Michael/schneespur
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
schneespur/app/Http/Controllers/Portal/PortalAuthController.php
Michael ee3dbba6cc Initial release v1.0.0 
Schneespur — Open-source winter service documentation software (PWA + Admin).
GPS tracking via OwnTracks, weather data, photo evidence, and legally
compliant service records for winter maintenance operators.

License: AGPL-3.0-or-later
2026-05-17 13:33:51 +00:00

77 lines
2.1 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Portal;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
use Illuminate\View\View;
class PortalAuthController extends Controller
{
public function showLogin(): View
{
return view('portal.auth.login');
}
public function login(Request $request): RedirectResponse
{
$request->validate([
'email' => ['required', 'email'],
'password' => ['required', 'string'],
]);
$throttleKey = Str::transliterate(Str::lower($request->input('email')).'|'.$request->ip());
if (RateLimiter::tooManyAttempts($throttleKey, 5)) {
$seconds = RateLimiter::availableIn($throttleKey);
throw ValidationException::withMessages([
'email' => __('auth.throttle', ['seconds' => $seconds]),
]);
}
if (! Auth::guard('customer')->attempt(
$request->only('email', 'password'),
$request->boolean('remember')
)) {
RateLimiter::hit($throttleKey);
throw ValidationException::withMessages([
'email' => __('portal.invalid_credentials'),
]);
}
$customer = Auth::guard('customer')->user();
if (! $customer->portal_enabled) {
Auth::guard('customer')->logout();
RateLimiter::hit($throttleKey);
throw ValidationException::withMessages([
'email' => __('portal.account_disabled'),
]);
}
RateLimiter::clear($throttleKey);
$request->session()->regenerate();
return redirect()->intended(route('portal.home'));
}
public function logout(Request $request): RedirectResponse
{
Auth::guard('customer')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect()->route('portal.login');
}
}
Reference in a new issue View git blame Copy permalink