UnknownSec Bypass
403
:
/
mnt
/
lmsestudio-instance-vol002
/
lms_c5fe41b1f5b1
/
app
/
Http
/
Controllers
/
Auth
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
AuthController.php
<?php namespace EstudioLMS\Http\Controllers\Auth; use Artesaos\SEOTools\Traits\SEOTools; use Carbon\Carbon; use EstudioLMS\Events\PwdResetMail; use EstudioLMS\Events\SendMail; use EstudioLMS\Helpers\Helpers; use EstudioLMS\Http\Controllers\Controller; use EstudioLMS\Http\Requests\SiteUserRequest; use EstudioLMS\Http\Social\AuthenticateFacebook; use EstudioLMS\Models\Auth\User; use EstudioLMS\Models\Profile\ProfileAddress; use EstudioLMS\Models\Statistic\Login; use EstudioLMS\PasswordReset; use EstudioLMS\Repositories\Auth\UserRepository; use EstudioLMS\Services\Admin\ConfigurationServices; use EstudioLMS\Services\InfoService; use EstudioLMS\Services\Saas\SaasUtilService; use EstudioLMS\System\HelperClass; use Illuminate\Auth\Passwords\TokenRepositoryInterface; use Illuminate\Http\Request; use Illuminate\Translation\Translator; use mjanssen\BreadcrumbsBundle\Breadcrumbs; use Symfony\Component\HttpFoundation\Session\SessionInterface; use GuzzleHttp\Client; /** * Class AuthController * @package EstudioLMS\Http\Controllers\Auth */ class AuthController extends Controller { use SEOTools; protected $translator; protected $breadCrumb; protected $auth; protected $userRepo; protected $token; /** * @var PasswordReset */ private $pwdReset; /** * @var Request */ private $httpreq; /** * @var SessionInterface */ private $session; /** * @var ConfigurationServices */ private $configurationServices; /** * @var SaasUtilService */ private $saasUtilService; /** * @var ProfileAddress */ private $profileAddress; /** * @var InfoService */ private $infoService; /** * @var HelperClass */ private $helperClass; /** * @param Translator $translator * @param Breadcrumbs $breadCrumb * @param UserRepository $userRepo * @param TokenRepositoryInterface $token * @param PasswordReset $pwdReset * @param Request $httpreq * @param SessionInterface $session * @param ConfigurationServices $configurationServices * @param SaasUtilService $saasUtilService * @param ProfileAddress $profileAddress * @param InfoService $infoService * @param HelperClass $helperClass */ public function __construct( Translator $translator, Breadcrumbs $breadCrumb, UserRepository $userRepo, TokenRepositoryInterface $token, PasswordReset $pwdReset, Request $httpreq, SessionInterface $session, ConfigurationServices $configurationServices, SaasUtilService $saasUtilService, ProfileAddress $profileAddress, InfoService $infoService, HelperClass $helperClass ) { $this->translator = $translator; $this->breadCrumb = $breadCrumb; $this->middleware('guest', ['except' => ['getLogout', 'postSignUpStudent']]); $this->userRepo = $userRepo; $this->token = $token; $this->pwdReset = $pwdReset; $this->httpreq = $httpreq; $this->session = $session; $this->configurationServices = $configurationServices; $this->saasUtilService = $saasUtilService; $this->profileAddress = $profileAddress; $this->infoService = $infoService; $this->helperClass = $helperClass; } /** * @return \Illuminate\View\View */ public function getIndex() { $config = $this->configurationServices->configuration(); $this->seo()->setTitle('Login - Registro'); $this->seo()->setDescription('LMS da Estúdio Site'); $this->seo()->opengraph()->setUrl($this->httpreq->url()); $this->seo()->opengraph()->addProperty('type', 'articles'); $this->seo()->twitter()->setSite('@Lms_Estudio'); $title = 'Faça seu Login ou Cadastre-se'; $this->breadCrumb->addBreadcrumb('Home', '/'); $this->breadCrumb->addBreadcrumb('Login - Cadastrar', '/auth'); $bread = $this->breadCrumb->generate(); if ($config['normal_site'] == true) { return view('site.auth', compact('title', 'bread')); } else { return view('ambiente.login_page'); } } /** * @param