From b4e20b79fbd9447f614dc67c75ae83ae472a500a Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 13:38:28 +0100 Subject: [PATCH 1/9] #84 - fix remembering user --- .../Http/Controllers/GoogleController.php | 5 +++- ...927_add_password_column_in_users_table.php | 23 +++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 database/migrations/2022_03_21_135927_add_password_column_in_users_table.php diff --git a/app/Infrastructure/Http/Controllers/GoogleController.php b/app/Infrastructure/Http/Controllers/GoogleController.php index 6f15e8d..b5e2618 100644 --- a/app/Infrastructure/Http/Controllers/GoogleController.php +++ b/app/Infrastructure/Http/Controllers/GoogleController.php @@ -5,7 +5,9 @@ declare(strict_types=1); namespace Toby\Infrastructure\Http\Controllers; use Illuminate\Contracts\Auth\Factory as AuthFactory; +use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Database\Eloquent\ModelNotFoundException; +use Illuminate\Support\Str; use Laravel\Socialite\SocialiteManager; use Symfony\Component\HttpFoundation\RedirectResponse; use Toby\Eloquent\Models\User; @@ -17,7 +19,7 @@ class GoogleController extends Controller return $socialiteManager->driver("google")->redirect(); } - public function callback(AuthFactory $auth, SocialiteManager $socialiteManager): RedirectResponse + public function callback(AuthFactory $auth, SocialiteManager $socialiteManager, Hasher $hash): RedirectResponse { $socialUser = $socialiteManager->driver("google")->user(); @@ -34,6 +36,7 @@ class GoogleController extends Controller ]); } + $user->update(["password" => $hash->make(Str::random(40))]); $auth->guard()->login($user, true); return redirect()->route("dashboard"); diff --git a/database/migrations/2022_03_21_135927_add_password_column_in_users_table.php b/database/migrations/2022_03_21_135927_add_password_column_in_users_table.php new file mode 100644 index 0000000..7dbd238 --- /dev/null +++ b/database/migrations/2022_03_21_135927_add_password_column_in_users_table.php @@ -0,0 +1,23 @@ +string("password")->nullable(); + }); + } + + public function down(): void + { + Schema::table("users", function (Blueprint $table): void { + $table->dropColumn("password"); + }); + } +}; -- 2.52.0 From d21c1e39487414aad69af123d93b97328640b9a5 Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 13:41:08 +0100 Subject: [PATCH 2/9] #84 - ecs fix --- app/Infrastructure/Http/Controllers/GoogleController.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/Infrastructure/Http/Controllers/GoogleController.php b/app/Infrastructure/Http/Controllers/GoogleController.php index b5e2618..65c8395 100644 --- a/app/Infrastructure/Http/Controllers/GoogleController.php +++ b/app/Infrastructure/Http/Controllers/GoogleController.php @@ -36,7 +36,9 @@ class GoogleController extends Controller ]); } - $user->update(["password" => $hash->make(Str::random(40))]); + $user->update([ + "password" => $hash->make(Str::random(40)), + ]); $auth->guard()->login($user, true); return redirect()->route("dashboard"); -- 2.52.0 From bb244a993aa0e96f7e7ca112704c86773fc7512e Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 13:42:59 +0100 Subject: [PATCH 3/9] #84 - fix --- app/Infrastructure/Http/Controllers/LogoutController.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Infrastructure/Http/Controllers/LogoutController.php b/app/Infrastructure/Http/Controllers/LogoutController.php index 581b4a6..6ab0519 100644 --- a/app/Infrastructure/Http/Controllers/LogoutController.php +++ b/app/Infrastructure/Http/Controllers/LogoutController.php @@ -14,6 +14,10 @@ class LogoutController extends Controller { Auth::logout(); + $request->user()->update([ + "password" => null, + ]); + $request->session()->invalidate(); $request->session()->regenerateToken(); -- 2.52.0 From dafc17b14c0f06cf976b953055d86658802577fd Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 13:44:59 +0100 