⚝
One Hat Cyber Team
⚝
Your IP:
172.22.0.1
Server IP:
151.80.20.34
Server:
Linux 794f04d97d5e 5.15.0-143-generic #153-Ubuntu SMP Fri Jun 13 19:10:45 UTC 2025 x86_64
Server Software:
Apache/2.4.62 (Debian)
PHP Version:
8.2.28
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
var
/
www
/
html
/
app
/
Http
/
Controllers
/
Auth
/
View File Name :
AuthenticatedSessionController.php
<?php namespace App\Http\Controllers\Auth; use App\Models\Customer; use App\Models\LoginDetail; use App\Models\Plan; use App\Models\Vender; use App\Models\Utility; use App\Models\User; use Carbon\Carbon; use App\Http\Controllers\Controller; use App\Http\Requests\Auth\LoginRequest; use App\Providers\RouteServiceProvider; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Mail; use DateTime; class AuthenticatedSessionController extends Controller { /** * Display the login view. * * @return \Illuminate\View\View */ public function __construct() { if(!file_exists(storage_path() . "/installed")) { header('location:install'); die; } // $this->middleware('guest')->except('logout'); } public function create() { // return view('auth.login'); } /** * Handle an incoming authentication request. * * @param \App\Http\Requests\Auth\LoginRequest $request * * @return \Illuminate\Http\RedirectResponse */ // protected function authenticated(Request $request) // { // $user = Auth::user(); // if($user->delete_status == 0) // { // auth()->logout(); // } // if($user->is_active == 0) // { // auth()->logout(); // } // } public function store(LoginRequest $request) { $user = User::where('email',$request->email)->first(); if($user != null) { $companyUser = User::where('id' , $user->created_by)->first(); } if($user != null && $user->is_disable == 0 && $user->type != 'company' && $user->type != 'super admin') { return redirect()->back()->with('status', __('Your Account is disable,please contact your Administrator.')); } if(($user != null && $user->is_enable_login == 0 || (isset($companyUser) && $companyUser != null) && $companyUser->is_enable_login == 0) && $user->type != 'super admin') { return redirect()->back()->with('status', __('Your Account is disable from company.')); } $settings = Utility::settings(); //ReCpatcha if(isset($settings['recaptcha_module']) && $settings['recaptcha_module'] == 'on') { $validation['g-recaptcha-response'] = 'required|captcha'; }else{ $validation = []; } $this->validate($request, $validation); $request->authenticate(); $request->session()->regenerate(); $user = Auth::user(); $companyUser = User::find($user->created_by); $status = $companyUser ? $companyUser->delete_status : 1; if($user->delete_status == 0 || $status == 0) { auth()->logout(); return redirect()->back()->with('status', __('Your Account is deleted by admin,please contact your Administrator.')); } if($user->is_active == 0) { auth()->logout(); } $user = \Auth::user(); if($user->type == 'company') { $plan = Plan::find($user->plan); if($plan) { if($plan->duration != 'lifetime') { $datetime1 = new \DateTime($user->plan_expire_date); $datetime2 = new \DateTime(date('Y-m-d')); // $interval = $datetime1->diff($datetime2); $interval = $datetime2->diff($datetime1); $days = $interval->format('%r%a'); if($days <= 0) { $user->assignPlan(1); return redirect()->intended(RouteServiceProvider::HOME)->with('error', __('Your Plan is expired.')); } } if($user->trial_expire_date != null) { if(\Auth::user()->trial_expire_date < date('Y-m-d')) { $user->assignPlan(1); return redirect()->intended(RouteServiceProvider::HOME)->with('error', __('Your Trial plan Expired.')); } } } } $setting = Utility::settingsById($user->creatorId()); $timezone = $setting['timezone'] ? $setting['timezone'] : 'UTC'; date_default_timezone_set($timezone); // Update Last Login Time $user->update( [ 'last_login_at' => Carbon::now()->toDateTimeString(), ] ); //start for user log if($user->type != 'company' && $user->type != 'super admin') { // $ip = '49.36.83.154'; // This is static ip address $ip = $_SERVER['REMOTE_ADDR']; // your ip address here $query = @unserialize(file_get_contents('http://ip-api.com/php/' . $ip)); $whichbrowser = new \WhichBrowser\Parser($_SERVER['HTTP_USER_AGENT']); if ($whichbrowser->device->type == 'bot') { return; } $referrer = isset($_SERVER['HTTP_REFERER']) ? parse_url($_SERVER['HTTP_REFERER']) : null; /* Detect extra details about the user */ $query['browser_name'] = $whichbrowser->browser->name ?? null; $query['os_name'] = $whichbrowser->os->name ?? null; $query['browser_language'] = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? mb_substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : null; $query['device_type'] = get_device_type($_SERVER['HTTP_USER_AGENT']); $query['referrer_host'] = !empty($referrer['host']); $query['referrer_path'] = !empty($referrer['path']); isset($query['timezone'])?date_default_timezone_set($query['timezone']):''; $json = json_encode($query); $login_detail = new LoginDetail(); $login_detail->user_id = Auth::user()->id; $login_detail->ip = $ip; $login_detail->date = date('Y-m-d H:i:s'); $login_detail->Details = $json; $login_detail->created_by = \Auth::user()->creatorId(); $login_detail->save(); } //end for user log // if($user->type =='employee') if($user->type =='company' || $user->type =='super admin' || $user->type =='client') { return redirect()->intended(RouteServiceProvider::HOME); } else { return redirect()->intended(RouteServiceProvider::EMPHOME); } } /** * Destroy an authenticated session. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\RedirectResponse */ public function destroy(Request $request) { Auth::guard('web')->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); return redirect('/'); } public function showCustomerLoginForm($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.customer_login', compact('lang')); } public function customerLogin(Request $request) { $this->validate( $request, [ 'email' => 'required|email', 'password' => 'required|min:6', ] ); if(\Auth::guard('customer')->attempt( [ 'email' => $request->email, 'password' => $request->password, ], $request->get('remember') )) { if(\Auth::guard('customer')->user()->is_active == 0) { \Auth::guard('customer')->logout(); } $user = \Auth::guard('customer')->user(); $user->update( [ 'last_login_at' => Carbon::now()->toDateTimeString(), ] ); return redirect()->route('customer.dashboard'); } return $this->sendFailedLoginResponse(0); } public function showVenderLoginForm($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.vender_login', compact('lang')); } public function venderLogin(Request $request) { $this->validate( $request, [ 'email' => 'required|email', 'password' => 'required|min:6', ] ); if(\Auth::guard('vender')->attempt( [ 'email' => $request->email, 'password' => $request->password, ], $request->get('remember') )) { if(\Auth::guard('vender')->user()->is_active == 0) { \Auth::guard('vender')->logout(); } $user = \Auth::guard('vender')->user(); $user->update( [ 'last_login_at' => Carbon::now()->toDateTimeString(), ] ); return redirect()->route('vender.dashboard'); } return $this->sendFailedLoginResponse($request); } public function showLoginForm($lang = '') { $langList = Utility::languages()->toArray(); $lang = array_key_exists($lang, $langList) ? $lang : 'en'; if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); $settings = Utility::settings(); return view('auth.login', compact('lang','settings')); } public function showLinkRequestForm($lang = '') { $langList = Utility::languages()->toArray(); $lang = array_key_exists($lang, $langList) ? $lang : 'en'; if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.forgot-password', compact('lang')); } public function showCustomerLoginLang($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.customer_login', compact('lang')); } public function showVenderLoginLang($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.vender_login', compact('lang')); } // ---------------------------------Customer ----------------------------------_ public function showCustomerLinkRequestForm($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.passwords.customerEmail', compact('lang')); } public