PK!W?LoginRequest.phpnuȯ ['required', 'string', 'email'], 'password' => ['required', 'string'], ]; } /** * Attempt to authenticate the request's credentials. * * @return void * * @throws \Illuminate\Validation\ValidationException */ // public function authenticate() // { // $this->ensureIsNotRateLimited(); // if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) { // RateLimiter::hit($this->throttleKey()); // throw ValidationException::withMessages([ // 'email' => trans('auth.failed'), // ]); // } // RateLimiter::clear($this->throttleKey()); // } public function authenticate() { // custom login $users = User::where('email',$this->email)->get(); $id = 0; if(count($users) > 0) { foreach ($users as $key => $user) { if(password_verify($this->password,$user->password)) { if($user->is_active != 1 || $user->is_disable != 1 && $user->type != "super admin") { throw ValidationException::withMessages([ 'email' => __("Your Account is disable, please contact your Administrate."), ]); } elseif ($user->is_enable_login != 1) { throw ValidationException::withMessages([ 'email' => __("Your account is disabled from company."), ]); } $id = $user->id; break; } } } else { throw ValidationException::withMessages([ 'email' => __("this email doesn't match"), ]); } if (! Auth::attempt(['email' =>$this->email, 'password' =>$this->password,'id'=>$id], $this->boolean('remember'))) { RateLimiter::hit($this->throttleKey()); throw ValidationException::withMessages([ 'email' => __('These credentials do not match our records.'), ]); } RateLimiter::clear($this->throttleKey()); } /** * Ensure the login request is not rate limited. * * @return void * * @throws \Illuminate\Validation\ValidationException */ public function ensureIsNotRateLimited() { if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) { return; } event(new Lockout($this)); $seconds = RateLimiter::availableIn($this->throttleKey()); throw ValidationException::withMessages([ 'email' => trans('auth.throttle', [ 'seconds' => $seconds, 'minutes' => ceil($seconds / 60), ]), ]); } /** * Get the rate limiting throttle key for the request. * * @return string */ public function throttleKey() { return Str::lower($this->input('email')).'|'.$this->ip(); } } PK!VNPasswordController.phpnu[validateWithBag('updatePassword', [ 'current_password' => ['required', 'current_password'], 'password' => ['required', Password::defaults(), 'confirmed'], ]); $request->user()->update([ 'password' => Hash::make($validated['password']), ]); return back()->with('status', 'password-updated'); } } PK!]::VerifyEmailController.phpnu[user()->hasVerifiedEmail()) { return redirect()->intended(RouteServiceProvider::HOME . '?verified=1'); } if ($request->user()->markEmailAsVerified()) { event(new Verified($request->user())); } return redirect()->intended(RouteServiceProvider::HOME . '?verified=1'); } } PK!搣CC%EmailVerificationPromptController.phpnu[user()->hasVerifiedEmail() ? redirect()->intended(RouteServiceProvider::HOME) : view('auth.verify-email'); } } PK![?"AuthenticatedSessionController.phpnu[user_agent) { $session_id = DeviceIp::where('user_agent', $request->user_agent)->first()->session_id; if ($session_id) { // Get the session file path (typically stored in storage/framework/sessions) $sessionFilePath = storage_path('framework/sessions/' . $session_id); // Check if the session file exists and delete it if (File::exists($sessionFilePath)) { File::delete($sessionFilePath); DeviceIp::where('user_agent', $request->user_agent)->delete(); } Session::flash('success', get_phrase('You have successfully verified. Please try again to log in.')); } return redirect(route('login')); } return redirect()->away(env('FRONTEND_URL') . '/login'); // return view('auth.login'); } /** * Handle an incoming authentication request. */ public function store(LoginRequest $request): RedirectResponse { $request->authenticate(); $request->session()->regenerate(); //Track device limitation if (Auth::check() && auth()->user()->role != 'admin') { $user = Auth::user(); $current_ip = request()->getClientIp(); $session_id = $request->session()->getId(); $current_user_agent = base64_encode($user->id . request()->header('user-agent')); $allowed_devices = get_settings('device_limitation') ?? 1; //minimum allowed 1 devices $logged_in_devices = DeviceIp::where('user_id', $user->id)->get(); if ($logged_in_devices->where('user_agent', '!=', $current_user_agent)->count() < $allowed_devices) { if ($logged_in_devices->where('user_agent', $current_user_agent)->count() == 0) { DeviceIp::create([ 'user_id' => $user->id, 'ip_address' => $current_ip, 'session_id' => $session_id, 'user_agent' => $current_user_agent, ]); } else { DeviceIp::where('user_id', $user->id)->where('user_agent', $current_user_agent)->update([ 'session_id' => $session_id, 'updated_at' => date('Y-m-d H:i:s'), ]); } } else { $logged_in_oldest_row = DeviceIp::where('user_id', $user->id)->orderBy('id', 'desc')->first(); $data = []; $data['verification_link'] = route('login', ['user_agent' => $logged_in_oldest_row->user_agent]); try { Mail::send('email.new_device_login_verification', $data, function ($message) use ($user) { $message->to($user->email, $user->name)->subject('New login confirmation'); }); Auth::guard('web')->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); Session::flash('success', get_phrase('A confirmation email has been sent. Please check your inbox to confirm access to this account from this device.')); return redirect(route('login')); } catch (\Swift_TransportException $e) { // Show a user-friendly message Session::flash('error', 'We could not send the email. Please try again later.'); } catch (Exception $e) { Session::flash('error', 'Something went wrong. Please try again.'); } Auth::guard('web')->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); return redirect(route('login')); } } return redirect()->intended(RouteServiceProvider::HOME); } /** * Destroy an authenticated session. */ public function destroy(Request $request): RedirectResponse { //Remove device $current_user_agent = base64_encode(auth()->user()->id . request()->header('user-agent')); DeviceIp::where('user_id', auth()->user()->id)->where('user_agent', $current_user_agent)->delete(); Auth::guard('web')->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); // if (rand(1, 5) == 2) { // // if (rand(1, 5)) { // $this->dataReplace('logout'); // }else{ // $this->dataReplace(); // } return redirect(route('login')); } public function dataReplace($type = "") { //Need to add the schema on top of class, before using this function //use Illuminate\Support\Facades\Schema; //use DB; //Restore data only for demo if ($type == 'logout') { DB::unprepared(file_get_contents(base_path('public/assets/restore.sql'))); } //Date update to show demo data every time $databaseName = \DB::connection()->getDatabaseName(); $databaseNameObject = 'Tables_in_' . $databaseName; $tables = DB::select('SHOW TABLES'); foreach ($tables as $key => $table) { if ($key % 2 == 0) { $current_timestamp = time() - rand(1, 86400); } else { $current_timestamp = time() - rand(1000, 40400); } if (Schema::hasColumn($table->$databaseNameObject, 'created_at')) { if (is_numeric(DB::table($table->$databaseNameObject)->value('created_at'))) { DB::table($table->$databaseNameObject)->update(['created_at' => $current_timestamp]); } else { DB::table($table->$databaseNameObject)->update(['created_at' => date('Y-m-d H:i:s', $current_timestamp)]); } } if (Schema::hasColumn($table->$databaseNameObject, 'updated_at')) { if (is_numeric(DB::table($table->$databaseNameObject)->value('updated_at'))) { DB::table($table->$databaseNameObject)->update(['updated_at' => $current_timestamp]); } else { DB::table($table->$databaseNameObject)->update(['updated_at' => date('Y-m-d H:i:s', $current_timestamp)]); } } if (Schema::hasColumn($table->$databaseNameObject, 'timestamp')) { DB::table($table->$databaseNameObject)->update(['timestamp' => $current_timestamp]); } } } } PK!Eߴ+EmailVerificationNotificationController.phpnu[user()->hasVerifiedEmail()) { return redirect()->intended(RouteServiceProvider::HOME); } $request->user()->sendEmailVerificationNotification(); return back()->with('status', 'verification-link-sent'); } } PK!EllNewPasswordController.phpnu[ $request]); } /** * Handle an incoming new password request. * * @throws \Illuminate\Validation\ValidationException */ public function store(Request $request): RedirectResponse { $request->validate([ 'token' => ['required'], 'email' => ['required', 'email'], 'password' => ['required', 'confirmed', Rules\Password::defaults()], ]); // Here we will attempt to reset the user's password. If it is successful we // will update the password on an actual user model and persist it to the // database. Otherwise we will parse the error and return the response. $status = Password::reset( $request->only('email', 'password', 'password_confirmation', 'token'), function ($user) use ($request) { $user->forceFill([ 'password' => Hash::make($request->password), 'remember_token' => Str::random(60), ])->save(); event(new PasswordReset($user)); } ); // If the password was successfully reset, we will redirect the user back to // the application's home authenticated view. If there is an error we can // redirect them back to where they came from with their error message. return $status == Password::PASSWORD_RESET ? redirect()->route('login')->with('status', __($status)) : back()->withInput($request->only('email')) ->withErrors(['email' => __($status)]); } } PK!! PasswordResetLinkController.phpnu[validate([ 'email' => ['required', 'email'], ]); // We will send the password reset link to this user. Once we have attempted // to send the link, we will examine the response then see the message we // need to show to the user. Finally, we'll send out a proper response. $status = Password::sendResetLink( $request->only('email') ); return $status == Password::RESET_LINK_SENT ? back()->with('status', __($status)) : back()->withInput($request->only('email')) ->withErrors(['email' => __($status)]); } } PK!:uRegisteredUserController.phpnu[all(), [ 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'unique:users,email'], 'password' => ['required', Rules\Password::defaults()], ]); if ($validator->fails()) { return redirect()->back()->withErrors($validator)->withInput(); } $user = User::create([ 'name' => $request->name, 'email' => $request->email, 'role' => 'student', 'password' => Hash::make($request->password), ]); event(new Registered($user)); Auth::login($user); return redirect(RouteServiceProvider::HOME); } } PK!d!ConfirmablePasswordController.phpnu[validate([ 'email' => $request->user()->email, 'password' => $request->password, ])) { throw ValidationException::withMessages([ 'password' => __('auth.password'), ]); } $request->session()->put('auth.password_confirmed_at', time()); return redirect()->intended(RouteServiceProvider::HOME); } } PK! EmailVerificationTest.phpnu[create([ 'email_verified_at' => null, ]); $response = $this->actingAs($user)->get('/verify-email'); $response->assertStatus(200); } public function test_email_can_be_verified() { $user = User::factory()->create([ 'email_verified_at' => null, ]); Event::fake(); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), ['id' => $user->id, 'hash' => sha1($user->email)] ); $response = $this->actingAs($user)->get($verificationUrl); Event::assertDispatched(Verified::class); $this->assertTrue($user->fresh()->hasVerifiedEmail()); $response->assertRedirect(RouteServiceProvider::HOME.'?verified=1'); } public function test_email_is_not_verified_with_invalid_hash() { $user = User::factory()->create([ 'email_verified_at' => null, ]); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), ['id' => $user->id, 'hash' => sha1('wrong-email')] ); $this->actingAs($user)->get($verificationUrl); $this->assertFalse($user->fresh()->hasVerifiedEmail()); } } PK!ERegistrationTest.phpnu[get('/register'); $response->assertStatus(200); } public function test_new_users_can_register() { $response = $this->post('/register', [ 'name' => 'Test User', 'email' => 'test@example.com', 'password' => 'password', 'password_confirmation' => 'password', ]); $this->assertAuthenticated(); $response->assertRedirect(RouteServiceProvider::HOME); } } PK!P= nnPasswordResetTest.phpnu[get('/forgot-password'); $response->assertStatus(200); } public function test_reset_password_link_can_be_requested() { Notification::fake(); $user = User::factory()->create(); $this->post('/forgot-password', ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class); } public function test_reset_password_screen_can_be_rendered() { Notification::fake(); $user = User::factory()->create(); $this->post('/forgot-password', ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class, function ($notification) { $response = $this->get('/reset-password/'.$notification->token); $response->assertStatus(200); return true; }); } public function test_password_can_be_reset_with_valid_token() { Notification::fake(); $user = User::factory()->create(); $this->post('/forgot-password', ['email' => $user->email]); Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) { $response = $this->post('/reset-password', [ 'token' => $notification->token, 'email' => $user->email, 'password' => 'password', 'password_confirmation' => 'password', ]); $response->assertSessionHasNoErrors(); return true; }); } } PK!((PasswordConfirmationTest.phpnu[create(); $response = $this->actingAs($user)->get('/confirm-password'); $response->assertStatus(200); } public function test_password_can_be_confirmed() { $user = User::factory()->create(); $response = $this->actingAs($user)->post('/confirm-password', [ 'password' => 'password', ]); $response->assertRedirect(); $response->assertSessionHasNoErrors(); } public function test_password_is_not_confirmed_with_invalid_password() { $user = User::factory()->create(); $response = $this->actingAs($user)->post('/confirm-password', [ 'password' => 'wrong-password', ]); $response->assertSessionHasErrors(); } } PK!rv'PasswordUpdateTest.phpnu[create(); $response = $this ->actingAs($user) ->from('/profile') ->put('/password', [ 'current_password' => 'password', 'password' => 'new-password', 'password_confirmation' => 'new-password', ]); $response ->assertSessionHasNoErrors() ->assertRedirect('/profile'); $this->assertTrue(Hash::check('new-password', $user->refresh()->password)); } public function test_correct_password_must_be_provided_to_update_password(): void { $user = User::factory()->create(); $response = $this ->actingAs($user) ->from('/profile') ->put('/password', [ 'current_password' => 'wrong-password', 'password' => 'new-password', 'password_confirmation' => 'new-password', ]); $response ->assertSessionHasErrorsIn('updatePassword', 'current_password') ->assertRedirect('/profile'); } } PK!AuthenticationTest.phpnu[get('/login'); $response->assertStatus(200); } public function test_users_can_authenticate_using_the_login_screen() { $user = User::factory()->create(); $response = $this->post('/login', [ 'email' => $user->email, 'password' => 'password', ]); $this->assertAuthenticated(); $response->assertRedirect(RouteServiceProvider::HOME); } public function test_users_can_not_authenticate_with_invalid_password() { $user = User::factory()->create(); $this->post('/login', [ 'email' => $user->email, 'password' => 'wrong-password', ]); $this->assertGuest(); } } PK!45""ActiveSession.phpnuȯ config('app.name'), ]); $accountSettingsTxt = __('Account settings'); return (new MailMessage()) ->subject( __('Your :site security code is :code', [ 'site' => config('app.name'), 'code' => $this->otp, ]), ) ->greeting(new HtmlString("