Subject: [PATCH 4/9] #84 - fix test --- app/Infrastructure/Http/Controllers/LogoutController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Infrastructure/Http/Controllers/LogoutController.php b/app/Infrastructure/Http/Controllers/LogoutController.php index 6ab0519..937c2f9 100644 --- a/app/Infrastructure/Http/Controllers/LogoutController.php +++ b/app/Infrastructure/Http/Controllers/LogoutController.php @@ -12,12 +12,12 @@ class LogoutController extends Controller { public function __invoke(Request $request): RedirectResponse { - Auth::logout(); - $request->user()->update([ "password" => null, ]); + Auth::logout(); + $request->session()->invalidate(); $request->session()->regenerateToken(); -- 2.52.0 From c5dffa60e98723750aef7855b910df98fbdb971a Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 13:53:33 +0100 Subject: [PATCH 5/9] #84 - wip --- app/Eloquent/Observers/UserObserver.php | 7 +++++++ app/Infrastructure/Http/Controllers/GoogleController.php | 4 ---- app/Infrastructure/Http/Controllers/LogoutController.php | 4 ---- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/app/Eloquent/Observers/UserObserver.php b/app/Eloquent/Observers/UserObserver.php index 6921550..c69f790 100644 --- a/app/Eloquent/Observers/UserObserver.php +++ b/app/Eloquent/Observers/UserObserver.php @@ -4,11 +4,18 @@ declare(strict_types=1); namespace Toby\Eloquent\Observers; +use Illuminate\Support\Facades\Hash; +use Illuminate\Support\Str; use Toby\Eloquent\Models\User; use Toby\Eloquent\Models\YearPeriod; class UserObserver { + public function creating(User $user): void + { + $user->password = Hash::make(Str::random(40)); + } + public function created(User $user): void { $yearPeriods = YearPeriod::all(); diff --git a/app/Infrastructure/Http/Controllers/GoogleController.php b/app/Infrastructure/Http/Controllers/GoogleController.php index 65c8395..a24a956 100644 --- a/app/Infrastructure/Http/Controllers/GoogleController.php +++ b/app/Infrastructure/Http/Controllers/GoogleController.php @@ -7,7 +7,6 @@ namespace Toby\Infrastructure\Http\Controllers; use Illuminate\Contracts\Auth\Factory as AuthFactory; use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Database\Eloquent\ModelNotFoundException; -use Illuminate\Support\Str; use Laravel\Socialite\SocialiteManager; use Symfony\Component\HttpFoundation\RedirectResponse; use Toby\Eloquent\Models\User; @@ -36,9 +35,6 @@ class GoogleController extends Controller ]); } - $user->update([ - "password" => $hash->make(Str::random(40)), - ]); $auth->guard()->login($user, true); return redirect()->route("dashboard"); diff --git a/app/Infrastructure/Http/Controllers/LogoutController.php b/app/Infrastructure/Http/Controllers/LogoutController.php index 937c2f9..581b4a6 100644 --- a/app/Infrastructure/Http/Controllers/LogoutController.php +++ b/app/Infrastructure/Http/Controllers/LogoutController.php @@ -12,10 +12,6 @@ class LogoutController extends Controller { public function __invoke(Request $request): RedirectResponse { - $request->user()->update([ - "password" => null, - ]); - Auth::logout(); $request->session()->invalidate(); -- 2.52.0 From 8f9e006eac9b20fce57fe50a6aedb971b5971ba3 Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 14:10:57 +0100 Subject: [PATCH 6/9] #84 - add comment to observer --- app/Eloquent/Observers/UserObserver.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Eloquent/Observers/UserObserver.php b/app/Eloquent/Observers/UserObserver.php index c69f790..1d9d5e1 100644 --- a/app/Eloquent/Observers/UserObserver.php +++ b/app/Eloquent/Observers/UserObserver.php @@ -13,6 +13,10 @@ class UserObserver { public function creating(User $user): void { + /** + * A random password for user is generated because AuthenticateSession middleware needs a user's password + * for some checks. Users use Google to login, so they don't need to know the password (GitHub issue #84) + */ $user->password = Hash::make(Str::random(40)); } -- 2.52.0 From 2ba066e91b8d548895892e64e667049e9b3d2b49 Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 14:28:25 +0100 Subject: [PATCH 7/9] #84 - cr fix --- app/Infrastructure/Http/Controllers/GoogleController.