improved tenant identification

2021-04-16 00:59:43 +03:00
parent 9635e6be5d
commit 2b07442260
126 changed files with 1719 additions and 999 deletions
--- a/app/Http/Controllers/Auth/Login.php
+++ b/app/Http/Controllers/Auth/Login.php
@ -37,16 +37,14 @@ class Login extends Controller
    {
        // Attempt to login
        if (!auth()->attempt($request->only('email', 'password'), $request->get('remember', false))) {
-            $response = [
+            return response()->json([
                'status' => null,
                'success' => false,
                'error' => true,
                'message' => trans('auth.failed'),
                'data' => null,
                'redirect' => null,
-            ];
-
-            return response()->json($response);
+            ]);
        }

        // Get user object
@ -56,49 +54,64 @@ class Login extends Controller
        if (!$user->enabled) {
            $this->logout();

-            $response = [
+            return response()->json([
                'status' => null,
                'success' => false,
                'error' => true,
                'message' => trans('auth.disabled'),
                'data' => null,
                'redirect' => null,
-            ];
-
-            return response()->json($response);
+            ]);
        }

-        // Check if is customer
-        if ($user->can('read-client-portal')) {
-            $path = session('url.intended', 'portal');
+        $company = $user->withoutEvents(function () use ($user) {
+            return $user->companies()->enabled()->first();
+        });

-            // Path must start with 'portal' prefix
-            if (!Str::startsWith($path, 'portal')) {
-                $path = 'portal';
+        // Logout if no company assigned
+        if (!$company) {
+            $this->logout();
+
+            return response()->json([
+                'status' => null,
+                'success' => false,
+                'error' => true,
+                'message' => trans('auth.error.no_company'),
+                'data' => null,
+                'redirect' => null,
+            ]);
+        }
+
+        // Redirect to portal if is customer
+        if ($user->can('read-client-portal')) {
+            $path = session('url.intended', '');
+
+            // Path must start with company id and 'portal' prefix
+            if (!Str::startsWith($path, $company->id . '/portal')) {
+                $path = route('portal.dashboard', ['company_id' => $company->id]);
            }

-            $response = [
+            return response()->json([
                'status' => null,
                'success' => true,
                'error' => false,
                'message' => null,
                'data' => null,
                'redirect' => url($path),
-            ];
-
-            return response()->json($response);
+            ]);
        }

-        $response = [
+        // Redirect to landing page if is user
+        $url = route($user->landing_page, ['company_id' => $company->id]);
+
+        return response()->json([
            'status' => null,
            'success' => true,
            'error' => false,
            'message' => null,
            'data' => null,
-            'redirect' => redirect()->intended(route($user->landing_page))->getTargetUrl(),
-        ];
-
-        return response()->json($response);
+            'redirect' => redirect()->intended($url)->getTargetUrl(),
+        ]);
    }

    public function destroy()