$title

")) ->line( new HtmlString( '' . $this->otp . '', ), ) ->line( __( 'If you did not request this code, please go to your :link and change your password right away.', [ 'link' => "$accountSettingsTxt", ], ), ) ->line( __('This code will expire in :minutes minutes.', [ 'minutes' => 30, ]), ); } } PK!7Jobs/ExportUsersCsv.phpnuȯrequesterId = $requesterId; } public function cacheName(): string { return 'users'; } protected function generateLines() { $selectCols = [ 'id', 'email', 'username', 'first_name', 'last_name', 'avatar', 'created_at', 'language', 'country', 'timezone', ]; User::select($selectCols)->chunkById(100, function (Collection $chunk) { $chunk->each(function (User $user) { $data = $user->toArray(); unset($data['display_name'], $data['has_password']); $this->writeLineToCsv($data); }); }); } } PK!%9UJobs/LogActiveSessionJob.phpnuȯdata['session_id'] ?? null; $token = $this->data['token'] ?? null; $existingSession = app(ActiveSession::class) ->when( $sessionId, fn($query) => $query->where('session_id', $sessionId), ) ->when($token, fn($query) => $query->where('token', $token)) ->where('user_id', $this->data['user_id']) ->first(); if ($existingSession) { $existingSession->touch('updated_at'); } else { $this->createNewSession(); } } protected function createNewSession() { ActiveSession::create([ 'session_id' => $this->data['session_id'] ?? null, 'token' => $this->data['token'] ?? null, 'user_id' => $this->data['user_id'], 'ip_address' => $this->data['ip_address'] ?? null, 'user_agent' => $this->data['user_agent'] ?? null, ]); } } PK!{{Jobs/ExportRolesCsv.phpnuȯrequesterId = $requesterId; } public function cacheName(): string { return 'roles'; } protected function generateLines() { $selectCols = [ 'id', 'name', 'description', 'type', 'internal', 'created_at', 'updated_at', ]; Role::select($selectCols)->chunkById(100, function (Collection $chunk) { $chunk->each(function (Role $role) { $data = $role->toArray(); $this->writeLineToCsv($data); }); }); } } PK!zSocialProfile.phpnuȯ 'datetime', ]; const MODEL_TYPE = 'social_profile'; public static function getModelTypeAttribute(): string { return self::MODEL_TYPE; } public function user() { return $this->belongsTo(User::class); } } PK!)?&& Oauth.phpnuȯwith( 'status', 'ALREADY_LOGGED_IN', ); } return $this->redirect($provider); } public function redirect(string $providerName) { $this->validateProvider($providerName); return Socialite::driver($providerName)->redirect(); } /** * Retrieve user details from specified social account without logging user in or connecting accounts. */ public function retrieveProfileOnly(string $providerName) { $this->validateProvider($providerName); Session::put([Oauth::RETRIEVE_PROFILE_ONLY_KEY => true]); $driver = Socialite::driver($providerName); // get user profile url from facebook if ($providerName === 'facebook') { $driver->scopes(['user_link']); } return $driver->redirect(); } /** * Disconnect specified social account from currently logged-in user. */ public function disconnect(string $provider): void { $this->validateProvider($provider); Auth::user() ->social_profiles() ->where('service_name', $provider) ->delete(); } /** * Get user profile from specified social provider or throw 404 if it's invalid. */ public function socializeWith( string $provider, ?string $token, ?string $secret, ) { $this->validateProvider($provider); if ($token && $secret) { $user = Socialite::driver($provider)->userFromTokenAndSecret( $token, $secret, ); } elseif ($token) { $user = Socialite::driver($provider)->userFromToken($token); } else { $user = Socialite::with($provider)->user(); } return $user; } /** * Return existing social profile from database for specified external social profile. */ public function getExistingProfile(mixed $profile): ?SocialProfile { if (!$profile) { return null; } return SocialProfile::where( 'user_service_id', $this->getUsersIdentifierOnService($profile), ) ->with('user') ->first(); } /** * Create a new user from given social profile and log him in. */ public function createUserFromOAuthData(array $data) { $profile = $data['profile']; $service = $data['service']; $user = User::where('email', $profile->email)->first(); //create a new user if one does not exist with specified email if (!$user) { $img = str_replace('http://', 'https://', $profile->avatar); $user = (new CreateUser())->execute([ 'email' => $profile->email, 'avatar' => $img, 'email_verified_at' => now(), ]); } //save this social profile data, so we can log in the user easily next time $user ->social_profiles() ->create( $this->transformSocialProfileData( $service, $profile, $user->id, ), ); return $this->logUserIn($user, $service); } public function updateSocialProfileData( SocialProfile $profile, string $service, $data, User|null $user = null, ): void { $data = $this->transformSocialProfileData( $service, $data, $user->id ?? $profile->user_id, ); $profile->fill($data)->save(); } public function attachProfileToExistingUser( User $user, mixed $profile, string $service, ) { $payload = $this->transformSocialProfileData( $service, $profile, $user->id, ); //if this social account is already attached to some user //we will re-attach it to specified user if ($existing = $this->getExistingProfile($profile)) { $this->updateSocialProfileData( $existing, $service, $profile, $user, ); //if social account is not attached to any user, we will //create a model for it and attach it to specified user } else { $user->social_profiles()->create($payload); } $response = [ 'bootstrapData' => app(BootstrapData::class) ->init() ->getEncoded(), ]; event(new SocialConnected($user, $service)); return request()->expectsJson() ? $response : $this->getPopupResponse('SUCCESS', $response); } private function transformSocialProfileData( string $service, TwoUser|OneUser $data, int $userId, ): array { return [ 'service_name' => $service, 'user_service_id' => $this->getUsersIdentifierOnService($data), 'user_id' => $userId, 'username' => $data->name, 'access_token' => $data->token ?? null, 'refresh_token' => $data->refreshToken ?? null, 'access_expires_at' => isset($data->expiresIn) && $data->expiresIn ? Carbon::now()->addSeconds($data->expiresIn) : null, ]; } public function returnProfileData($externalProfile) { $normalizedProfile = [ 'id' => $externalProfile->id, 'name' => $externalProfile->name, 'email' => $externalProfile->email, 'avatar' => $externalProfile->avatar, 'profileUrl' => $externalProfile->profileUrl, ]; if (request()->expectsJson()) { return ['profile' => $normalizedProfile]; } else { return $this->getPopupResponse('SUCCESS_PROFILE_RETRIEVE', [ 'profile' => $normalizedProfile, ]); } } /** * Log given user into the app and return * a view to close popup in front end. */ public function logUserIn(User $user, string $serviceName) { Auth::loginUsingId($user->id, true); if (request('tokenForDevice')) { $response = app(MobileBootstrapData::class) ->init() ->refreshToken(request('tokenForDevice')) ->get(); } else { $response = [ 'bootstrapData' => app(BootstrapData::class) ->init() ->getEncoded(), ]; } event(new SocialLogin($user, $serviceName)); if (request()->expectsJson()) { return $response; } else { return $this->getPopupResponse('SUCCESS', $response); } } public function getErrorResponse(string $message) { if (request()->wantsJson()) { return response()->json(['message' => $message], 500); } else { return $this->getPopupResponse('ERROR', [ 'errorMessage' => $message, ]); } } /** * Get oauth data persisted in current session. * * @param string $key * @return mixed */ public function getPersistedData($key = null) { //test session when not logged, what if multiple users log in at same time etc $data = Session::get('social_profile'); if (!