Request $request * @return \Illuminate\Foundation\Application|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector */ public function postLogin(Request $request) { $credentials = $request->only('email', 'password'); \Session::forget('admin-mail'); \Session::forget('start_time'); if (auth()->attempt($credentials, $request->has('remember'))) { if (auth()->user()['status'] == 0) { auth()->logout(); return redirect('/auth')->withErrors([ 'error' => $this->translator->get('messages.lblUserInactive'), ]); } else { $token = bin2hex(openssl_random_pseudo_bytes(64)); $logged = auth()->user(); $logged['login_token'] = $token; $logged->save(); \Session::set('login_token', $token); $isFree = \Session::get('planLimite.is_free'); /*if ($logged->roles[0]->name == 'superadmin' && !$isFree) { $connData = $this->configurationServices->saasConfiguration(); $this->helperClass->setDatabaseConfig('adm', $connData); $customer = \DB::connection('adm')->table('customers') ->where('tenant_id', '=', \Config::get('config.tenant_id')) ->first(); $billing = \DB::connection('adm')->table('customer_billing_datas') ->where('customer_id', '=', $customer->id)->first(); if (count($billing) == 0) { return redirect()->to(config('cpanel-api.cpanelUrl') . 'customer/received/' . $customer->tenant_id); } }*/ return redirect()->intended(); } } else { if ($this->session->has('cart')) { $cart = $this->session->get('cart'); if (count($cart) && $cart->get('subscription')) { $periodicityId = $cart->get('plan_id'); $subscriptionId = $cart->get('course_id'); return redirect() ->route('checkout.lmsestudio.login') ->withErrors(['error' => $this->translator->get('messages.lblCredentialsNotFound')]); } else { return redirect() ->route('checkout.login') ->withErrors(['error' => $this->translator->get('messages.lblCredentialsNotFound')]); } } else { return redirect('/auth')->withErrors([ 'error' => $this->translator->get('messages.lblCredentialsNotFound'), ]); } } } /** * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function postDirectLogin(Request $request) { $credentials = $request->only('email', 'password'); \Session::forget('admin-mail'); \Session::forget('start_time'); if (auth()->attempt($credentials, $request->has('remember'))) { if (auth()->user()['status'] == 0) { auth()->logout(); return redirect()->route('ambiente.login')->withErrors([ 'error' => $this->translator->get('messages.lblUserInactive'), ]); } else { $token = bin2hex(openssl_random_pseudo_bytes(64)); $logged = auth()->user(); $logged['login_token'] = $token; $logged->save(); \Session::set('login_token', $token); $isFree = \Session::get('planLimite.is_free'); if ($logged->roles[0]->name == 'superadmin' && !$isFree) { $connData = $this->configurationServices->saasConfiguration(); $this->helperClass->setDatabaseConfig('adm', $connData); $customer = \DB::connection('adm')->table('customers') ->where('tenant_id', '=', \Config::get('config.tenant_id')) ->first(); $billing = \DB::connection('adm')->table('customer_billing_datas') ->where('customer_id', '=', $customer->id)->first(); if (count($billing) == 0) { return redirect()->to(config('cpanel-api.cpanelUrl') . 'customer/received/' . $customer->tenant_id); } } return redirect()->intended(route('environment.index')); } } else { return redirect()->route('ambiente.login')->withErrors([ 'error' => $this->translator->get('messages.lblCredentialsNotFound'), ]); } } /** * @return \Illuminate\Http\RedirectResponse */ public function getLogout() { \Auth::logout(); \Session::clear(); return redirect()->intended('/'); } /** * @return \Illuminate\View\View */ public function getSignUpStudent() { $this->seo()->setTitle('Registro Estudante'); $this->seo()->setDescription('LMS da Estúdio Site'); $this->seo()->opengraph()->setUrl($this->httpreq->url()); $this->seo()->opengraph()->addProperty('type', 