From c060b008b122662eee8df1b0b1a6289be52fc0e8 Mon Sep 17 00:00:00 2001
From: Alexis Saettler <alexis@saettler.org>
Date: Fri, 21 May 2021 23:37:44 +0200
Subject: [PATCH] feat: handle errors in production (#801)

---
 app/Exceptions/Handler.php                    | 25 +++---
 app/Http/Controllers/Auth/LoginController.php | 20 ++---
 app/Http/Kernel.php                           |  2 +-
 app/Http/Middleware/HandleInertiaRequests.php | 73 ++++++++++++++++
 app/Providers/AppServiceProvider.php          | 52 ------------
 resources/js/Pages/Auth/Login.vue             | 37 +++++----
 resources/js/Pages/Error.vue                  | 83 +++++++++++++++++++
 resources/js/Shared/Errors.vue                |  5 +-
 resources/lang/en/errors.php                  | 21 +++++
 9 files changed, 223 insertions(+), 95 deletions(-)
 create mode 100644 app/Http/Middleware/HandleInertiaRequests.php
 create mode 100644 resources/js/Pages/Error.vue
 create mode 100644 resources/lang/en/errors.php

diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
index 70d8dc71b..a632ff2fb 100644
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -3,12 +3,7 @@
 namespace App\Exceptions;
 
 use Throwable;
-use Illuminate\Support\Facades\Redirect;
-use Illuminate\Session\TokenMismatchException;
-use Illuminate\Validation\ValidationException;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Database\Eloquent\ModelNotFoundException;
-use Symfony\Component\HttpKernel\Exception\HttpException;
+use Inertia\Inertia;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 
 class Handler extends ExceptionHandler
@@ -19,10 +14,6 @@ class Handler extends ExceptionHandler
      * @var array
      */
     protected $dontReport = [
-        AuthorizationException::class,
-        HttpException::class,
-        ModelNotFoundException::class,
-        ValidationException::class,
     ];
 
     /**
@@ -48,11 +39,19 @@ class Handler extends ExceptionHandler
      */
     public function render($request, Throwable $e)
     {
-        if ($e instanceof TokenMismatchException) {
-            return Redirect::route('login');
+        $response = parent::render($request, $e);
+
+        if (! app()->environment('local') && in_array($response->getStatusCode(), [500, 503, 401, 404, 403])) {
+            return Inertia::render('Error', ['status' => $response->getStatusCode()])
+                ->toResponse($request)
+                ->setStatusCode($response->getStatusCode());
+        } elseif ($response->getStatusCode() === 419) {
+            return back()->with([
+                'message' => trans('errors.message_419'),
+            ]);
         }
 
-        return parent::render($request, $e);
+        return $response;
     }
 
     /**
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 6bdc2b1a1..f2188768b 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -4,8 +4,9 @@
 
 use Inertia\Inertia;
 use Illuminate\Http\Request;
-use Illuminate\Http\JsonResponse;
 use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\Response;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 
 class LoginController extends Controller
@@ -37,16 +38,15 @@ public function showLoginForm(): \Inertia\Response
      *
      * @param  \Illuminate\Http\Request  $request
      * @param  mixed  $user
-     * @return mixed
+     * @return \Symfony\Component\HttpFoundation\Response
      */
     protected function authenticated(Request $request, $user)
     {
         $path = $request->session()->pull('url.intended', route('home'));
 
-        return new JsonResponse([
-            'success' => true,
-            'redirect' => $path,
-        ]);
+        return $request->wantsJson()
+            ? Response::json(['success' => true,'redirect' => $path])
+            : Redirect::intended($path);
     }
 
     /**
@@ -58,10 +58,8 @@ protected function authenticated(Request $request, $user)
      */
     protected function sendFailedLoginResponse(Request $request)
     {
-        return new JsonResponse([
-            'data' => [
-                trans('auth.login_invalid_credentials'),
-            ],
-        ], 401);
+        return $request->wantsJson()
+            ? Response::json(['data' => [trans('auth.login_invalid_credentials')]], 401)
+            : Redirect::back()->with('message', trans('auth.login_invalid_credentials'));
     }
 }
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 90f20359b..986ce93b5 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -36,7 +36,7 @@ class Kernel extends HttpKernel
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
             \App\Http\Middleware\VerifyCsrfToken::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
-            \Inertia\Middleware::class,
+            \App\Http\Middleware\HandleInertiaRequests::class,
         ],
 