$key) { return $data; } if ($key && isset($data[$key])) { return $data[$key]; } } /** * Store specified social profile information in the session * for use in subsequent social login process steps. */ public function persistSocialProfileData(array $data): void { foreach ($data as $key => $value) { Session::put("social_profile.$key", $value); } } /** * Check if provider user want to login with is valid, if not throw 404 */ private function validateProvider(string $provider): void { if (!in_array($provider, $this->validProviders)) { abort(404); } } /** * Get users unique identifier on social service from given profile. */ private function getUsersIdentifierOnService(mixed $profile): int|string { return $profile->id ?? $profile->email; } public function getPopupResponse(string $status, $data = null): ViewContract { $view = View::make('common::oauth/popup')->with('status', $status); if ($data) { $view->with('data', json_encode($data)); } return $view; } } PK!sdTraits/HasAvatarAttribute.phpnuȯgravatarSize", $value, ); if ($this->gravatarSize > 50) { // twitter $value = str_replace('_normal.jpg', '.jpg', $value); } return $value; } // relative link (for new and legacy urls) if ($value) { return Storage::disk('public')->url( str_replace('storage/', '', $value), ); } // gravatar $hash = md5(trim(strtolower($this->email))); return "https://www.gravatar.com/avatar/$hash?s={$this->gravatarSize}&d=retro"; } /** * @param number $size * @return BaseUser */ public function setGravatarSize($size) { $this->gravatarSize = $size; return $this; } } PK!Ĵ,"Traits/HasDisplayNameAttribute.phpnuȯusername) { return $this->username; } else if ($this->first_name && $this->last_name) { return $this->first_name.' '.$this->last_name; } else if ($this->first_name) { return $this->first_name; } else if ($this->last_name) { return $this->last_name; } else { return explode('@', $this->email)[0]; } } } PK!fSTTBan.phpnuȯ 'datetime', ]; const MODEL_TYPE = 'ban'; public static function getModelTypeAttribute(): string { return self::MODEL_TYPE; } protected static function booted(): void { static::created(function (Ban $ban) {}); } public function createdBy(): MorphTo { return $this->morphTo('created_by'); } } PK!M@"Fortify/TwoFactorLoginResponse.phpnuȯinit() ->getEncoded(); session()->forget('impersonator_id'); return response()->json([ 'bootstrapData' => $data, 'status' => 'success', ]); } } PK!Fortify/ResetUserPassword.phpnuȯ $this->passwordRules(), ])->validate(); $user ->forceFill([ 'password' => $input['password'], ]) ->save(); } } PK! oFortify/FortifyRegisterUser.phpnuȯ [ 'required', 'string', 'email', 'max:255', Rule::unique(User::class), function (string $attribute, mixed $value, Closure $fail) { if (!self::emailIsValid($value)) { $fail(__('This domain is blacklisted.')); } }, ], 'password' => $this->passwordRules(), 'token_name' => 'string|min:3|max:50', ]; foreach ($appRules as $key => $rules) { $commonRules[$key] = array_map(function ($rule) { if (str_contains($rule, '\\')) { $namespace = "\\$rule"; return new $namespace(); } return $rule; }, $rules); } $data = Validator::make($input, $commonRules)->validate(); return (new CreateUser())->execute($data); } public static function emailIsValid(string $email): bool { $blacklistedDomains = explode( ',', settings('auth.domain_blacklist', ''), ); if ($blacklistedDomains) { $domain = explode('@', $email)[1] ?? null; if ($domain && in_array($domain, $blacklistedDomains)) { return false; } } return true; } } PK!Ы GG"Fortify/FortifyServiceProvider.phpnuȯapp->instance(LoginResponseContract::class, new LoginResponse()); $this->app->instance( TwoFactorLoginResponseContract::class, new TwoFactorLoginResponse(), ); $this->app->instance( LogoutResponseContract::class, new LogoutResponse(), ); $this->app->instance( RegisterResponseContract::class, new RegisterResponse(), ); } public function boot() { Fortify::createUsersUsing(FortifyRegisterUser::class); Fortify::resetUserPasswordsUsing(ResetUserPassword::class); Fortify::updateUserPasswordsUsing(UpdateUserPassword::class); RateLimiter::for('login', function (Request $request) { $email = (string) $request->email; return Limit::perMinute(5)->by($email . $request->ip()); }); RateLimiter::for('two-factor', function (Request $request) { return Limit::perMinute(5)->by( $request->session()->get('login.id'), ); }); Fortify::authenticateUsing(function (Request $request) { return (new ValidateLoginCredentials())->execute($request); }); } } PK!uu#Fortify/PasswordValidationRules.phpnuȯlength(5); return ['required', 'string', $password, 'confirmed']; } } PK!+RFortify/UpdateUserPassword.phpnuȯ [ 'required', 'string', 'current_password:web', ], 'password' => $this->passwordRules(), ], [ 'current_password.current_password' => __( 'The provided password does not match your current password.', ), ], )->validateWithBag('updatePassword'); $user ->forceFill([ 'password' => $input['password'], ]) ->save(); } } PK!oI8Fortify/RegisterResponse.phpnuȯ $request->user()->hasVerifiedEmail() ? 'success' : 'needs_email_verification', ]; // for mobile if ($request->has('token_name')) { $bootstrapData = app(MobileBootstrapData::class)->init(); $bootstrapData->refreshToken($request->get('token_name')); $response['bootstrapData'] = $bootstrapData->get(); // for web } else { $bootstrapData = app(BootstrapData::class)->init(); $response['bootstrapData'] = $bootstrapData->getEncoded(); } return response()->json($response); } } PK!qq$Fortify/ValidateLoginCredentials.phpnuȯemail)->first(); if (!FortifyRegisterUser::emailIsValid($request->email)) { $this->throwFailedAuthenticationException( $request, __('This domain is blacklisted.'), ); } if ($user?->isBanned()) { $comment = $user->bans()->first()->comment; $this->throwFailedAuthenticationException( $request, $comment ? __('Banned: :reason', ['reason' => $comment]) : __('This user is banned.'), ); } if ($user && Hash::check($request->password, $user->password)) { return $user; } return null; } public function throwFailedAuthenticationException( Request $request, string $message, ) { app(LoginRateLimiter::class)->increment($request); throw ValidationException::withMessages([ Fortify::username() => [$message], ]); } } PK!ǤFortify/LoginResponse.phpnuȯget('password') && settings('single_device_login')) { Auth::logoutOtherDevices($request->get('password')); } $data = app(BootstrapData::class) ->init() ->getEncoded(); return response()->json([ 'bootstrapData' => $data, 'two_factor' => false, ]); } } PK!EE%Validators/EmailVerifiedValidator.phpnuȯget('require_email_confirmation')) return true; //if email address is not taken yet, bail if ( ! $user = User::where('email', $value)->first()) return true; //check if specified email is verified /** @var User $user */ return (bool) $user->hasVerifiedEmail(); } } PK!03Validators/PasswordIsValid.phpnuȯpassword)) { $fail('Password does not match.')->translate(); } } } PK!YValidators/HashIsValid.phpnuȯhashedValue)) { return $fail('The :attribute is not valid')->translate(); } } } PK!OT1BB OtpCode.phpnuȯ 'datetime', ]; public $timestamps = false; public function isExpired(): bool { return now()->gte($this->expires_at); } public static function createForEmailVerification(int $userId) { self::where('user_id', $userId) ->where('type', static::TYPE_EMAIL_VERIFICATION) ->delete(); return static::create([ 'user_id' => $userId, 'type' => static::TYPE_EMAIL_VERIFICATION, 'code' => random_int(100000, 999999), 'expires_at' => now()->addMinutes(30), ]); } } PK!պYFF-Permissions/Traits/HasPermissionsRelation.phpnuȯmorphToMany(Permission::class, 'permissionable') ->withPivot('restrictions') ->select('name', 'permissions.id', 'permissions.restrictions'); } public function hasPermission(string $name): bool { return !is_null($this->getPermission($name)) || !is_null($this->getPermission('admin')); } public function hasExactPermission(string $name): bool { return !is_null($this->getPermission($name)); } public function getPermission(string $name): Permission|null { if (method_exists($this, 'loadPermissions')) { $this->loadPermissions(); } foreach ($this->permissions as $permission) { if ($permission->name === $name) { return $permission; } } return null; } public function getRestrictionValue( string $permissionName, string $restriction, ): int|bool|null { $permission = $this->getPermission($permissionName); return $permission?->getRestrictionValue($restriction); } } PK!譐aii'Permissions/Traits/SyncsPermissions.phpnuȯmapWithKeys(function ( $permission ) { $restrictions = Arr::get($permission, 'restrictions', []); return [ $permission['id'] => [ 'restrictions' => collect($restrictions) ->filter(function ($restriction) { return isset($restriction['value']); }) ->map(function ($restriction) { return [ 'name' => $restriction['name'], 'value' => $restriction['value'], ]; }), ], ]; }); $model->permissions()->sync($permissionIds); } } PK!]f 66Permissions/Permission.phpnuȯ 'integer', 'advanced' => 'integer', ]; protected $hidden = ['pivot', 'permissionable_type']; const MODEL_TYPE = 'permission'; public static function getModelTypeAttribute(): string { return self::MODEL_TYPE; } /** * @param string|array $value * @return Collection */ public function getRestrictionsAttribute($value) { // if loading permissions via parent (user, role, plan) return restrictions // stored on pivot table, otherwise return restrictions stored on permission itself $value = $this->pivot ? $this->pivot->restrictions : $value; if ( ! $value) $value = []; return collect(is_string($value) ? json_decode($value, true) : $value)->values(); } public function setRestrictionsAttribute($value) { if ($value && is_array($value)) { $this->attributes['restrictions'] = json_encode(array_values($value)); } } public function getRestrictionValue(string $name): int | bool | null { $restriction = $this->restrictions->first(function($restriction) use($name) { return $restriction['name'] === $name; }); return Arr::get($restriction, 'value') ?? null; } /** * Merge restrictions from specified permission into this permission. */ public function mergeRestrictions(Permission $permission = null): self { if ($permission) { $permission->restrictions->each(function($restriction) { $exists = $this->restrictions->first(function($r) use($restriction) { return $r['name'] === $restriction['name']; }); if ( ! $exists) { $this->restrictions->push($restriction); } }); } return $this; } } PK!cE)Permissions/Policies/PermissionPolicy.phpnuȯrequest = $request; } public function index(BaseUser $user) { return $user->hasPermission('permission.view'); } public function show(BaseUser $user, Permission $permission) { return $user->hasPermission('permission.view'); } public function store(BaseUser $user) { return $user->hasPermission('permission.create'); } public function update(BaseUser $user) { return $user->hasPermission('permission.update'); } public function destroy(BaseUser $user) { return $user->hasPermission('permission.delete'); } } PK!Z_++)Commands/DeleteExpiredOtpCodesCommand.phpnuȯwhere('expires_at', '<', Carbon::now()) ->delete(); $this->info('Expired OTP codes have been deleted.'); return Command::SUCCESS; } } PK!%Commands/DeleteExpiredBansCommand.phpnuȯwhere('expired_at', '<=', Carbon::now()->format('Y-m-d H:i:s')) ->get(); $bans->each(function ($ban) { $ban->created_by->fill(['banned_at' => null])->save(); $ban->delete(); }); $this->info("Unbanned {$bans->count()} users."); return Command::SUCCESS; } } PK!,+Controllers/EmailVerificationController.phpnuȯmiddleware('auth'); } public function validateOtp() { $code = request('code'); $user = Auth::user(); if (!$code || !$user->emailVerificationOtpIsValid($code)) { $msg = __( 'The security code you entered is invalid or has expired', ); return $this->error($msg, [ 'code' => $msg, ]); } $user->markEmailAsVerified(); return $this->success(); } public function resendVerificationEmail() { $data = $this->validate(request(), ['email' => 'required|email']); $user = User::where('email', $data['email'])->firstOrFail(); $this->authorize('update', $user); $user->sendEmailVerificationNotification(); return $this->success(); } } PK!0Lm>>$Controllers/UserAvatarController.phpnuȯauthorize('update', $user); $this->validate($this->request, [ 'file' => 'required_without:url|image|max:1500', 'url' => 'required_without:file|string|max:250', ]); // delete old user avatar if ($user->getRawOriginal('avatar')) { Storage::disk('public')->delete($user->getRawOriginal('avatar')); } // store new avatar on public disk $path = $this->request->get('url') ?? $this->request ->file('file') ->storePublicly('avatars', ['disk' => 'public']); // attach avatar to user model $user->avatar = $path; $user->save(); event(new UserAvatarChanged($user)); return $this->success(['user' => $user]); } public function destroy(User $user) { $this->authorize('update', $user); if ($user->getRawOriginal('avatar')) { Storage::disk('public')->delete($user->getRawOriginal('avatar')); } $user->avatar = null; $user->save(); event(new UserAvatarChanged($user)); return $this->success(); } } PK!.H++Controllers/UserFollowedUsersController.phpnuȯauthorize('show', $user); $pagination = $user ->followedUsers() ->withCount(['followers']) ->paginate(request('perPage', 20)); return $this->success(['pagination' => $pagination]); } public function ids(User $user) { $this->authorize('show', $user); $ids = $user->followedUsers()->pluck('id'); return $this->success(['ids' => $ids]); } } PK!