'articles'); $this->seo()->twitter()->setSite('@Lms_Estudio'); $config = $this->configurationServices->configuration(); $title = 'Cadastro do Aluno'; $this->breadCrumb->addBreadcrumb('Home', '/'); $this->breadCrumb->addBreadcrumb('Cadastro Aluno', '/auth/sign-up-student'); $bread = $this->breadCrumb->generate(); $customMessage = ''; $roleId = 3; $singUp = true; return view( 'site.student_signup', compact('title', 'bread', 'type', 'customMessage', 'roleId', 'config', 'singUp') ); } /** * @return \Illuminate\View\View */ public function getSignUpTeacher() { $this->seo()->setTitle('Registro Professor'); $this->seo()->setDescription('LMS da Estúdio Site'); $this->seo()->opengraph()->setUrl($this->httpreq->url()); $this->seo()->opengraph()->addProperty('type', 'articles'); $this->seo()->twitter()->setSite('@Lms_Estudio'); $title = 'Cadastro do Instrutor'; $this->breadCrumb->addBreadcrumb('Home', '/'); $this->breadCrumb->addBreadcrumb('Cadastro de Instrutor/Professor', '/auth/sign-up-teacher'); $bread = $this->breadCrumb->generate(); $customMessage = ''; $roleId = 2; return view('site.teacher_signup', compact('title', 'bread', 'type', 'customMessage', 'roleId')); } /** * @param SiteUserRequest $request * @return \Illuminate\Http\RedirectResponse|string */ public function postSignUp(SiteUserRequest $request) { $complement = $request->only(['address']); $redirect = ''; $profile = $request->only(['picture', 'name', 'email', 'password', 'url_facebook', 'url_twitter', 'url_github', 'url_instagram', 'url_youtube', 'url_tiktok', 'url_linkedin', 'url_whatsapp', 'url_pinterest', 'url_telegram', 'biography', 'cpf', 'bank', 'agency', 'account', 'id', 'foto', 'type']); $senha = $profile['password']; if (!empty($profile['password'])) { $profile['password'] = bcrypt($profile['password']); } else { unset($profile['password']); } $downloadPicture = false; $fileName = ''; if ($request->hasFile('picture')) { if ($request->file('picture')->isValid()) { $destinationPath = public_path() . '/storage/profiles/pictures/'; $fileName = uniqid(str_random(20)); $fileName = $fileName . '.' . $request->file('picture')->getClientOriginalExtension(); $request->file('picture')->move($destinationPath, $fileName); $downloadPicture = true; } } /* Imagem vinda da rede social */ if (!empty($profile['foto']) && strtolower(substr($profile['foto'], 0, 4)) == 'http') { $destinationPath = public_path() . '/storage/profiles/pictures/'; $fileName = uniqid(str_random(20)); $fileName = $fileName . '.jpg'; $file = file_get_contents($profile['foto']); file_put_contents($destinationPath . $fileName, $file); $downloadPicture = true; } if ($downloadPicture) { $profile['picture'] = $fileName; } else { isset($profile['foto']) ? $profile['picture'] = $profile['foto'] : $profile['picture'] = null; } $downloadSignature = false; if($request->hasFile('signature') && $request->file('signature')->isValid()) { $downloadSignature = true; $fileSignatureName = uniqid(str_random(20)); $fileSignatureName = $fileSignatureName . '.' . $request->file('signature')->getClientOriginalExtension(); $profile['signature'] = $fileSignatureName; } $profile['email'] = strtolower($profile['email']); $created = $this->userRepo->create($profile); if($downloadSignature) { \Storage::disk('profile')->put($profile['signature'], \File::get($request->file('signature'))); } $created['senha'] = $senha; if ($profile['type'] === 'S') { $role = '3'; } elseif ($profile['type'] === 'T') { $role = '2'; } elseif ($profile['type'] === 'A') { $role = '1'; } else { $role = null; } $toRole = $this->userRepo->find($created['id']); $toRole->attachRole($role); $message = 'Cadastro realizado!'; $credentials = $request->only('email', 'password'); if (auth()->attempt($credentials, $request->has('remember'))) { //Login $token = bin2hex(openssl_random_pseudo_bytes(64)); $logged = auth()->user(); $logged['login_token'] = $token; $logged->save(); \Session::set('login_token', $token); $sent = \Event::fire(new SendMail($created)); if ($sent) { $msgmail = 'E-mail enviado com sucesso para ' . $profile['email']; } else { $msgmail = 'Não foi possível enviar o e-mail'; } $message .