         'api' => [
diff --git a/app/Http/Middleware/HandleInertiaRequests.php b/app/Http/Middleware/HandleInertiaRequests.php
new file mode 100644
index 000000000..9ab1e96af
--- /dev/null
+++ b/app/Http/Middleware/HandleInertiaRequests.php
@@ -0,0 +1,73 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Inertia\Middleware;
+use Illuminate\Http\Request;
+use App\Helpers\InstanceHelper;
+
+class HandleInertiaRequests extends Middleware
+{
+    /**
+     * The root template that's loaded on the first page visit.
+     *
+     * @see https://inertiajs.com/server-side-setup#root-template
+     * @var string
+     */
+    protected $rootView = 'app';
+
+    /**
+     * Determines the current asset version.
+     *
+     * @see https://inertiajs.com/asset-versioning
+     * @param  \Illuminate\Http\Request  $request
+     * @return string|null
+     */
+    public function version(Request $request)
+    {
+        return parent::version($request);
+    }
+
+    /**
+     * Defines the props that are shared by default.
+     *
+     * @see https://inertiajs.com/shared-data
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
+    public function share(Request $request)
+    {
+        return array_merge(parent::share($request), [
+            'auth' => fn () => [
+                'user' => $request->user() ? [
+                    'id' => $request->user()->id,
+                    'first_name' => $request->user()->first_name,
+                    'last_name' => $request->user()->last_name,
+                    'email' => $request->user()->email,
+                    'name' => $request->user()->name,
+                    'show_help' => $request->user()->show_help,
+                ] : null,
+                'company' => $request->user() && ! is_null(InstanceHelper::getLoggedCompany()) ? InstanceHelper::getLoggedCompany() : null,
+                'employee' => $request->user() && ! is_null(InstanceHelper::getLoggedEmployee()) ? [
+                    'id' => InstanceHelper::getLoggedEmployee()->id,
+                    'first_name' => InstanceHelper::getLoggedEmployee()->first_name,
+                    'last_name' => InstanceHelper::getLoggedEmployee()->last_name,
+                    'name' => InstanceHelper::getLoggedEmployee()->name,
+                    'permission_level' => InstanceHelper::getLoggedEmployee()->permission_level,
+                    'display_welcome_message' => InstanceHelper::getLoggedEmployee()->display_welcome_message,
+                    'user' => (! InstanceHelper::getLoggedEmployee()->user) ? null : [
+                        'id' => InstanceHelper::getLoggedEmployee()->user_id,
+                    ],
+                ] : null,
+            ],
+            'help_links' => fn () => config('officelife.help_links'),
+            'flash' => [
+                'message' => fn () => $request->session()->get('message'),
+                'success' => fn () => $request->session()->get('success'),
+            ],
+            'errors' => fn () => $request->session()->get('errors')
+                    ? $request->session()->get('errors')->getBag('default')->getMessages()
+                    : [],
+        ]);
+    }
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index d662f256e..637aed13d 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -2,14 +2,10 @@
 
 namespace App\Providers;
 
-use Inertia\Inertia;
-use App\Helpers\InstanceHelper;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\App;
-use Illuminate\Support\Facades\Auth;
 use App\Notifications\EmailMessaging;
 use Illuminate\Support\Facades\Schema;
-use Illuminate\Support\Facades\Session;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Auth\Notifications\VerifyEmail;
 
@@ -21,7 +17,6 @@ class AppServiceProvider extends ServiceProvider
     public function boot(): void
     {
         Schema::defaultStringLength(191);
-        $this->registerInertia();
 