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/Infrastructure/Http/Controllers/GoogleController.php b/app/Infrastructure/Http/Controllers/GoogleController.php index a24a956..6f15e8d 100644 --- a/app/Infrastructure/Http/Controllers/GoogleController.php +++ b/app/Infrastructure/Http/Controllers/GoogleController.php @@ -5,7 +5,6 @@ declare(strict_types=1); namespace Toby\Infrastructure\Http\Controllers; use Illuminate\Contracts\Auth\Factory as AuthFactory; -use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Database\Eloquent\ModelNotFoundException; use Laravel\Socialite\SocialiteManager; use Symfony\Component\HttpFoundation\RedirectResponse; @@ -18,7 +17,7 @@ class GoogleController extends Controller return $socialiteManager->driver("google")->redirect(); } - public function callback(AuthFactory $auth, SocialiteManager $socialiteManager, Hasher $hash): RedirectResponse + public function callback(AuthFactory $auth, SocialiteManager $socialiteManager): RedirectResponse { $socialUser = $socialiteManager->driver("google")->user(); -- 2.52.0 From fff8bd493a8926d5aa37f41b52542cd2acb833c2 Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 14:31:47 +0100 Subject: [PATCH 8/9] Apply suggestions from code review Co-authored-by: Krzysztof Rewak --- app/Infrastructure/Http/Controllers/GoogleController.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/Infrastructure/Http/Controllers/GoogleController.php b/app/Infrastructure/Http/Controllers/GoogleController.php index a24a956..6f15e8d 100644 --- a/app/Infrastructure/Http/Controllers/GoogleController.php +++ b/app/Infrastructure/Http/Controllers/GoogleController.php @@ -5,7 +5,6 @@ declare(strict_types=1); namespace Toby\Infrastructure\Http\Controllers; use Illuminate\Contracts\Auth\Factory as AuthFactory; -use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Database\Eloquent\ModelNotFoundException; use Laravel\Socialite\SocialiteManager; use Symfony\Component\HttpFoundation\RedirectResponse; @@ -18,7 +17,7 @@ class GoogleController extends Controller return $socialiteManager->driver("google")->redirect(); } - public function callback(AuthFactory $auth, SocialiteManager $socialiteManager, Hasher $hash): RedirectResponse + public function callback(AuthFactory $auth, SocialiteManager $socialiteManager): RedirectResponse { $socialUser = $socialiteManager->driver("google")->user(); -- 2.52.0 From 7473f7aaf1a2dccedb67db41d74323f9127a736f Mon Sep 17 00:00:00 2001 From: Adrian Hopek Date: Mon, 21 Mar 2022 14:33:45 +0100 Subject: [PATCH 9/9] #84 - cr fix --- app/Eloquent/Observers/UserObserver.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/Eloquent/Observers/UserObserver.php b/app/Eloquent/Observers/UserObserver.php index 1d9d5e1..b241609 100644 --- a/app/Eloquent/Observers/UserObserver.php +++ b/app/Eloquent/Observers/UserObserver.php @@ -4,20 +4,24 @@ declare(strict_types=1); namespace Toby\Eloquent\Observers; -use Illuminate\Support\Facades\Hash; +use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Support\Str; use Toby\Eloquent\Models\User; use Toby\Eloquent\Models\YearPeriod; class UserObserver { + public function __construct( + protected Hasher $hash, + ) {} + public function creating(User $user): void { /** * A random password for user is generated because AuthenticateSession middleware needs a user's password * for some checks. Users use Google to login, so they don't need to know the password (GitHub issue #84) */ - $user->password = Hash::make(Str::random(40)); + $user->password = $this->hash->make(Str::random(40)); } public function created(User $user): void -- 2.52.0