feat: added login via magic-link

Author: syntaxlexx

_ide_helper.php

@@ -4,7 +4,7 @@
 
 /**
  * A helper file for Laravel, to provide autocomplete information to your IDE
- * Generated for Laravel 10.7.1.
+ * Generated for Laravel 10.9.0.
  *
  * This file should not be included in your code, only analyzed by your IDE!
  *
@@ -9751,8 +9751,8 @@ public static function pool($callback)
                     /**
          * Start defining a series of piped processes.
          *
-         * @param callable $callback
-         * @return \Illuminate\Process\Pipe 
+         * @param callable|array $callback
+         * @return \Illuminate\Contracts\Process\ProcessResult 
          * @static 
          */ 
         public static function pipe($callback, $output = null)
@@ -18204,7 +18204,7 @@ class Str {
      * 
      *
      * @template TKey of array-key
-     * @template TValue
+     * @template-covariant TValue
      * @implements \ArrayAccess<TKey, TValue>
      * @implements \Illuminate\Support\Enumerable<TKey, TValue>
      */ 
@@ -19247,7 +19247,7 @@ public static function registerErrorHandler()
                     /**
          * 
          *
-         * @param \Spatie\FlareClient\FlareMiddleware\FlareMiddleware|array<FlareMiddleware>|\Spatie\FlareClient\class-string<FlareMiddleware> $middleware
+         * @param \Spatie\FlareClient\FlareMiddleware\FlareMiddleware|array<FlareMiddleware>|\Spatie\FlareClient\class-string<FlareMiddleware>|callable $middleware
          * @return \Spatie\FlareClient\Flare 
          * @static 
          */ 
@@ -21028,7 +21028,7 @@ public static function orWhereMorphRelation($relation, $types, $column, $operato
              * Add a morph-to relationship condition to the query.
              *
              * @param \Illuminate\Database\Eloquent\Relations\MorphTo|string $relation
-             * @param \Illuminate\Database\Eloquent\Model|string $model
+             * @param \Illuminate\Database\Eloquent\Model|string|null $model
              * @return \Illuminate\Database\Eloquent\Builder|static 
              * @static 
              */ 
@@ -21056,7 +21056,7 @@ public static function whereNotMorphedTo($relation, $model, $boolean = 'and')
              * Add a morph-to relationship condition to the query with an "or where" clause.
              *
              * @param \Illuminate\Database\Eloquent\Relations\MorphTo|string $relation
-             * @param \Illuminate\Database\Eloquent\Model|string $model
+             * @param \Illuminate\Database\Eloquent\Model|string|null $model
              * @return \Illuminate\Database\Eloquent\Builder|static 
              * @static 
              */ 

_ide_helper_actions.php

@@ -1,17 +1,15 @@
 <?php
 
-namespace App\Actions\Admin\CMS;
+namespace App\Actions\Admin\Cms;
 
 /**
  */
-class ContactMessagesDelete
+class ContactMessages
 {
 }
-namespace App\Actions\Admin\Cms;
-
 /**
  */
-class ContactMessages
+class ContactMessagesDelete
 {
 }
 namespace App\Actions\Admin;
@@ -57,26 +55,19 @@ class Logout
 class Register
 {
 }
-namespace App\Actions\Auth\Pages;
-
-/**
- */
-class ForgotPassword
-{
-}
 /**
  */
-class Login
+class RequestPasswordReset
 {
 }
 /**
  */
-class Register
+class ResetPassword
 {
 }
 /**
  */
-class ResetPassword
+class VerifyLogin
 {
 }
 namespace App\Actions\Frontend;

app/Actions/Auth/Login.php

@@ -85,8 +85,6 @@ public function asController(Request $request)
             'device_name' => $deviceName,
         ], $user));
 
-        $deviceName = $request->device_name ?? $user->name . ' device';
-
         if($request->wantsJson())
         {
             // specifically target mobile devices - LARAVEL SANCTUM

app/Actions/Auth/LoginLinkSent.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Actions\Auth;
+
+use App\Traits\CustomControllerResponsesTrait;
+use App\Traits\ThemesTrait;
+use Illuminate\Http\Request;
+use Lorisleiva\Actions\Concerns\AsAction;
+
+class LoginLinkSent
+{
+    use AsAction;
+    use ThemesTrait;
+    use CustomControllerResponsesTrait;
+
+    public function asController(Request $request)
+    {
+        return $this->generatePage('login-link-sent', 'Auth/LoginLinkSent');
+    }
+}