         VerifyEmail::toMailUsing(function ($user, $verificationUrl) {
             return EmailMessaging::verifyEmailMail($user, $verificationUrl);
@@ -49,51 +44,4 @@ public function boot(): void
     public function register()
     {
     }
-
-    public function registerInertia(): void
-    {
-        Inertia::version(function () {
-            return md5_file(public_path('mix-manifest.json'));
-        });
-
-        Inertia::share([
-            'auth' => function () {
-                return [
-                    'user' => Auth::user() ? [
-                        'id' => Auth::user()->id,
-                        'first_name' => Auth::user()->first_name,
-                        'last_name' => Auth::user()->last_name,
-                        'email' => Auth::user()->email,
-                        'name' => Auth::user()->name,
-                        'show_help' => Auth::user()->show_help,
-                    ] : null,
-                    'company' => Auth::user() && ! is_null(InstanceHelper::getLoggedCompany()) ? InstanceHelper::getLoggedCompany() : null,
-                    'employee' => Auth::user() && ! is_null(InstanceHelper::getLoggedEmployee()) ? [
-                        'id' => InstanceHelper::getLoggedEmployee()->id,
-                        'first_name' => InstanceHelper::getLoggedEmployee()->first_name,
-                        'last_name' => InstanceHelper::getLoggedEmployee()->last_name,
-                        'name' => InstanceHelper::getLoggedEmployee()->name,
-                        'permission_level' => InstanceHelper::getLoggedEmployee()->permission_level,
-                        'display_welcome_message' => InstanceHelper::getLoggedEmployee()->display_welcome_message,
-                        'user' => (! InstanceHelper::getLoggedEmployee()->user) ? null : [
-                            'id' => InstanceHelper::getLoggedEmployee()->user_id,
-                        ],
-                    ] : null,
-                ];
-            },
-            'help_links' => function () {
-                return config('officelife.help_links');
-            },
-            'flash' => function () {
-                return [
-                    'success' => Session::get('success'),
-                ];
-            },
-            'errors' => function () {
-                return Session::get('errors')
-                    ? Session::get('errors')->getBag('default')->getMessages()
-                    : [];
-            },
-        ]);
-    }
 }
diff --git a/resources/js/Pages/Auth/Login.vue b/resources/js/Pages/Auth/Login.vue
index 354b0aff2..46d970115 100644
--- a/resources/js/Pages/Auth/Login.vue
+++ b/resources/js/Pages/Auth/Login.vue
@@ -20,12 +20,12 @@
       </div>
       <div class="">
         <!-- Form Errors -->
-        <errors :errors="errors" :class="'mb3'" />
+        <errors :errors="form.errors" :class="'mb3'" />
 
         <form @submit.prevent="submit">
           <text-input v-model="form.email"
                       :name="'email'"
-                      :errors="$page.props.errors.email"
+                      :errors="form.errors.email"
                       :label="$t('auth.login_email')"
                       :required="true"
                       :type="'email'"
@@ -33,7 +33,7 @@
           />
           <text-input v-model="form.password"
                       :name="'password'"
-                      :errors="$page.props.errors.password"
+                      :errors="form.errors.password"
                       type="password"
                       :label="$t('auth.login_password')"
                       :required="true"
@@ -56,6 +56,7 @@
 import TextInput from '@/Shared/TextInput';
 import Errors from '@/Shared/Errors';
 import LoadingButton from '@/Shared/LoadingButton';
+import { useForm } from '@inertiajs/inertia-vue3';
 
 export default {
   components: {
@@ -73,32 +74,34 @@ export default {
 
   data() {
     return {
-      form: {
+      form: useForm({
         email: null,
         password: null,
-      },
-      errors: [],
-      loadingState: '',
+        remember: false
+      }),
       errorTemplate: Error,
     };
   },
 
+  computed: {
+    loadingState() {
+      return this.form.processing ? 'loading' : '';
+    }
+  },
+
   mounted() {
     document.title = 'Login';
   },
 