= PHP_EOL . $msgmail; $redirect = redirect(route('index')) ->withInput(compact('created')) ->with(compact('message', 'success', 'fail')); } if (!empty($complement['address']['phone'])) { $this->profileAddress->updateOrCreate(['user_id' => $created['id']], $complement['address']); } //Caso o usuário estiver se registrando no momento da compra. if ($this->session->has('cart')) { $cart = $this->session->get('cart'); if (count($cart) && $cart->get('subscription')) { $periodicityId = $cart->get('plan_id'); $subscriptionId = $cart->get('course_id'); $redirect = redirect(route('checkout.lmsestudio.subscription', [$subscriptionId, $periodicityId])); } else { $redirect = redirect(route('cart.list')); } } return $redirect; } /** * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function postSendResetPwd(Request $request) { $rules = [ 'email' => 'required|email|max:255|' ]; $validator = \Validator::make($request->all(), $rules); if ($validator->fails()) { $this->throwValidationException($request, $validator); } $data = $request->all(); $user = User::whereEmail($data['email'])->first(); if (!$user) { $fail = 'fail'; $message = 'Usuário não encontrado'; } else { $token = $this->token->create($user); $data = $this->pwdReset->create(['email' => $data['email'], 'token' => $token]); $success = 'success'; $message = "Enviamos um e-mail com o link para redefinir sua senha"; \Event::fire(new PwdResetMail($data)); } return redirect()->back()->with(compact('message', 'success', 'fail')); } /** * @param $token * @return \Illuminate\View\View */ public function getResetPwd($token) { $pwdReset = $this->pwdReset->whereToken($token)->first(); if ($pwdReset) { $this->breadCrumb->addBreadcrumb('Home', '/'); $this->breadCrumb->addBreadcrumb('Redefinição de Senha', '/'); $bread = $this->breadCrumb->generate(); return view('site.resetpwd', compact('bread')); } else { $fail = 'fail'; $message = 'Token não encontrado ou não válido!'; $this->breadCrumb->addBreadcrumb('Home', '/'); $this->breadCrumb->addBreadcrumb('Redefinição de Senha', '/'); $bread = $this->breadCrumb->generate(); return view('site.resetpwd_fail', compact('bread', 'fail', 'message')); } } /** * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function postResetPwd(Request $request) { $rules = [ 'email' => 'required|email|max:255|', 'password' => 'required|confirmed|min:8|max:20|strong_pwd' ]; $validator = \Validator::make($request->all(), $rules); if ($validator->fails()) { $this->throwValidationException($request, $validator); } $data = $request->all(); $user = User::whereEmail($data['email'])->first(); if ($user) { $user['password'] = bcrypt($data['password']); $user->save(); $credentials = ['email' => $data['email'], 'password' => $data['password']]; auth()->attempt($credentials, $request->has('remember')); if (auth()->user()->roles[0]->name == 'superadmin') { $this->saasUtilService->changeCPanelPWD($data); $this->saasUtilService->changePanelCustomerPWD($data); } return redirect(route('index'))->with(compact('message', 'success', 'fail')); } else { $fail = 'fail'; $message = 'E-Mail não encontrado'; return redirect()->back()->with(compact('message', 'success', 'fail')); } } /* * Recuperação de Dados com Redes Sociais */ /** * @param AuthenticateFacebook $authenticateface * @param Request $request * @return \Symfony\Component\HttpFoundation\RedirectResponse */ public function getSignUpFacebook(AuthenticateFacebook $authenticateface, Request $request) { return $authenticateface->execute($request->has('code')); } }
Copyright © 2026 - UnknownSec