Michael/schneespur
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
schneespur/release/schneespur-1.0.2/app/Http/Controllers/Portal/PortalAuthController.php
Michael 7288b93500 Release v1.0.2: diagnostic infrastructure core 
Add neutral diagnostic framework for future reporting modules:
- DiagnosticReporterInterface, Registry, Manager, PayloadSanitizer
- Laravel exception hook in bootstrap/app.php
- Module permission declarations (requires_permissions in module.json)
- Core diagnostic report points (module boot/install/update failures)
- Module documentation update (moduldoku.md)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-18 16:54:11 +00:00

77 lines
2.1 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Portal;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
use Illuminate\View\View;
class PortalAuthController extends Controller
{
public function showLogin(): View
{
return view('portal.auth.login');
}
public function login(Request $request): RedirectResponse
{
$request->validate([
'email' => ['required', 'email'],
'password' => ['required', 'string'],
]);
$throttleKey = Str::transliterate(Str::lower($request->input('email')).'|'.$request->ip());
if (RateLimiter::tooManyAttempts($throttleKey, 5)) {
$seconds = RateLimiter::availableIn($throttleKey);
throw ValidationException::withMessages([
'email' => __('auth.throttle', ['seconds' => $seconds]),
]);
}
if (! Auth::guard('customer')->attempt(
$request->only('email', 'password'),
$request->boolean('remember')
)) {
RateLimiter::hit($throttleKey);
throw ValidationException::withMessages([
'email' => __('portal.invalid_credentials'),
]);
}
$customer = Auth::guard('customer')->user();
if (! $customer->portal_enabled) {
Auth::guard('customer')->logout();
RateLimiter::hit($throttleKey);
throw ValidationException::withMessages([
'email' => __('portal.account_disabled'),
]);
}
RateLimiter::clear($throttleKey);
$request->session()->regenerate();
return redirect()->intended(route('portal.home'));
}
public function logout(Request $request): RedirectResponse
{
Auth::guard('customer')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect()->route('portal.login');
}
}
Reference in a new issue View git blame Copy permalink