52 lines
1.6 KiB
PHP
52 lines
1.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\MagicLink;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class MagicLinkConsumeController extends Controller
|
|
{
|
|
public function __invoke(Request $request, string $token): RedirectResponse
|
|
{
|
|
$magicLink = MagicLink::query()
|
|
->with('user')
|
|
->where('token_hash', hash('sha256', $token))
|
|
->where('purpose', 'login')
|
|
->first();
|
|
|
|
if (! $magicLink || ! $magicLink->user) {
|
|
return redirect()->route('login')->with('status', __('The magic login link is invalid.'));
|
|
}
|
|
|
|
if ($magicLink->consumed_at !== null || $magicLink->expires_at->isPast()) {
|
|
return redirect()->route('login')->with('status', __('The magic login link has expired or was already used.'));
|
|
}
|
|
|
|
if (! $magicLink->user->is_active) {
|
|
return redirect()->route('login')->with('status', __('Your account is not active.'));
|
|
}
|
|
|
|
$magicLink->update([
|
|
'consumed_at' => now(),
|
|
'ip_consumed' => $request->ip(),
|
|
]);
|
|
|
|
$magicLink->user->update([
|
|
'last_login_at' => now(),
|
|
'last_login_ip' => $request->ip(),
|
|
]);
|
|
|
|
Auth::guard('web')->login($magicLink->user);
|
|
$request->session()->regenerate();
|
|
|
|
$home = $magicLink->user->canAccessAdmin()
|
|
? route('dashboard', absolute: false)
|
|
: route('me.dashboard', absolute: false);
|
|
|
|
return redirect()->intended($home);
|
|
}
|
|
}
|