Commit 96a38170 authored by Timothée Jaussoin's avatar Timothée Jaussoin

Use simple usernames for login

Enforce configuration domain for Accounts
parent c557e6a7
Pipeline #15080 passed with stages
in 1 minute and 21 seconds
......@@ -29,6 +29,13 @@ class Account extends Authenticatable
protected $dates = ['creation_time'];
public $timestamps = false;
protected static function booted()
{
static::addGlobalScope('domain', function (Builder $builder) {
$builder->where('domain', config('app.sip_domain'));
});
}
public function passwords()
{
return $this->hasMany('App\Password');
......
......@@ -106,7 +106,7 @@ class AccountController extends Controller
$request->validate(['identifier' => 'required|same:identifier_confirm']);
Auth::logout();
//$request->user()->delete();
$request->user()->delete();
return redirect()->route('account.login');
}
......@@ -114,21 +114,18 @@ class AccountController extends Controller
public function authenticate(Request $request)
{
$request->validate([
'username' => ['required', new SIP],
'username' => 'required',
'password' => 'required'
]);
list($username, $domain) = explode('@', $request->get('username'));
$account = Account::where('username', $username)
->where('domain', $domain)
$account = Account::where('username', $request->get('username'))
->firstOrFail();
// Try out the passwords
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
Utils::bchash($username, $domain, $request->get('password'), $password->algorithm)
Utils::bchash($request->get('username'), config('app.sip_domain'), $request->get('password'), $password->algorithm)
)) {
Auth::login($account);
return redirect()->route('account.index');
......
......@@ -7,7 +7,7 @@
{!! Form::open(['route' => 'account.authenticate']) !!}
<div class="form-group">
{!! Form::label('username', 'Username') !!}
{!! Form::text('username', old('username'), ['class' => 'form-control', 'placeholder' => 'username@'.config('app.sip_domain'), 'required']) !!}
{!! Form::text('username', old('username'), ['class' => 'form-control', 'placeholder' => 'username', 'required']) !!}
</div>
<div class="form-group">
{!! Form::label('password', 'Password') !!}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment