2019-05-20 07:37:41 +02:00
|
|
|
<?php
|
|
|
|
|
2021-12-02 13:15:53 +01:00
|
|
|
namespace App\Models;
|
2019-05-20 07:37:41 +02:00
|
|
|
|
2024-04-23 16:28:42 +02:00
|
|
|
use App\Models\Traits\HasAuthenticationLog;
|
2024-04-26 08:01:20 +02:00
|
|
|
use App\Models\Traits\WebAuthnManageCredentials;
|
2024-09-26 23:17:00 +02:00
|
|
|
use Database\Factories\UserFactory;
|
2024-01-29 08:53:46 +01:00
|
|
|
use Illuminate\Auth\Events\PasswordReset;
|
2020-03-06 15:07:09 +01:00
|
|
|
use Illuminate\Auth\Notifications\ResetPassword;
|
2024-04-15 21:20:36 +02:00
|
|
|
use Illuminate\Contracts\Translation\HasLocalePreference;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
2019-05-20 07:37:41 +02:00
|
|
|
use Illuminate\Foundation\Auth\User as Authenticatable;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Illuminate\Notifications\Notifiable;
|
2024-01-29 08:53:46 +01:00
|
|
|
use Illuminate\Support\Facades\Hash;
|
2024-01-26 18:14:02 +01:00
|
|
|
use Illuminate\Support\Str;
|
2022-11-14 17:13:24 +01:00
|
|
|
use Laragear\WebAuthn\WebAuthnAuthentication;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Laravel\Passport\HasApiTokens;
|
2019-05-20 07:37:41 +02:00
|
|
|
|
2023-03-02 15:24:57 +01:00
|
|
|
/**
|
|
|
|
* App\Models\User
|
|
|
|
*
|
|
|
|
* @property int $id
|
|
|
|
* @property string $name
|
|
|
|
* @property string $email
|
|
|
|
* @property \Illuminate\Support\Carbon|null $email_verified_at
|
|
|
|
* @property string $password
|
|
|
|
* @property string|null $remember_token
|
|
|
|
* @property \Illuminate\Support\Carbon|null $created_at
|
|
|
|
* @property \Illuminate\Support\Carbon|null $updated_at
|
|
|
|
* @property string|null $last_seen_at
|
|
|
|
* @property bool $is_admin
|
|
|
|
* @property \Illuminate\Support\Collection<array-key,array-value> $preferences
|
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection|\Laravel\Passport\Client[] $clients
|
|
|
|
* @property-read int|null $clients_count
|
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection|\App\Models\Group[] $groups
|
|
|
|
* @property-read int|null $groups_count
|
|
|
|
* @property-read \Illuminate\Notifications\DatabaseNotificationCollection|\Illuminate\Notifications\DatabaseNotification[] $notifications
|
|
|
|
* @property-read int|null $notifications_count
|
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection|\Laravel\Passport\Token[] $tokens
|
|
|
|
* @property-read int|null $tokens_count
|
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection|\App\Models\TwoFAccount[] $twofaccounts
|
|
|
|
* @property-read int|null $twofaccounts_count
|
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection|\Laragear\WebAuthn\Models\WebAuthnCredential[] $webAuthnCredentials
|
|
|
|
* @property-read int|null $web_authn_credentials_count
|
2024-04-20 18:10:30 +02:00
|
|
|
* @property string|null $oauth_id
|
|
|
|
* @property string|null $oauth_provider
|
2024-04-23 16:28:42 +02:00
|
|
|
* @property-read \Illuminate\Database\Eloquent\Collection<int, \App\Models\AuthLog> $authentications
|
2024-04-20 18:10:30 +02:00
|
|
|
* @property-read int|null $authentications_count
|
2024-04-23 16:28:42 +02:00
|
|
|
* @property-read \App\Models\AuthLog|null $latestAuthentication
|
2024-09-26 23:17:00 +02:00
|
|
|
*
|
2024-04-20 18:10:30 +02:00
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User admins()
|
2024-07-05 16:34:25 +02:00
|
|
|
* @method static \Database\Factories\UserFactory factory(...$parameters)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User newModelQuery()
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User newQuery()
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User query()
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereCreatedAt($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereEmail($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereEmailVerifiedAt($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereId($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereIsAdmin($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereLastSeenAt($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereName($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User wherePassword($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User wherePreferences($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereRememberToken($value)
|
|
|
|
* @method static \Illuminate\Database\Eloquent\Builder|User whereUpdatedAt($value)
|
2024-09-26 23:17:00 +02:00
|
|
|
*
|
2024-04-20 18:10:30 +02:00
|
|
|
* @mixin \Eloquent
|
2023-03-02 15:24:57 +01:00
|
|
|
*/
|
2024-04-15 21:20:36 +02:00
|
|
|
class User extends Authenticatable implements HasLocalePreference, WebAuthnAuthenticatable
|
2019-05-20 07:37:41 +02:00
|
|
|
{
|
2024-09-26 23:17:00 +02:00
|
|
|
use HasApiTokens, Notifiable;
|
2024-04-26 08:01:20 +02:00
|
|
|
use HasAuthenticationLog;
|
2024-09-26 23:50:01 +02:00
|
|
|
|
2024-09-26 23:17:00 +02:00
|
|
|
/**
|
|
|
|
* @use HasFactory<UserFactory>
|
|
|
|
*/
|
|
|
|
use HasFactory;
|
2024-09-26 23:50:01 +02:00
|
|
|
|
2023-12-20 16:55:58 +01:00
|
|
|
use WebAuthnAuthentication, WebAuthnManageCredentials;
|
2019-05-20 07:37:41 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* The attributes that are mass assignable.