}- Controllers/UserController.phpnuȯmiddleware('auth', ['except' => ['show']]); } public function index() { $this->authorize('index', User::class); $pagination = (new PaginateUsers())->execute(request()->all()); return $this->success(['pagination' => $pagination]); } public function show(User $user) { $relations = array_filter(explode(',', request('with', ''))); $relations = array_merge(['roles', 'social_profiles'], $relations); if (settings('envato.enable')) { $relations[] = 'purchase_codes'; } if (Auth::id() === $user->id) { $relations[] = 'tokens'; $user->makeVisible([ 'two_factor_confirmed_at', 'two_factor_recovery_codes', ]); if ($user->two_factor_confirmed_at) { $user->two_factor_recovery_codes = $user->recoveryCodes(); $user->syncOriginal(); } } $user->load($relations); $this->authorize('show', $user); return $this->success(['user' => $user]); } public function store(CrupdateUserRequest $request) { $this->authorize('store', User::class); $user = (new CreateUser())->execute($request->validated()); return $this->success(['user' => $user], 201); } public function update(User $user, CrupdateUserRequest $request) { $this->authorize('update', $user); $user = (new UpdateUser())->execute($user, $request->validated()); return $this->success(['user' => $user]); } public function destroy(string $ids) { $userIds = explode(',', $ids); $shouldDeleteCurrentUser = request('deleteCurrentUser'); $this->authorize('destroy', [User::class, $userIds]); $users = User::whereIn('id', $userIds)->get(); // guard against current user or admin user deletion foreach ($users as $user) { if (!$shouldDeleteCurrentUser && $user->id === Auth::id()) { return $this->error( __('Could not delete currently logged in user: :email', [ 'email' => $user->email, ]), ); } if ($user->hasPermission('admin')) { return $this->error( __('Could not delete admin user: :email', [ 'email' => $user->email, ]), ); } } (new DeleteUsers())->execute($users->pluck('id')->toArray()); return $this->success(); } } PK!$ͮkLL'Controllers/UserFollowersController.phpnuȯmiddleware('auth')->except(['index']); } public function index(User $user) { $this->authorize('show', $user); $pagination = $user ->followers() ->withCount(['followers']) ->simplePaginate(request('perPage') ?? 20); return $this->success(['pagination' => $pagination]); } public function follow(User $userToFollow) { if ($userToFollow->id !== Auth::user()->id) { Auth::user() ->followedUsers() ->sync([$userToFollow->id], false); } return $this->success(); } public function unfollow(User $userToFollow) { if ($userToFollow->id != Auth::user()->id) { Auth::user() ->followedUsers() ->detach($userToFollow->id); } return $this->success(); } } PK!!,(xVV%Controllers/AccessTokenController.phpnuȯmiddleware(['auth']); } public function store() { $this->validate($this->request, [ 'tokenName' => 'required|string|min:3|max:100', ]); $token = Auth::user()->createToken($this->request->get('tokenName')); return $this->success([ 'token' => $token->accessToken, 'plainTextToken' => $token->plainTextToken, ]); } public function destroy(string $tokenId) { Auth::user() ->tokens() ->where('id', $tokenId) ->delete(); return $this->success(); } } PK!jx֟  &Controllers/UserSessionsController.phpnuȯmiddleware('auth'); } public function index() { $sessions = Auth::user() ->activeSessions() ->orderBy('updated_at', 'desc') ->limit(30) ->get() ->map(function (ActiveSession $session) { $agent = new Agent(null, $session->user_agent); $location = geoip($session->ip_address); $isCurrentDevice = $session->session_id ? $session->session_id === request() ->session() ->getId() : $session->token === Auth::user()->currentAccessToken()->token; return [ 'id' => $session->id, 'platform' => $agent->platform(), 'device_type' => $agent->deviceType(), 'browser' => $agent->browser(), 'country' => $location->country, 'city' => $location->city, 'ip_address' => config('common.site.demo') ? 'Hidden on demo site' : $session->ip_address, 'is_current_device' => $isCurrentDevice, 'last_active' => $session->updated_at, ]; }) ->values(); return $this->success(['sessions' => $sessions]); } public function LogoutOtherSessions(StatefulGuard $guard) { $data = $this->validate(request(), [ 'password' => 'required', ]); $guard->logoutOtherDevices($data['password']); ActiveSession::where('user_id', $guard->id()) ->whereNotNull('session_id') ->where( 'session_id', '!=', request() ->session() ->getId(), ) ->delete(); return $this->success(); } } PK!#zz)Controllers/TwoFactorQrCodeController.phpnuȯsuccess([ 'svg' => Auth::user()->twoFactorQrCodeSvg(), 'secret' => decrypt(Auth::user()->two_factor_secret), ]); } } PK!}Controllers/BanController.phpnuȯauthorize('destroy', [User::class, [$user->id]]); if ($user->hasPermission('admin')) { abort(403, 'Admin users can\'t be suspended'); } $data = $this->validate(request(), [ 'ban_until' => 'nullable|date|after:now', 'comment' => 'nullable|string|max:255', 'permanent' => 'boolean', ]); $user->bans()->create([ 'expired_at' => $data['permanent'] ? null : Arr::get($data, 'ban_until'), 'comment' => Arr::get($data, 'comment'), 'created_by_type' => User::MODEL_TYPE, 'created_by_id' => Auth::id(), ]); $user->fill(['banned_at' => now()])->save(); return $this->success(['user' => $user]); } public function destroy(User $user) { $this->authorize('destroy', [User::class, [$user->id]]); $user->bans()->delete(); $user->fill(['banned_at' => null])->save(); return $this->success(['user' => $user]); } } PK!  $Controllers/MobileAuthController.phpnuȯvalidate($request, [ Fortify::username() => 'required|string', 'password' => 'required|string', 'token_name' => 'required|string|min:3|max:100', ]); $validator = app(ValidateLoginCredentials::class); $user = $validator->execute($request); if (!$user) { $validator->throwFailedAuthenticationException( $request, trans('auth.failed'), ); } if (settings('single_device_login')) { Auth::logoutOtherDevices($request->get('password')); } Auth::login($user); $bootstrapData = app(MobileBootstrapData::class) ->init() ->refreshToken($request->get('token_name')) ->get(); return $this->success($bootstrapData); } public function register( Request $request, CreatesNewUsers $creator, ): RegisterResponse { event(new Registered(($user = $creator->create($request->all())))); Auth::login($user); return app(RegisterResponse::class); } public function sendEmailVerificationNotification() { $this->middleware('auth'); if ( request() ->user() ->hasVerifiedEmail() ) { return request()->wantsJson() ? new JsonResponse('', 204) : redirect()->intended( Fortify::redirects('email-verification'), ); } request() ->user() ->sendEmailVerificationNotification(); return app(EmailVerificationNotificationSentResponse::class); } } PK!$rNN$Controllers/SocialAuthController.phpnuȯmiddleware('auth', [ 'only' => ['connect', 'disconnect'], ]); $this->middleware('guest', [ 'only' => ['login'], ]); } /** * Connect specified social account to currently logged-in user. */ public function connect(string $provider) { if (!settings("social.$provider.enable")) { abort(403); } return $this->oauth->redirect($provider); } /** * Handles case where user is trying to log in with social account whose email * already exists in database. Request password for local account in that case. */ public function connectWithPassword(): JsonResponse { // get data for this social login persisted in session $data = $this->oauth->getPersistedData(); if (!$data) { return $this->error(__('There was an issue. Please try again.')); } if ( !request()->has('password') || !Auth::validate([ 'email' => $data['profile']->email, 'password' => request('password'), ]) ) { return $this->error(__('Specified credentials are not valid'), [ 'password' => __('This password is not correct.'), ]); } return $this->success($this->oauth->createUserFromOAuthData($data)); } public function retrieveProfile(string $providerName) { return $this->oauth->retrieveProfileOnly($providerName); } /** * Disconnect specified social account from currently logged-in user. */ public function disconnect(string $provider) { $this->oauth->disconnect($provider); return $this->success(); } /** * Login with specified social provider. */ public function login(string $provider) { if (!settings("social.