function postCustomerEmail(Request $request) { $request->validate( [ 'email' => 'required|email|exists:customers', ] ); $token = \Str::random(60); DB::table('password_resets')->insert( [ 'email' => $request->email, 'token' => $token, 'created_at' => Carbon::now(), ] ); Mail::send( 'auth.customerVerify', ['token' => $token], function ($message) use ($request){ $message->from(env('MAIL_USERNAME'), env('MAIL_FROM_NAME')); $message->to($request->email); $message->subject('Reset Password Notification'); } ); return back()->with('status', 'We have e-mailed your password reset link!'); } public function showResetForm(Request $request, $token = null) { $default_language = DB::table('settings')->select('value')->where('name', 'default_language')->first(); $lang = !empty($default_language) ? $default_language->value : 'en'; \App::setLocale($lang); return view('auth.passwords.reset')->with( [ 'token' => $token, 'email' => $request->email, 'lang' => $lang, ] ); } public function getCustomerPassword($token) { return view('auth.passwords.customerReset', ['token' => $token]); } public function updateCustomerPassword(Request $request) { $request->validate( [ 'email' => 'required|email|exists:customers', 'password' => 'required|string|min:6|confirmed', 'password_confirmation' => 'required', ] ); $updatePassword = DB::table('password_resets')->where( [ 'email' => $request->email, 'token' => $request->token, ] )->first(); if(!$updatePassword) { return back()->withInput()->with('error', 'Invalid token!'); } $user = Customer::where('email', $request->email)->update(['password' => Hash::make($request->password)]); DB::table('password_resets')->where(['email' => $request->email])->delete(); return redirect('/login')->with('message', 'Your password has been changed.'); } // ----------------------------Vendor---------------------------------------------------- public function showVendorLinkRequestForm($lang = '') { if($lang == '') { $lang = Utility::getValByName('default_language'); } \App::setLocale($lang); return view('auth.passwords.vendorEmail', compact('lang')); } public function postVendorEmail(Request $request) { $request->validate( [ 'email' => 'required|email|exists:venders', ] ); $token = \Str::random(60); DB::table('password_resets')->insert( [ 'email' => $request->email, 'token' => $token, 'created_at' => Carbon::now(), ] ); Mail::send( 'auth.vendorVerify', ['token' => $token], function ($message) use ($request){ $message->from(env('MAIL_USERNAME'), env('MAIL_FROM_NAME')); $message->to($request->email); $message->subject('Reset Password Notification'); } ); return back()->with('status', 'We have e-mailed your password reset link!'); } public function getVendorPassword($token) { return view('auth.passwords.vendorReset', ['token' => $token]); } public function updateVendorPassword(Request $request) { $request->validate( [ 'email' => 'required|email|exists:venders', 'password' => 'required|string|min:6|confirmed', 'password_confirmation' => 'required', ] ); $updatePassword = DB::table('password_resets')->where( [ 'email' => $request->email, 'token' => $request->token, ] )->first(); if(!$updatePassword) { return back()->withInput()->with('error', 'Invalid token!'); } $user = Vender::where('email', $request->email)->update(['password' => Hash::make($request->password)]); DB::table('password_resets')->where(['email' => $request->email])->delete(); return redirect('/login')->with('message', 'Your password has been changed.'); } } //for user log if (!function_exists('get_device_type')) { function get_device_type($user_agent) { $mobile_regex = '/(?:phone|windows\s+phone|ipod|blackberry|(?:android|bb\d+|meego|silk|googlebot) .+? mobile|palm|windows\s+ce|opera mini|avantgo|mobilesafari|docomo)/i'; $tablet_regex = '/(?:ipad|playbook|(?:android|bb\d+|meego|silk)(?! .+? mobile))/i'; if (preg_match_all($mobile_regex, $user_agent)) { return 'mobile'; } else { if (preg_match_all($tablet_regex, $user_agent)) { return 'tablet'; } else { return 'desktop'; } } } }