Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
pterodactyl
GitHub Repository: pterodactyl/panel
 Path: blob/1.0-develop/app/Http/Controllers/Auth/AbstractLoginController.php
10284 views
1
<?php

2


3
namespace Pterodactyl\Http\Controllers\Auth;

4


5
use Illuminate\Http\Request;

6
use Pterodactyl\Models\User;

7
use Illuminate\Auth\AuthManager;

8
use Illuminate\Http\JsonResponse;

9
use Illuminate\Auth\Events\Failed;

10
use Illuminate\Container\Container;

11
use Illuminate\Support\Facades\Event;

12
use Pterodactyl\Events\Auth\DirectLogin;

13
use Pterodactyl\Exceptions\DisplayException;

14
use Pterodactyl\Http\Controllers\Controller;

15
use Illuminate\Contracts\Auth\Authenticatable;

16
use Illuminate\Foundation\Auth\AuthenticatesUsers;

17


18
abstract class AbstractLoginController extends Controller

19
{

20
    use AuthenticatesUsers;

21


22
    protected AuthManager $auth;

23


24
    /**

25
     * Lockout time for failed login requests.

26
     */

27
    protected int $lockoutTime;

28


29
    /**

30
     * After how many attempts should logins be throttled and locked.

31
     */

32
    protected int $maxLoginAttempts;

33


34
    /**

35
     * Where to redirect users after login / registration.

36
     */

37
    protected string $redirectTo = '/';

38


39
    /**

40
     * LoginController constructor.

41
     */

42
    public function __construct()

43
    {

44
        $this->lockoutTime = config('auth.lockout.time');

45
        $this->maxLoginAttempts = config('auth.lockout.attempts');

46
        $this->auth = Container::getInstance()->make(AuthManager::class);

47
    }

48


49
    /**

50
     * Get the failed login response instance.

51
     *

52
     * @return never-return

53
     *

54
     * @throws DisplayException

55
     */

56
    protected function sendFailedLoginResponse(Request $request, ?Authenticatable $user = null, ?string $message = null)

57
    {

58
        $this->incrementLoginAttempts($request);

59
        $this->fireFailedLoginEvent($user, [

60
            $this->getField($request->input('user')) => $request->input('user'),

61
        ]);

62


63
        if ($request->route()->named('auth.login-checkpoint')) {

64
            throw new DisplayException($message ?? trans('auth.two_factor.checkpoint_failed'));

65
        }

66


67
        throw new DisplayException(trans('auth.failed'));

68
    }

69


70
    /**

71
     * Send the response after the user was authenticated.

72
     */

73
    protected function sendLoginResponse(User $user, Request $request): JsonResponse

74
    {

75
        $request->session()->remove('auth_confirmation_token');

76
        $request->session()->regenerate();

77


78
        $this->clearLoginAttempts($request);

79


80
        $this->auth->guard()->login($user, true);

81


82
        Event::dispatch(new DirectLogin($user, true));

83


84
        return new JsonResponse([

85
            'data' => [

86
                'complete' => true,

87
                'intended' => $this->redirectPath(),

88
                'user' => $user->toVueObject(),

89
            ],

90
        ]);

91
    }

92


93
    /**

94
     * Determine if the user is logging in using an email or username.

95
     */

96
    protected function getField(?string $input = null): string

97
    {

98
        return ($input && str_contains($input, '@')) ? 'email' : 'username';

99
    }

100


101
    /**

102
     * Fire a failed login event.

103
     */

104
    protected function fireFailedLoginEvent(?Authenticatable $user = null, array $credentials = [])

105
    {

106
        Event::dispatch(new Failed('auth', $user, $credentials));

107
    }

108
}

109


110