   methods: {
     submit() {
-      this.loadingState = 'loading';
-
-      axios.post(this.route('login.attempt'), _.assign({}, this.form, { remember: true}))
-        .then(response => {
-          this.loadingState = null;
-          this.$inertia.visit(response.data.redirect);
-        })
-        .catch(error => {
-          this.loadingState = null;
-          this.errors = error.response.data;
+      this.form
+        .transform(data => ({
+          ... data,
+          remember: this.form.remember ? 'on' : ''
+        }))
+        .post(this.route('login'), {
+          onFinish: () => this.form.reset('password'),
         });
     },
   }
diff --git a/resources/js/Pages/Error.vue b/resources/js/Pages/Error.vue
new file mode 100644
index 000000000..2ca652618
--- /dev/null
+++ b/resources/js/Pages/Error.vue
@@ -0,0 +1,83 @@
+<style scoped>
+  html{font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;line-height:1.5
+  }*,:after,:before{box-sizing:border-box;border:0 solid #e2e8f0}
+
+  .bg-gray-100{--bg-opacity:1;background-color:#f7fafc;background-color:rgba(247,250,252,var(--bg-opacity))}
+  .border-gray-400{--border-opacity:1;border-color:#cbd5e0;border-color:rgba(203,213,224,var(--border-opacity))}
+  .border-r{border-right-width:1px}
+
+  .flex{display:flex}
+  .items-center{align-items:center}
+  .justify-center{justify-content:center}
+  .relative{position:relative}
+
+  .mx-auto{margin-left:auto;margin-right:auto}
+  .ml-4{margin-left:1rem}
+  .max-w-xl{max-width:36rem}
+  .min-h-screen{min-height:100vh}
+  .px-4{padding-left:1rem;padding-right:1rem}
+  .pt-8{padding-top:2rem}
+
+  .text-lg{font-size:1.125rem}
+  .text-gray-500{--text-opacity:1;color:#a0aec0;color:rgba(160,174,192,var(--text-opacity))}
+  .uppercase{text-transform:uppercase}
+  .antialiased{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}
+  .tracking-wider{letter-spacing:.05em}
+
+  @media (min-width:640px){
+    .sm\:items-center{align-items:center}
+    .sm\:justify-start{justify-content:flex-start}
+    .sm\:px-6{padding-left:1.5rem;padding-right:1.5rem}
+    .sm\:pt-0{padding-top:0}
+  }
+  @media (min-width:1024px){
+    .lg\:px-8{padding-left:2rem;padding-right:2rem}
+  }
+  @media (prefers-color-scheme:dark){
+    .dark\:bg-gray-900{--bg-opacity:1;background-color:#1a202c;background-color:rgba(26,32,44,var(--bg-opacity))}
+    .dark\:text-gray-400{--text-opacity:1;color:#cbd5e0;color:rgba(203,213,224,var(--text-opacity))}
+  }
+
+</style>
+
+<template>
+  <main class="antialiased">
+    <div class="relative flex items-top justify-center min-h-screen bg-gray-100 dark:bg-gray-900 dark:text-gray-400 sm:items-center sm:pt-0">
+      <div class="max-w-xl mx-auto sm:px-6 lg:px-8">
+        <div class="flex items-center pt-8 sm:justify-start sm:pt-0">
+          <div class="px-4 text-lg text-gray-500 border-r border-gray-400 tracking-wider">
+            {{ status }}
+          </div>
+
+          <div class="ml-4 text-lg text-gray-500 uppercase tracking-wider">
+            {{ title }}
+          </div>
+        </div>
+        <div class="flex items-center pt-8 sm:justify-start sm:pt-0">
+          <div class="px-4 pt-8 text-gray-500">
+            {{ description }}
+          </div>
+        </div>
+      </div>
+    </div>
+  </main>
+</template>
+
+<script>
+export default {
+  props: {
+    status: {
+      type: Number,
+      default: 0,
+    },
+  },
+  computed: {
+    title() {
+      return this.$t(`errors.error_${this.status}`);
+    },
+    description() {
+      return this.$t(`errors.message_${this.status}`);
+    },
+  },
+};
+</script>
diff --git a/resources/js/Shared/Errors.vue b/resources/js/Shared/Errors.vue
index d0c2c2a65..7d30c79d9 100644
--- a/resources/js/Shared/Errors.vue
+++ b/resources/js/Shared/Errors.vue
@@ -8,8 +8,11 @@
 
 <template>
   <div>
-    <div v-if="dataerror || exception" class="border-red ba br3 pa3" v-bind="$attrs">
+    <div v-if="dataerror || exception || $page.props.flash.message" class="border-red ba br3 pa3" v-bind="$attrs">
       <p class="mv0 fw6">{{ $t('app.error_title') }}</p>
+      <p v-if="$page.props.flash.message" class="mb0">
+        {{ $page.props.flash.message }}
+      </p>
       <template v-if="dataerror">
         <p v-if="flatten[0] != 'The given data was invalid.'" class="mb0">
           {{ flatten[0] }}
diff --git a/resources/lang/en/errors.php b/resources/lang/en/errors.php
new file mode 100644
index 000000000..730481c1f
--- /dev/null
+++ b/resources/lang/en/errors.php
@@ -0,0 +1,21 @@
+<?php
+
+return [
+
+    'error_401' => 'Unauthorized',
+    'error_404' => 'Page Not Found',
+    'error_403' => 'Forbidden',
+    'error_419' => 'Page Expired',
+    'error_429' => 'Too Many Requests',
+    'error_500' => 'Server Error',
+    'error_503' => 'Service Unavailable',
+
+    'message_401' => 'You are not authorized to see this page, you fool.',
+    'message_404' => 'Sorry, the page you are looking for could not be found.',
+    'message_403' => 'Sorry, you are forbidden from accessing this page.',
+    'message_419' => 'The page expired, please try again.',
+    'message_429' => 'Too many requests, please calm down.',
+    'message_500' => 'Whoops, something went wrong on our servers.',
+    'message_503' => 'Sorry, we are doing some maintenance. Please check back soon.',
+
+];