diff --git a/src/app/Http/Controllers/API/ConfirmController.php b/src/app/Http/Controllers/API/ConfirmController.php new file mode 100644 index 00000000..d2624c52 --- /dev/null +++ b/src/app/Http/Controllers/API/ConfirmController.php @@ -0,0 +1,23 @@ +first(); + + if ($confirmCode) { + $confirmCode->delete(); + } + + return response("", 200); + } +} diff --git a/src/app/Http/Controllers/API/NGINXController.php b/src/app/Http/Controllers/API/NGINXController.php index a0bc515b..983d3e06 100644 --- a/src/app/Http/Controllers/API/NGINXController.php +++ b/src/app/Http/Controllers/API/NGINXController.php @@ -1,97 +1,129 @@ headers); + // validate user exists, otherwise bye bye + // validate password, otherwise bye bye + // validate country of origin against restrictions, otherwise bye bye + // determine 2fa preference + // determine guam preference (for $request->headers->get('Auth-Protocol') == 'imap' + /** * ports: * * 143 nginx * 465 nginx * 587 nginx * 993 nginx * - * 9143 guam starttls + * 9143 guam starttls (thus also plain) * 9993 guam ssl * 10143 cyrus-imapd allows plaintext * 10465 postfix ssl * 10587 postfix starttls - * 11143 cyrus-imapd starttls + * 11143 cyrus-imapd starttls required * 11993 cyrus-imapd ssl */ switch ($request->headers->get("Auth-Protocol")) { case "imap": // without guam $response = response("")->withHeaders( [ "Auth-Status" => 'OK', "Auth-Server" => '127.0.0.1', "Auth-Port" => '12143', "Auth-Pass" => $request->headers->get('Auth-Pass') ] ); // with guam $response = response("")->withHeaders( [ "Auth-Status" => 'OK', "Auth-Server" => '127.0.0.1', "Auth-Port" => '9143', "Auth-Pass" => $request->headers->get('Auth-Pass') ] ); break; case "smtp": $response = response("")->withHeaders( [ "Auth-Status" => "OK", "Auth-Server" => '127.0.0.1', "Auth-Port" => '10465', "Auth-Pass" => $request->headers->get('Auth-Pass') ] ); break; } + $code = \App\SignupCode::create( + [ + 'data' => [ + 'email' => $request->headers->get('Auth-User') + ], + 'expires_at' => Carbon::now()->addMinutes(2) + ] + ); + + \Log::debug("visit http://127.0.0.1:8000/api/confirm/{$code->short_code}"); + + $found = true; + $maxTries = 300; + + do { + $confirmCode = \App\SignupCode::find($code->code); + if (!$confirmCode) { + $found = false; + break; + } + + sleep(1); + $maxTries--; + } while ($found && $maxTries > 0); + \Log::debug($response->headers); return $response; } } diff --git a/src/routes/api.php b/src/routes/api.php index 9571281a..18ed045f 100644 --- a/src/routes/api.php +++ b/src/routes/api.php @@ -1,58 +1,60 @@ 'api', 'prefix' => 'auth' ], function ($router) { Route::get('info', 'API\UsersController@info'); Route::post('login', 'API\UsersController@login'); Route::post('logout', 'API\UsersController@logout'); Route::post('refresh', 'API\UsersController@refresh'); Route::post('password-reset/init', 'API\PasswordResetController@init'); Route::post('password-reset/verify', 'API\PasswordResetController@verify'); Route::post('password-reset', 'API\PasswordResetController@reset'); Route::get('signup/plans', 'API\SignupController@plans'); Route::post('signup/init', 'API\SignupController@init'); Route::post('signup/verify', 'API\SignupController@verify'); Route::post('signup', 'API\SignupController@signup'); } ); Route::group( [ 'middleware' => 'auth:api', 'prefix' => 'v4' ], function () { Route::apiResource('domains', API\DomainsController::class); Route::get('domains/{id}/confirm', 'API\DomainsController@confirm'); Route::apiResource('entitlements', API\EntitlementsController::class); Route::apiResource('packages', API\PackagesController::class); Route::apiResource('skus', API\SkusController::class); Route::apiResource('users', API\UsersController::class); Route::apiResource('wallets', API\WalletsController::class); Route::post('payments', 'API\PaymentsController@store'); } ); Route::get('webhooks/nginx', 'API\NGINXController@authenticate'); Route::post('webhooks/payment/mollie', 'API\PaymentsController@webhook'); + +Route::get('confirm/{code}', 'API\ConfirmController@confirm');