($errors)) { | if (!empty($errors)) { | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
$settings = [ | $settings = [ | ||||
'external_email' => $invitation->email, | 'external_email' => $invitation->email, | ||||
'first_name' => $request->first_name, | 'first_name' => $request->first_name, | ||||
'last_name' => $request->last_name, | 'last_name' => $request->last_name, | ||||
]; | ]; | ||||
} else { | } else { | ||||
// Validate verification codes (again) | // Validate verification codes (again) | ||||
$v = $this->verify($request, false); | $v = $this->verify($request, false); | ||||
if ($v->status() !== 200) { | if ($v->status() !== 200) { | ||||
return $v; | return $v; | ||||
} | } | ||||
$plan = $this->getPlan(); | |||||
// Get user name/email from the verification code database | // Get user name/email from the verification code database | ||||
$code_data = $v->getData(); | $code_data = $v->getData(); | ||||
$settings = [ | $settings = [ | ||||
'first_name' => $code_data->first_name, | 'first_name' => $code_data->first_name, | ||||
'last_name' => $code_data->last_name, | 'last_name' => $code_data->last_name, | ||||
]; | ]; | ||||
if ($this->getPlan()->mode == 'token') { | if ($plan->mode == 'token') { | ||||
$settings['signup_token'] = $code_data->email; | $settings['signup_token'] = $code_data->email; | ||||
} else { | } else { | ||||
$settings['external_email'] = $code_data->email; | $settings['external_email'] = $code_data->email; | ||||
} | } | ||||
} | } | ||||
// Find the voucher discount | // Find the voucher discount | ||||
if ($request->voucher) { | if ($request->voucher) { | ||||
$discount = Discount::where('code', \strtoupper($request->voucher)) | $discount = Discount::where('code', \strtoupper($request->voucher)) | ||||
->where('active', true)->first(); | ->where('active', true)->first(); | ||||
if (!$discount) { | if (!$discount) { | ||||
$errors = ['voucher' => \trans('validation.voucherinvalid')]; | $errors = ['voucher' => \trans('validation.voucherinvalid')]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
} | } | ||||
// Get the plan | if (empty($plan)) { | ||||
$plan = $this->getPlan(); | $plan = $this->getPlan(); | ||||
$is_domain = $plan->hasDomain(); | } | ||||
$is_domain = $plan->hasDomain(); | |||||
$login = $request->login; | $login = $request->login; | ||||
$domain_name = $request->domain; | $domain_name = $request->domain; | ||||
// Validate login | // Validate login | ||||
if ($errors = self::validateLogin($login, $domain_name, $is_domain)) { | if ($errors = self::validateLogin($login, $domain_name, $is_domain)) { | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 43 Lines • ▼ Show 20 Lines | public function signup(Request $request) | ||||
$request->code->submit_ip_address = $request->ip(); | $request->code->submit_ip_address = $request->ip(); | ||||
$request->code->deleted_at = \now(); | $request->code->deleted_at = \now(); | ||||
$request->code->timestamps = false; | $request->code->timestamps = false; | ||||
$request->code->save(); | $request->code->save(); | ||||
} | } | ||||
DB::commit(); | DB::commit(); | ||||
return AuthController::logonResponse($user, $request->password); | $response = AuthController::logonResponse($user, $request->password); | ||||
// Redirect the user to the specified page | |||||
// $data = $response->getData(true); | |||||
// $data['redirect'] = 'wallet'; | |||||
// $response->setData($data); | |||||
return $response; | |||||
} | } | ||||
/** | /** | ||||
* Returns plan for the signup process | * Returns plan for the signup process | ||||
* | * | ||||
* @returns \App\Plan Plan object selected for current signup process | * @returns \App\Plan Plan object selected for current signup process | ||||
*/ | */ | ||||
protected function getPlan() | protected function getPlan() | ||||
{ | { | ||||
$request = request(); | $request = request(); | ||||
if (!$request->plan || !$request->plan instanceof Plan) { | if (!$request->plan || !$request->plan instanceof Plan) { | ||||
// Get the plan if specified and exists... | // Get the plan if specified and exists... | ||||
if ($request->code && $request->code->plan) { | if (($request->code instanceof SignupCode) && $request->code->plan) { | ||||
$plan = Plan::withEnvTenantContext()->where('title', $request->code->plan)->first(); | $plan = Plan::withEnvTenantContext()->where('title', $request->code->plan)->first(); | ||||
} elseif ($request->plan) { | } elseif ($request->plan) { | ||||
$plan = Plan::withEnvTenantContext()->where('title', $request->plan)->first(); | $plan = Plan::withEnvTenantContext()->where('title', $request->plan)->first(); | ||||
} | } | ||||
// ...otherwise use the default plan | // ...otherwise use the default plan | ||||
if (empty($plan)) { | if (empty($plan)) { | ||||
// TODO: Get default plan title from config | // TODO: Get default plan title from config | ||||
▲ Show 20 Lines • Show All 60 Lines • Show Last 20 Lines |
Shouldn't empty($request->code) && empty($request->invitation) be validation, and not silently send you into a different codepath?