netgescon-day0/app/Http/Controllers/Auth/RegisteredUserController.php

115 lines
4.1 KiB
PHP
Executable File

<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Models\SystemSetting;
use App\Models\User;
use Illuminate\Auth\Events\Registered;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Http;
use Illuminate\Validation\Rules;
use Illuminate\Validation\ValidationException;
use Illuminate\View\View;
use Spatie\Permission\Models\Role;
class RegisteredUserController extends Controller
{
/**
* Display the registration view.
*/
public function create(): View
{
return view('auth.register', [
'registrationEnabled' => SystemSetting::bool('registration_enabled', true),
'recaptchaVersion' => (string) SystemSetting::getValue('recaptcha_version', 'none'),
'recaptchaSiteKey' => (string) SystemSetting::getValue('recaptcha_site_key', ''),
]);
}
/**
* Handle an incoming registration request.
*
* @throws \Illuminate\Validation\ValidationException
*/
public function store(Request $request): RedirectResponse
{
if (! SystemSetting::bool('registration_enabled', true)) {
return redirect()->route('login')->withErrors([
'email' => 'La registrazione e attualmente disabilitata. Contatta il supporto.',
]);
}
$request->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:' . User::class],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
'role' => ['nullable', 'in:amministratore,collaboratore,condomino,inquilino'],
]);
$this->validateRecaptchaIfEnabled($request);
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password),
]);
// Ensure base roles exist and assign default "amministratore" role
Role::findOrCreate('super-admin');
Role::findOrCreate('amministratore');
Role::findOrCreate('collaboratore');
Role::findOrCreate('condomino');
Role::findOrCreate('inquilino');
// Role selection (optional): defaults to 'amministratore'
$requestedRole = $request->string('role')->toString();
$role = in_array($requestedRole, ['amministratore', 'collaboratore', 'condomino', 'inquilino'], true)
? $requestedRole
: 'amministratore';
$user->forceFill([
'requested_role' => $role,
'registration_status' => 'pending',
'is_active' => false,
])->save();
$user->assignRole($role);
event(new Registered($user));
return redirect()->route('login')->with('status', 'Registrazione ricevuta. Conferma la tua email e attendi l\'approvazione del super-admin.');
}
private function validateRecaptchaIfEnabled(Request $request): void
{
$version = (string) SystemSetting::getValue('recaptcha_version', 'none');
$siteKey = (string) SystemSetting::getValue('recaptcha_site_key', '');
$secret = (string) SystemSetting::getValue('recaptcha_secret_key', '');
if ($version === 'none' || $siteKey === '' || $secret === '') {
return;
}
$token = (string) $request->input('g-recaptcha-response', '');
if ($token === '') {
throw ValidationException::withMessages([
'g-recaptcha-response' => 'Conferma reCAPTCHA obbligatoria.',
]);
}
$response = Http::asForm()->post('https://www.google.com/recaptcha/api/siteverify', [
'secret' => $secret,
'response' => $token,
'remoteip' => $request->ip(),
]);
if (! $response->ok() || ! ((bool) data_get($response->json(), 'success', false))) {
throw ValidationException::withMessages([
'g-recaptcha-response' => 'Verifica reCAPTCHA non valida.',
]);
}
}
}