app/Actions/Auth/LoginViaMagicLink.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Actions\Auth;
+
+use App\Events\CRUDErrorOccurred;
+use App\Models\User;
+use App\Traits\CustomControllerResponsesTrait;
+use App\Traits\ThemesTrait;
+use Exception;
+use Illuminate\Http\Request;
+use Lorisleiva\Actions\Concerns\AsAction;
+
+class LoginViaMagicLink
+{
+    use AsAction;
+    use ThemesTrait;
+    use CustomControllerResponsesTrait;
+
+    public function asController(Request $request)
+    {
+        $request->validate([
+            'email' => 'required|email'
+        ]);
+
+        $user = User::where('email', $request->email)->first();
+
+        if ($user) {
+            try {
+                $user->sendLoginLink();
+            } catch (Exception $e) {
+                ddOnError($e);
+
+                event(new CRUDErrorOccurred($e->getMessage()));
+
+                return $this->respError(trans('An error occurred while sending the login link'));
+            }
+        }
+
+        return redirect()->route('login-link-sent')
+            ->withSuccess(trans('We have sent a magic link to the email. If the account exists, you shall receive an email.'));
+    }
+}

app/Actions/Auth/VerifyLogin.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Actions\Auth;
+
+use App\Events\UserLoggedIn;
+use App\Models\LoginToken;
+use App\Traits\CustomControllerResponsesTrait;
+use App\Traits\ThemesTrait;
+use Auth;
+use Illuminate\Http\Request;
+use Lorisleiva\Actions\Concerns\AsAction;
+
+class VerifyLogin
+{
+    use AsAction;
+    use ThemesTrait;
+    use CustomControllerResponsesTrait;
+
+    public function asController(Request $request, $token)
+    {
+        $token = LoginToken::whereToken(md5($token))->firstOrFail();
+
+        abort_unless($request->hasValidSignature() && $token->isValid(), 401);
+
+        $token->consume();
+
+        $user = $token->user;
+
+        // verify is user is active, + other checks
+        if (!$user->canLogin()) {
+            return redirect()->route('login')->withErrors([
+                'username' => [trans('auth.account_not_active')],
+            ]);
+        }
+
+        Auth::login($user);
+
+        $deviceName = $request->device_name ?? $user->name . ' web device';
+
+        event(new UserLoggedIn([
+            'ip' => $request->ip(),
+            'user_agent' => $request->header('User-Agent'),
+            'referer' => $request->header('Referer'),
+            'host' => $request->header('Host'),
+            'url' => $request->root(),
+            'device_name' => $deviceName,
+        ], $user));
+
+        $request->session()->regenerate();
+
+        if ($user->isAdmin || $user->isSudo) {
+            return redirect()->route('admin.dashboard');
+        }
+
+        return redirect()->route('user.dashboard');
+    }
+}

app/Mail/MagicLoginLink.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace App\Mail;
+
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\URL;
+use Log;
+
+class MagicLoginLink extends Mailable implements ShouldQueue
+{
+    use Queueable, SerializesModels;
+
+    public $plaintextToken;
+    public $expiresAt;
+
+    /**
+     * Create a new message instance.
+     */
+    public function __construct($plaintextToken, $expiresAt)
+    {
+        $this->plaintextToken = $plaintextToken;
+        $this->expiresAt = $expiresAt;
+
+        Log::info('Login token: ' . $this->plaintextToken . ', expiry: ' . $this->expiresAt);
+    }
+
+    /**
+     * Get the message envelope.
+     */
+    public function envelope(): Envelope
+    {
+        return new Envelope(
+            subject: config('app.name') . ' Login Verification',
+        );
+    }
+
+    /**
+     * Get the message content definition.
+     */
+    public function content(): Content
+    {
+        return new Content(
+            markdown: 'emails.magic-login-link',
+            with: [
+                'url' => URL::temporarySignedRoute('verify-login', $this->expiresAt, [
+                    'token' => $this->plaintextToken,
+                ]),
+            ],
+        );
+    }
+
+    /**
+     * Get the attachments for the message.
+     *
+     * @return array<int, \Illuminate\Mail\Mailables\Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+}

app/Models/LoginToken.php

@@ -0,0 +1,50 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+
+class LoginToken extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'user_id',
+        'token',
+        'consumed_at',
+        'expires_at',
+    ];
+
+    protected $casts = [
+        'expires_at' => 'datetime',
+        'consumed_at' => 'datetime',
+    ];
+
+    public function user(): BelongsTo
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function isValid() : bool
+    {
+        return !$this->isExpired() && !$this->isConsumed();
+    }
+
+    public function isExpired() : bool
+    {
+        return $this->expires_at->isBefore(now());
+    }
+
+    public function isConsumed() : bool
+    {
+        return $this->consumed_at !== null;
+    }
+
+    public function consume() : void
+    {
+        $this->consumed_at = now();
+        $this->save();
+    }
+}