From fd4586936fe0b31512b864ec351e20d526db0907 Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:11:25 +0300 Subject: [PATCH 1/9] Added user_deleted error message. --- src/config/config.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/config/config.php b/src/config/config.php index 58be6c5..8dd5ee1 100644 --- a/src/config/config.php +++ b/src/config/config.php @@ -225,6 +225,10 @@ 'message' => 'An error occurred while trying to revoke your access token.', 'redirect' => '/' ], + 'user_deleted' => [ + 'message' => 'Your account is deleted and you can\'t log in.', + 'redirect' => '/' + ] ], /* From eaf52925782d264a0c8191507bd56986f1ea21f4 Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:13:11 +0300 Subject: [PATCH 2/9] Throwing error if the user is soft deleted. --- src/Http/Controllers/DiscordController.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/Http/Controllers/DiscordController.php b/src/Http/Controllers/DiscordController.php index 20527e1..863dc18 100644 --- a/src/Http/Controllers/DiscordController.php +++ b/src/Http/Controllers/DiscordController.php @@ -80,6 +80,12 @@ public function handle(StoreUserRequest $request): RedirectResponse | JsonRespon return $this->throwError('database_error', $e); } + // Verifying if the user is soft-deleted. + if ($user->trashed()) { + DB::rollBack(); + return $this->throwError('user_deleted'); + } + // Verifying if the user has the required roles if "larascord.roles" is set. if (count(config('larascord.guild_roles'))) { // Verifying if the "guilds" and "guilds.members.read" scopes are set. From 0aac93e2349250beb01c21ebc0b9fe0f206e6f10 Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:15:38 +0300 Subject: [PATCH 3/9] Making sure trashed method exists --- src/Http/Controllers/DiscordController.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/Http/Controllers/DiscordController.php b/src/Http/Controllers/DiscordController.php index 863dc18..499cfbf 100644 --- a/src/Http/Controllers/DiscordController.php +++ b/src/Http/Controllers/DiscordController.php @@ -81,9 +81,11 @@ public function handle(StoreUserRequest $request): RedirectResponse | JsonRespon } // Verifying if the user is soft-deleted. - if ($user->trashed()) { - DB::rollBack(); - return $this->throwError('user_deleted'); + if (method_exists($user, 'trashed')) { + if ($user->trashed()) { + DB::rollBack(); + return $this->throwError('user_deleted'); + } } // Verifying if the user has the required roles if "larascord.roles" is set. From c6cb57c796580ed2810759f68a9d357ca062dc26 Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:16:45 +0300 Subject: [PATCH 4/9] Moved roles column after avatar --- .../migrations/2023_04_06_101123_add_roles_to_users_table.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/database/migrations/2023_04_06_101123_add_roles_to_users_table.php b/src/database/migrations/2023_04_06_101123_add_roles_to_users_table.php index 9e195d6..0ed6c34 100644 --- a/src/database/migrations/2023_04_06_101123_add_roles_to_users_table.php +++ b/src/database/migrations/2023_04_06_101123_add_roles_to_users_table.php @@ -12,7 +12,7 @@ public function up(): void { Schema::table('users', function (Blueprint $table) { - $table->json('roles')->nullable(); + $table->json('roles')->nullable()->after('avatar'); }); } From f166edddc413e7a43d3f140335fecc4120ed2aa5 Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:21:44 +0300 Subject: [PATCH 5/9] Updated config.php --- src/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/config/config.php b/src/config/config.php index 8dd5ee1..db3f677 100644 --- a/src/config/config.php +++ b/src/config/config.php @@ -228,7 +228,7 @@ 'user_deleted' => [ 'message' => 'Your account is deleted and you can\'t log in.', 'redirect' => '/' - ] + ], ], /* From b1a20622f01d05fe148ecd65e55742dd7e0d43ab Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:25:39 +0300 Subject: [PATCH 6/9] Verifying if "deleted_at" colum exists --- src/Http/Controllers/DiscordController.php | 3 ++- src/Services/DiscordService.php | 10 ++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/Http/Controllers/DiscordController.php b/src/Http/Controllers/DiscordController.php index 499cfbf..cd3a187 100644 --- a/src/Http/Controllers/DiscordController.php +++ b/src/Http/Controllers/DiscordController.php @@ -6,6 +6,7 @@ use Illuminate\Http\RedirectResponse; use App\Providers\RouteServiceProvider; use Illuminate\Support\Facades\DB; +use Illuminate\Support\Facades\Schema; use Jakyeru\Larascord\Http\Requests\StoreUserRequest; use Jakyeru\Larascord\Services\DiscordService; @@ -81,7 +82,7 @@ public function handle(StoreUserRequest $request): RedirectResponse | JsonRespon } // Verifying if the user is soft-deleted. - if (method_exists($user, 'trashed')) { + if (Schema::hasColumn('users', 'deleted_at')) { if ($user->trashed()) { DB::rollBack(); return $this->throwError('user_deleted'); diff --git a/src/Services/DiscordService.php b/src/Services/DiscordService.php index d6945da..ef1035d 100644 --- a/src/Services/DiscordService.php +++ b/src/Services/DiscordService.php @@ -6,6 +6,7 @@ use Exception; use Illuminate\Http\Client\RequestException; use Illuminate\Support\Facades\Http; +use Illuminate\Support\Facades\Schema; use Jakyeru\Larascord\Types\AccessToken; use Jakyeru\Larascord\Types\GuildMember; @@ -187,6 +188,15 @@ public function createOrUpdateUser(\Jakyeru\Larascord\Types\User $user): User throw new Exception('User access token is missing.'); } + if (Schema::hasColumn('users', 'deleted_at')) { + return User::withTrashed()->updateOrCreate( + [ + 'id' => $user->id, + ], + $user->toArray(), + ); + } + return User::updateOrCreate( [ 'id' => $user->id, From be5a6b435b8117dfbdcea37d97afec71a624faea Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:32:14 +0300 Subject: [PATCH 7/9] Verifying if "deleted_at" colum exists. --- src/Http/Controllers/DiscordController.php | 21 +++++++++++++++++++++ src/routes/larascord.php | 6 ++---- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/src/Http/Controllers/DiscordController.php b/src/Http/Controllers/DiscordController.php index cd3a187..4235904 100644 --- a/src/Http/Controllers/DiscordController.php +++ b/src/Http/Controllers/DiscordController.php @@ -12,6 +12,27 @@ class DiscordController extends Controller { + /** + * Handle the Discord OAuth2 redirect. + */ + public function login(): RedirectResponse + { + // Preventing the redirection to Discord if the user's account gets soft deleted and is authenticated. + if (auth()->check()) { + // Verifying if the user is soft-deleted. + if (Schema::hasColumn('users', 'deleted_at')) { + if (auth()->user()->trashed()) { + return $this->throwError('user_deleted'); + } + } + } + + return redirect()->away('https://discord.com/oauth2/authorize?client_id=' . config('larascord.client_id') + . '&redirect_uri=' . config('larascord.redirect_uri') + . '&response_type=code&scope=' . implode('%20', explode('&', config('larascord.scopes'))) + . '&prompt=' . config('larascord.prompt', 'none')); + } + /** * Handles the Discord OAuth2 login. */ diff --git a/src/routes/larascord.php b/src/routes/larascord.php index bf8885f..7abd871 100644 --- a/src/routes/larascord.php +++ b/src/routes/larascord.php @@ -17,10 +17,8 @@ use App\Http\Controllers\Auth\ConfirmablePasswordController; use Jakyeru\Larascord\Http\Controllers\DiscordController; -Route::redirect('/login', 'https://discord.com/oauth2/authorize?client_id=' . config('larascord.client_id') - . '&redirect_uri=' . config('larascord.redirect_uri') - . '&response_type=code&scope=' . implode('%20', explode('&', config('larascord.scopes'))) - . '&prompt=' . config('larascord.prompt', 'none')) +Route::get('/login', [DiscordController::class, 'login']) + ->middleware(['web', 'guest']) ->name('login'); Route::get('/confirm-password', [ConfirmablePasswordController::class, 'show']) From 8f5d9f0d93fcb88c1d3442959ec9fa72bea470aa Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:33:16 +0300 Subject: [PATCH 8/9] Undo "Verifying if "deleted_at" colum exists." --- src/Http/Controllers/DiscordController.php | 21 --------------------- src/routes/larascord.php | 6 ++++-- 2 files changed, 4 insertions(+), 23 deletions(-) diff --git a/src/Http/Controllers/DiscordController.php b/src/Http/Controllers/DiscordController.php index 4235904..cd3a187 100644 --- a/src/Http/Controllers/DiscordController.php +++ b/src/Http/Controllers/DiscordController.php @@ -12,27 +12,6 @@ class DiscordController extends Controller { - /** - * Handle the Discord OAuth2 redirect. - */ - public function login(): RedirectResponse - { - // Preventing the redirection to Discord if the user's account gets soft deleted and is authenticated. - if (auth()->check()) { - // Verifying if the user is soft-deleted. - if (Schema::hasColumn('users', 'deleted_at')) { - if (auth()->user()->trashed()) { - return $this->throwError('user_deleted'); - } - } - } - - return redirect()->away('https://discord.com/oauth2/authorize?client_id=' . config('larascord.client_id') - . '&redirect_uri=' . config('larascord.redirect_uri') - . '&response_type=code&scope=' . implode('%20', explode('&', config('larascord.scopes'))) - . '&prompt=' . config('larascord.prompt', 'none')); - } - /** * Handles the Discord OAuth2 login. */ diff --git a/src/routes/larascord.php b/src/routes/larascord.php index 7abd871..bf8885f 100644 --- a/src/routes/larascord.php +++ b/src/routes/larascord.php @@ -17,8 +17,10 @@ use App\Http\Controllers\Auth\ConfirmablePasswordController; use Jakyeru\Larascord\Http\Controllers\DiscordController; -Route::get('/login', [DiscordController::class, 'login']) - ->middleware(['web', 'guest']) +Route::redirect('/login', 'https://discord.com/oauth2/authorize?client_id=' . config('larascord.client_id') + . '&redirect_uri=' . config('larascord.redirect_uri') + . '&response_type=code&scope=' . implode('%20', explode('&', config('larascord.scopes'))) + . '&prompt=' . config('larascord.prompt', 'none')) ->name('login'); Route::get('/confirm-password', [ConfirmablePasswordController::class, 'show']) From dd1a29348c0077a69b3588700561fdc0ed64f8fe Mon Sep 17 00:00:00 2001 From: Jakye Date: Tue, 15 Aug 2023 21:35:19 +0300 Subject: [PATCH 9/9] Added guest middleware to login route --- src/routes/larascord.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/routes/larascord.php b/src/routes/larascord.php index bf8885f..41a7dab 100644 --- a/src/routes/larascord.php +++ b/src/routes/larascord.php @@ -21,6 +21,7 @@ . '&redirect_uri=' . config('larascord.redirect_uri') . '&response_type=code&scope=' . implode('%20', explode('&', config('larascord.scopes'))) . '&prompt=' . config('larascord.prompt', 'none')) + ->middleware(['web', 'guest']) ->name('login'); Route::get('/confirm-password', [ConfirmablePasswordController::class, 'show'])