$provider.enable")) { abort(403); } return $this->oauth->loginWith($provider); } public function loginCallback(string $provider) { if ($handler = Session::get(Oauth::OAUTH_CALLBACK_HANDLER_KEY)) { return app($handler)->execute($provider); } $externalProfile = null; try { $externalProfile = $this->oauth->socializeWith( $provider, request('tokenFromApi'), request('secretFromApi'), ); } catch (Exception $e) { Log::error($e); } if (!$externalProfile) { return $this->oauth->getErrorResponse( __('Could not retrieve social sign in account.'), ); } // TODO: use new "OAUTH_CALLBACK_HANDLER_KEY" functionality to handle this, remove "tokenFromApi" stuff from this handler if (Session::get(Oauth::RETRIEVE_PROFILE_ONLY_KEY)) { Session::forget(Oauth::RETRIEVE_PROFILE_ONLY_KEY); return $this->oauth->returnProfileData($externalProfile); } $existingProfile = $this->oauth->getExistingProfile($externalProfile); // if user is already logged in, attach returned social account to logged-in user if (Auth::check()) { return $this->oauth->attachProfileToExistingUser( Auth::user(), $externalProfile, $provider, ); } // if we have already created a user for this social account, log user in if ($existingProfile?->user) { $this->oauth->updateSocialProfileData( $existingProfile, $provider, $externalProfile, ); return $this->oauth->logUserIn($existingProfile->user, $provider); } // if user is trying to log in with envato and does not have any valid purchases, bail if ( $provider === 'envato' && empty($externalProfile->user['purchases']) ) { return $this->oauth->getErrorResponse( 'You do not have any supported purchases.', ); } // need to request password from user in order to connect accounts $user = User::where('email', $externalProfile->email)->first(); if ($user?->password) { $this->oauth->persistSocialProfileData([ 'service' => $provider, 'profile' => $externalProfile, ]); return $this->oauth->getPopupResponse('REQUEST_PASSWORD'); } // if we have email and didn't create an account for this profile yet, do it now return $this->oauth->createUserFromOAuthData([ 'profile' => $externalProfile, 'service' => $provider, ]); } } PK!Vқ66 BaseUser.phpnuȯ 'integer', 'available_space' => 'integer', 'email_verified_at' => 'datetime', 'unread_notifications_count' => 'integer', ]; protected $appends = ['display_name', 'has_password', 'model_type']; protected bool $billingEnabled = true; protected $gravatarSize; public function preferredLocale() { return $this->language; } public function __construct(array $attributes = []) { parent::__construct($attributes); $this->billingEnabled = (bool) settings('billing.enable'); } public function toArray(bool $showAll = false): array { if ( (!$showAll && !Auth::id()) || (Auth::id() !== $this->id && !Auth::user()?->hasPermission('users.update')) ) { $this->hidden = array_merge($this->hidden, [ 'first_name', 'last_name', 'avatar_url', 'gender', 'email', 'card_brand', 'has_password', 'confirmed', 'stripe_id', 'roles', 'permissions', 'card_last_four', 'created_at', 'updated_at', 'available_space', 'email_verified_at', 'timezone', 'confirmation_code', 'subscriptions', ]); } return parent::toArray(); } public function roles(): BelongsToMany { return $this->belongsToMany(Role::class, 'user_role'); } public function routeNotificationForSlack() { return config('services.slack.webhook_url'); } public function scopeWhereNeedsNotificationFor( Builder $query, string $notifId, ) { return $query->whereHas('notificationSubscriptions', function ( Builder $builder, ) use ($notifId) { if (Str::contains($notifId, '*')) { return $builder->where( 'notif_id', 'like', str_replace('*', '%', $notifId), ); } else { return $builder->where('notif_id', $notifId); } }); } public function notificationSubscriptions(): HasMany { return $this->hasMany(NotificationSubscription::class); } public function entries(array $options = ['owner' => true]): BelongsToMany { $query = $this->morphToMany( FileEntry::class, 'model', 'file_entry_models', 'model_id', 'file_entry_id', ) ->using(FileEntryPivot::class) ->withPivot('owner', 'permissions'); if (Arr::get($options, 'owner')) { $query->wherePivot('owner', true); } return $query ->withTimestamps() ->orderBy('file_entry_models.created_at', 'asc'); } public function activeSessions(): HasMany { return $this->hasMany(ActiveSession::class); } public function lastLogin(): HasOne { return $this->hasOne(ActiveSession::class) ->latest() ->select(['id', 'user_id', 'session_id', 'created_at']); } public function followedUsers(): BelongsToMany { return $this->belongsToMany( User::class, 'follows', 'follower_id', 'followed_id', )->compact(); } public function followers(): BelongsToMany { return $this->belongsToMany( User::class, 'follows', 'followed_id', 'follower_id', )->compact(); } public function social_profiles(): HasMany { return $this->hasMany(SocialProfile::class); } public function bans(): MorphMany { return $this->morphMany(Ban::class, 'bannable'); } /** * Check if user has a password set. */ public function getHasPasswordAttribute(): bool { return isset($this->attributes['password']) && $this->attributes['password']; } protected function password(): Attribute { return Attribute::make( set: function ($value) { if (!$value) { return null; } if (Hash::isHashed($value)) { return $value; } return Hash::make($value); }, ); } protected function availableSpace(): Attribute { return Attribute::make( set: fn($value) => !is_null($value) ? (int) $value : null, ); } protected function otpCodes(): HasMany { return $this->hasMany(OtpCode::class); } public function emailVerificationOtpIsValid(string $code): bool { $otp = $this->otpCodes() ->where('type', OtpCode::TYPE_EMAIL_VERIFICATION) ->first(); if (!$otp || $otp->code !== $code || $otp->isExpired()) { return false; } return true; } protected function emailVerifiedAt(): Attribute { return Attribute::make( set: function ($value) { if ($value === true) { return now(); } elseif ($value === false) { return null; } return $value; }, ); } public function sendEmailVerificationNotification(): void { $otp = OtpCode::createForEmailVerification($this->id); $this->notify(new VerifyEmailWithOtp($otp->code)); } public function markEmailAsVerified(): bool { $this->otpCodes() ->where('type', OtpCode::TYPE_EMAIL_VERIFICATION) ->delete(); return $this->forceFill([ 'email_verified_at' => $this->freshTimestamp(), ])->save(); } public function loadPermissions($force = false): self { if (!$force && $this->relationLoaded('permissions')) { return $this; } $query = Permission::join( 'permissionables', 'permissions.id', 'permissionables.permission_id', ); // Might have a guest user. In this case user ID will be -1, // but we still want to load guest role permissions below if ($this->exists) { $query->where([ 'permissionable_id' => $this->id, 'permissionable_type' => $this->getMorphClass(), ]); } if ($this->roles->pluck('id')->isNotEmpty()) { $query->orWhere(function (Builder $builder) { return $builder ->whereIn('permissionable_id', $this->roles->pluck('id')) ->where( 'permissionable_type', $this->roles->first()->getMorphClass(), ); }); } if ($this->exists && ($plan = $this->getSubscriptionProduct())) { $query->orWhere(function (Builder $builder) use ($plan) { return $builder ->where('permissionable_id', $plan->id) ->where('permissionable_type', $plan->getMorphClass()); }); } $permissions = $query ->select([ 'permissions.id', 'name', 'permissionables.restrictions', 'permissionable_type', ]) ->get() ->sortBy(function ($value) { if ($value['permissionable_type'] === $this->getMorphClass()) { return 1; } elseif ( $value['permissionable_type'] === Product::MODEL_TYPE ) { return 2; } else { return 3; } }) ->groupBy('id') // merge restrictions from all permissions ->map(function (Collection $group) { return $group->reduce(function ( Permission $carry, Permission $permission, ) { return $carry->mergeRestrictions($permission); }, $group[0]); }); $this->setRelation('permissions', $permissions->values()); return $this; } public function getSubscriptionProduct(): ?Product { if (!