|
|
|
|
*
|
2024-04-20 19:03:44 +02:00
|
|
|
* @var array<int,string>
|
2019-05-20 07:37:41 +02:00
|
|
|
*/
|
|
|
|
protected $fillable = [
|
2023-12-20 16:55:58 +01:00
|
|
|
'name', 'email', 'password', 'oauth_id', 'oauth_provider',
|
2019-05-20 07:37:41 +02:00
|
|
|
];
|
|
|
|
|
|
|
|
/**
|
2021-12-02 13:15:53 +01:00
|
|
|
* The attributes that should be hidden for serialization.
|
2019-05-20 07:37:41 +02:00
|
|
|
*
|
2022-11-14 17:13:24 +01:00
|
|
|
* @var array<int,string>
|
2019-05-20 07:37:41 +02:00
|
|
|
*/
|
|
|
|
protected $hidden = [
|
2022-11-14 17:13:24 +01:00
|
|
|
'password',
|
|
|
|
'remember_token',
|
2019-05-20 07:37:41 +02:00
|
|
|
];
|
|
|
|
|
|
|
|
/**
|
2021-12-02 13:15:53 +01:00
|
|
|
* The attributes that should be cast.
|
2019-05-20 07:37:41 +02:00
|
|
|
*
|
2022-11-14 17:13:24 +01:00
|
|
|
* @var array<string,string>
|
2019-05-20 07:37:41 +02:00
|
|
|
*/
|
|
|
|
protected $casts = [
|
2023-02-22 20:21:36 +01:00
|
|
|
'email_verified_at' => 'datetime',
|
2023-08-01 16:33:55 +02:00
|
|
|
'password' => 'hashed',
|
2023-02-22 20:21:36 +01:00
|
|
|
'is_admin' => 'boolean',
|
|
|
|
'twofaccounts_count' => 'integer',
|
2023-02-23 16:40:53 +01:00
|
|
|
'groups_count' => 'integer',
|
2019-05-20 07:37:41 +02:00
|
|
|
];
|
2023-03-10 22:59:46 +01:00
|
|
|
|
2024-04-09 14:41:26 +02:00
|
|
|
/**
|
2024-04-29 13:11:23 +02:00
|
|
|
* User exposed observable events.
|
2024-04-26 11:55:07 +02:00
|
|
|
*
|
2024-04-29 13:11:23 +02:00
|
|
|
* These are extra user-defined events observers may subscribe to.
|
|
|
|
*
|
|
|
|
* @var array
|
2024-04-09 14:41:26 +02:00
|
|
|
*/
|
2024-04-29 13:11:23 +02:00
|
|
|
protected $observables = ['demoting'];
|
2024-05-29 11:53:41 +02:00
|
|
|
|
2024-04-15 21:20:36 +02:00
|
|
|
/**
|
|
|
|
* Get the user's preferred locale.
|
|
|
|
*/
|
|
|
|
public function preferredLocale() : string
|
|
|
|
{
|
|
|
|
return strval($this->preferences['lang']);
|
|
|
|
}
|
|
|
|
|
2023-03-10 15:58:05 +01:00
|
|
|
/**
|
2023-03-10 22:59:46 +01:00
|
|
|
* Scope a query to only include admin users.
|
|
|
|
*
|
|
|
|
* @param \Illuminate\Database\Eloquent\Builder<User> $query
|
|
|
|
* @return \Illuminate\Database\Eloquent\Builder<User>
|
|
|
|
*/
|
|
|
|
public function scopeAdmins($query)
|
|
|
|
{
|
|
|
|
return $query->where('is_admin', true);
|
|
|
|
}
|
2020-01-14 23:43:17 +01:00
|
|
|
|
2024-01-26 18:14:02 +01:00
|
|
|
/**
|
|
|
|
* Determine if the user is an administrator.
|
|
|
|
*
|
2024-03-29 09:42:54 +01:00
|
|
|
* @return bool
|
2024-01-26 18:14:02 +01:00
|
|
|
*/
|
|
|
|
public function isAdministrator()
|
|
|
|
{
|
|
|
|
return $this->is_admin;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Grant administrator permissions to the user.
