netgescon-day0/app/Http/Controllers/Auth/AuthenticatedSessionController.php

80 lines
2.5 KiB
PHP
Executable File

<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Models\SystemSetting;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Schema;
use Illuminate\Validation\ValidationException;
use Illuminate\View\View;
class AuthenticatedSessionController extends Controller
{
/**
* Display the login view.
*/
public function create(): View
{
return view('auth.login');
}
/**
* Handle an incoming authentication request.
*/
public function store(LoginRequest $request): RedirectResponse
{
$request->authenticate();
$user = $request->user();
if ($user && $this->userTableHasColumn($user, 'is_active') && ! $user->is_active) {
Auth::guard('web')->logout();
throw ValidationException::withMessages([
'email' => 'Account disattivato. Contatta il super-admin.',
]);
}
if ($user && $this->userTableHasColumn($user, 'registration_status') && $user->registration_status !== 'approved') {
Auth::guard('web')->logout();
throw ValidationException::withMessages([
'email' => 'Registrazione in attesa di approvazione del super-admin.',
]);
}
$requireEmailVerification = SystemSetting::bool('require_email_verification', true);
$isSelfRegistered = $user && $this->userTableHasColumn($user, 'requested_role') && ! empty($user->requested_role);
if ($user && $isSelfRegistered && $requireEmailVerification && ! $user->hasVerifiedEmail()) {
Auth::guard('web')->logout();
throw ValidationException::withMessages([
'email' => 'Devi confermare la tua email prima di accedere.',
]);
}
$request->session()->regenerate();
return redirect()->intended(route('dashboard', absolute: false));
}
protected function userTableHasColumn($user, string $column): bool
{
return Schema::connection($user->getConnectionName())->hasColumn($user->getTable(), $column);
}
/**
* Destroy an authenticated session.
*/
public function destroy(Request $request): RedirectResponse
{
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/');
}
}