solocla/comelifacciamo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Claudio
2026-01-25 21:03:33 +01:00
commit 8d8e213f1c
2570 changed files with 479666 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/Web/Auth/LoginController.php
+197
View File
@@ -0,0 +1,197 @@
<?php
namespace Vanguard\Http\Controllers\Web\Auth;
use Auth;
use Illuminate\Contracts\Auth\Authenticatable as BaseAuthenticatable;
use Illuminate\Contracts\View\View;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Vanguard\Events\User\LoggedIn;
use Vanguard\Events\User\LoggedOut;
use Vanguard\Http\Controllers\Controller;
use Vanguard\Http\Requests\Auth\LoginRequest;
use Vanguard\Repositories\Session\SessionRepository;
use Vanguard\Repositories\User\UserRepository;
use Vanguard\Services\Auth\ThrottlesLogins;
use Vanguard\User;
use Vanguard\Models\School;
class LoginController extends Controller
{
use ThrottlesLogins;
public function __construct(private readonly UserRepository $users)
{
$this->middleware('guest')->except('logout');
$this->middleware('auth')->only('logout');
}
/**
* Show the application login form.
*/
public function show($school = null): View
{
// Debug: aggiungiamo un log per verificare se arriviamo qui
\Log::info('LoginController::show chiamato con school = ' . ($school ?? 'null'));
// Cerca la scuola in base allo slug
$schoolData = null;
if ($school) {
$schoolData = School::where('slug', $school)->first();
}
return view('auth.login', [
'socialProviders' => config('auth.social.providers'),
'school_slug' => $school,
'school_logo' => $schoolData ? $schoolData->logo : null,
]);
}
public function login(LoginRequest $request, SessionRepository $sessions): Response|RedirectResponse
{
// Debug: aggiungiamo un log per verificare se arriviamo qui
\Log::info('LoginController::login chiamato con input: ' . json_encode($request->all()));
// In case that request throttling is enabled, we have to check if user can perform this request.
$throttles = (bool) setting('throttle_enabled');
// Redirect URL that can be passed as hidden field.
$to = $request->has('to') ? '?to=' . $request->get('to') : '';
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
// Validazione del campo school
$schoolSlug = $request->input('school');
if ($schoolSlug) {
$school = School::where('slug', $schoolSlug)->first();
if ($school) {
// Se presente e valida → salva in sessione
$request->session()->put('school_id', $school->id);
}
// ⚠️ se non esiste → NON blocchiamo il login
}
// ⚠️ se è vuota → NON facciamo nulla
$credentials = $request->getCredentials();
if (! Auth::validate($credentials)) {
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return redirect()->to('login' . $to)
->withErrors(trans('auth.failed'));
}
$user = Auth::getProvider()->retrieveByCredentials($credentials);
if ($user->isBanned()) {
return redirect()->to('login' . $to)
->withErrors(trans('auth.banned'));
}
$maxSessions = setting('max_active_sessions');
if ($maxSessions && $sessions->getActiveSessionsCount($user->id) >= $maxSessions) {
return redirect()->to('login' . $to)
->withErrors(trans('auth.max_sessions_reached'));
}
Auth::login($user, setting('remember_me') && $request->get('remember'));
return $this->authenticated($request, $throttles, $user);
}
/**
* Send the response after the user was authenticated.
*/
protected function authenticated(
Request $request,
bool $throttles,
BaseAuthenticatable $user,
): Response|RedirectResponse {
if ($throttles) {
$this->clearLoginAttempts($request);
}
// Redirezione basata sul ruolo
if ($user->hasRole('Admin')) {
return redirect()->to('userarea/admin.php');
} elseif ($user->hasRole('User')) {
return redirect()->to('userarea/select_school.php');
} elseif ($user->hasRole('teacher')) {
return redirect()->to('userarea/teacher.php');
} elseif ($user->hasRole('school_owner')) {
return redirect()->to('userarea/school_dashboard.php');
}
return redirect()->intended('userarea/default.php');
}
protected function logoutAndRedirectToTokenPage(Request $request, $user, ?string $redirectPage): RedirectResponse
{
Auth::logout();
$request->session()->put('auth.2fa.id', $user->id);
if ($redirectPage) {
$request->session()->put('auth.redirect_to', $redirectPage);
}
return redirect()->route('auth.token');
}
/**
* Log the user out of the application.
*/
public function logout(Request $request): RedirectResponse
{
event(new LoggedOut);
// 1) Logout Laravel
Auth::logout();
// 2) Pulisci + invalida session Laravel (NON solo forget)
$request->session()->forget(['school_id', 'school_name', 'school_selected']);
$request->session()->invalidate();
$request->session()->regenerateToken();
// 3) Pulisci anche la session PHP nativa usata in userarea (PHPSESSID)
if (session_status() !== PHP_SESSION_ACTIVE) {
@session_start();
}
unset(
$_SESSION['school_id'],
$_SESSION['school_name'],
$_SESSION['school_selected']
);
// Se vuoi essere ancora più “definitivo”, distruggi tutta la PHP session:
$_SESSION = [];
if (ini_get('session.use_cookies')) {
$params = session_get_cookie_params();
setcookie(
session_name(),
'',
time() - 42000,
$params['path'],
$params['domain'],
$params['secure'],
$params['httponly']
);
}
@session_destroy();
return redirect('login');
}
}