|
2024-04-09 14:41:26 +02:00
|
|
|
*/
|
2024-04-15 00:44:18 +02:00
|
|
|
public function promoteToAdministrator(bool $promote = true) : bool
|
2024-04-09 14:41:26 +02:00
|
|
|
{
|
2024-04-29 13:11:23 +02:00
|
|
|
$eventResult = $promote ? $this->fireModelEvent('promoting') : $this->fireModelEvent('demoting');
|
|
|
|
|
|
|
|
if ($promote == false && $eventResult === false) {
|
2024-04-09 14:41:26 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->is_admin = $promote;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Say if the user is the only registered administrator
|
2024-01-26 18:14:02 +01:00
|
|
|
*
|
2024-04-20 19:03:44 +02:00
|
|
|
* @return bool
|
2024-01-26 18:14:02 +01:00
|
|
|
*/
|
2024-04-09 14:41:26 +02:00
|
|
|
public function isLastAdministrator()
|
2024-01-26 18:14:02 +01:00
|
|
|
{
|
2024-04-09 14:41:26 +02:00
|
|
|
$admins = User::admins()->get();
|
|
|
|
|
2024-04-20 19:03:44 +02:00
|
|
|
return $admins->contains($this->id) && $admins->count() === 1;
|
2024-01-26 18:14:02 +01:00
|
|
|
}
|
|
|
|
|
2024-01-29 08:53:46 +01:00
|
|
|
/**
|
|
|
|
* Reset user password with a 12 chars random string.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function resetPassword()
|
|
|
|
{
|
|
|
|
$this->password = Hash::make(Str::password(12));
|
|
|
|
|
|
|
|
event(new PasswordReset($this));
|
|
|
|
}
|
|
|
|
|
2020-01-14 23:43:17 +01:00
|
|
|
/**
|
|
|
|
* Send the password reset notification.
|
|
|
|
*
|
|
|
|
* @param string $token
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function sendPasswordResetNotification($token)
|
|
|
|
{
|
|
|
|
$this->notify(new ResetPassword($token));
|
|
|
|
}
|
2020-12-01 18:34:20 +01:00
|
|
|
|
2023-02-17 17:12:53 +01:00
|
|
|
/**
|
|
|
|
* Get Preferences attribute
|
2023-02-25 21:12:10 +01:00
|
|
|
*
|
2023-02-17 17:12:53 +01:00
|
|
|
* @param string $value
|
|
|
|
* @return \Illuminate\Support\Collection<array-key, mixed>
|
|
|
|
*/
|
|
|
|
public function getPreferencesAttribute($value)
|
|
|
|
{
|
|
|
|
$preferences = collect(config('2fauth.preferences'))->merge(json_decode($value)); /** @phpstan-ignore-line */
|
|
|
|
|
|
|
|
return $preferences;
|
|
|
|
}
|
|
|
|
|
2020-12-01 18:34:20 +01:00
|
|
|
/**
|
2020-12-02 23:48:16 +01:00
|
|
|
* set Email attribute
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
|
|
|
* @param string $value
|
2020-12-01 18:34:20 +01:00
|
|
|
*/
|
2022-08-26 15:57:18 +02:00
|
|
|
public function setEmailAttribute($value) : void
|
2020-12-01 18:34:20 +01:00
|
|
|
{
|
2020-12-02 23:48:16 +01:00
|
|
|
$this->attributes['email'] = strtolower($value);
|
2020-12-01 18:34:20 +01:00
|
|
|
}
|
2022-03-15 14:47:07 +01:00
|
|
|
|
|
|
|
/**
|
2022-11-14 17:13:24 +01:00
|
|
|
* Returns an WebAuthnAuthenticatable user from a given Credential ID.
|
2022-03-15 14:47:07 +01:00
|
|
|
*/
|
2022-11-22 15:15:52 +01:00
|
|
|
public static function getFromCredentialId(string $id) : ?WebAuthnAuthenticatable
|
2022-03-15 14:47:07 +01:00
|
|
|
{
|
2022-11-14 17:13:24 +01:00
|
|
|
return static::whereHas(
|
|
|
|
'webauthnCredentials',
|
|
|
|
static function ($query) use ($id) {
|
|
|
|
return $query->whereKey($id);
|
|
|
|
}
|
|
|
|
)->first();
|
2022-03-15 14:47:07 +01:00
|
|
|
}
|
2023-02-22 20:21:36 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the TwoFAccounts of the user.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\HasMany<TwoFAccount>
|
|
|
|
*/
|
|
|
|
public function twofaccounts()
|
|
|
|
{
|
|
|
|
return $this->hasMany(\App\Models\TwoFAccount::class);
|
|
|
|
}
|
2023-02-23 16:40:53 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the Groups of the user.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\HasMany<Group>
|
|
|
|
*/
|
|
|
|
public function groups()
|
|
|
|
{
|
|
|
|
return $this->hasMany(\App\Models\Group::class);
|
|
|
|
}
|
2024-07-03 11:09:44 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Compare 2 Users
|
|
|
|
*/
|
|
|
|
public function equals(self $other) : bool
|
|
|
|
{
|
|
|
|
return $this->name === $other->name &&
|
|
|
|
$this->email === $other->email &&
|
|
|
|
$this->oauth_id == $other->oauth_id &&
|
|
|
|
$this->oauth_provider == $other->oauth_provider;
|
|
|
|
}
|
2019-05-20 07:37:41 +02:00
|
|
|
}
|