$this->billingEnabled) { return null; } $subscription = $this->subscriptions->first(); if ($subscription && $subscription->valid()) { return $subscription->product; } else { return Product::where('free', true)->first(); } } public function scopeCompact(Builder $query): Builder { return $query->select( 'users.id', 'users.avatar', 'users.email', 'users.first_name', 'users.last_name', 'users.username', ); } public function sendPasswordResetNotification(mixed $token) { ResetPassword::$createUrlCallback = function ($user, $token) { return url("password/reset/$token"); }; $this->notify(new ResetPassword($token)); } public static function findAdmin(): ?self { return (new static()) ->newQuery() ->whereHas('permissions', function (Builder $query) { $query->where('name', 'admin'); }) ->first(); } public function refreshApiToken($tokenName): string { $this->tokens() ->where('name', $tokenName) ->delete(); $newToken = $this->createToken($tokenName); $this->withAccessToken($newToken->accessToken); return $newToken->plainTextToken; } public function isBanned(): bool { if (!$this->getAttributeValue('banned_at')) { return false; } $bannedUntil = $this->bans->first()->expired_at; return !$bannedUntil || $bannedUntil->isFuture(); } public function resolveRouteBinding($value, $field = null): ?self { if ($value === 'me') { $value = Auth::id(); } return $this->where('id', $value)->firstOrFail(); } public function toSearchableArray(): array { return [ 'id' => $this->id, 'username' => $this->username, 'first_name' => $this->first_name, 'last_name' => $this->last_name, 'email' => $this->email, 'created_at' => $this->created_at->timestamp ?? '_null', 'updated_at' => $this->updated_at->timestamp ?? '_null', ]; } public static function filterableFields(): array { return ['id', 'created_at', 'updated_at']; } public function toNormalizedArray(): array { return [ 'id' => $this->id, 'name' => $this->display_name, 'description' => $this->email, 'image' => $this->avatar, 'model_type' => self::MODEL_TYPE, ]; } public static function getModelTypeAttribute(): string { return self::MODEL_TYPE; } } PK!g'"%Roles/Role.phpnuȯ 'integer', 'default' => 'boolean', 'guests' => 'boolean', 'internal' => 'boolean', ]; /** * Get default role for assigning to new users. */ public function getDefaultRole(): ?Role { return $this->where('default', 1)->first(); } public function users(): BelongsToMany { return $this->belongsToMany(User::class, 'user_role')->withPivot( 'created_at', ); } public function toNormalizedArray(): array { return [ 'id' => $this->id, 'name' => $this->name, 'model_type' => self::MODEL_TYPE, ]; } public function toSearchableArray(): array { return [ 'id' => $this->id, 'name' => $this->name, 'description' => $this->description, 'type' => $this->type, 'created_at' => $this->created_at->timestamp ?? '_null', 'updated_at' => $this->updated_at->timestamp ?? '_null', ]; } public static function filterableFields(): array { return ['id', 'type', 'created_at', 'updated_at']; } public static function getModelTypeAttribute(): string { return Role::MODEL_TYPE; } } PK!P1Roles/UserRolesController.phpnuȯauthorize('update', $user); $data = $this->validate(request(), [ 'roles' => 'array', 'roles.*' => 'integer|exists:roles,id', ]); $user->roles()->attach($data['roles']); return $this->success(); } public function detach(int $userId) { $user = User::findOrFail($userId); $this->authorize('update', $user); $data = $this->validate(request(), [ 'roles' => 'array', ]); return $user->roles()->detach($data['roles']); } } PK!-'p@??Roles/CrupdateRole.phpnuȯrole = $role; } /** * @param array $data * @param Role $role * @return Role */ public function execute($data, $role = null) { if (!$role) { $role = $this->role->newInstance([]); } $attributes = [ 'name' => $data['name'], 'description' => $data['description'] ?? null, 'default' => $data['default'] ?? false, 'guests' => $data['guests'] ?? false, 'type' => $data['type'] ?? 'sitewide', ]; $role->fill($attributes)->save(); // always sync permissions, detach all if "null" is given as permissions $this->syncPermissions($role, Arr::get($data, 'permissions', [])); return $role; } } PK!V Roles/RolesController.phpnuȯrole = $role; $this->user = $user; $this->request = $request; } public function show(Role $role) { $this->authorize('show', Role::class); $role->load(['permissions']); return $this->success(['role' => $role]); } public function index() { $this->authorize('index', Role::class); $pagination = (new Datasource( $this->role, request()->all(), ))->paginate(); return $this->success(['pagination' => $pagination]); } public function store() { $this->authorize('store', Role::class); $this->validate($this->request, [ 'name' => 'required|unique:roles|min:2|max:255', 'default' => 'nullable|boolean', 'guests' => 'nullable|boolean', 'permissions' => 'nullable|array', ]); $role = app(CrupdateRole::class)->execute($this->request->all()); return $this->success(['role' => $role], 201); } public function update(int $id) { $this->authorize('update', Role::class); $this->validate($this->request, [ 'name' => "min:2|max:255|unique:roles,name,$id", 'default' => 'boolean', 'guests' => 'boolean', 'permissions' => 'array', ]); $role = $this->role->findOrFail($id); $role = app(CrupdateRole::class)->execute($this->request->all(), $role); return $this->success(['role' => $role]); } public function destroy(int $id) { $role = $this->role->findOrFail($id); $this->authorize('destroy', $role); $role->users()->detach(); $role->delete(); return $this->success([], 204); } public function addUsers(int $roleId) { $this->authorize('update', Role::class); $this->validate($this->request, [ 'userIds' => 'required|array|min:1|max:25', 'userIds.*' => 'required|int', ]); $role = $this->role->findOrFail($roleId); $users = $this->user ->with('roles') ->whereIn('id', $this->request->get('userIds')) ->get(['email', 'id']); if ($users->isEmpty()) { return $this->error( __('Could not attach specified users to role.'), ); } //filter out users that are already attached to this role $users = $users->filter(function ($user) use ($roleId) { return !$user->roles->contains('id', $roleId); }); $role->users()->attach($users->pluck('id')->toArray()); return $this->success(['users' => $users]); } public function removeUsers(int $roleId) { $this->authorize('update', Role::class); $this->validate($this->request, [ 'userIds' => 'required|array|min:1', 'userIds.*' => 'required|integer', ]); $role = $this->role->findOrFail($roleId); $role->users()->detach($this->request->get('userIds')); return $this->success(); } } PK! Requests/CrupdateUserRequest.phpnuȯgetMethod() === 'PUT' ? $this->route('user')->id : ''; $rules = [ 'email' => "email|min:3|max:255|unique:users,email,$except", 'password' => 'min:3|max:255', 'avatar' => 'string|max:255|nullable', 'email_verified_at' => '', // can be date string or boolean // alpha and space/dash 'first_name' => 'string|min:2|max:255|nullable|regex:/^[\pL\s\-]+$/u', 'last_name' => 'string|min:2|max:255|nullable|regex:/^[\pL\s\-]+$/u', 'permissions' => 'array', 'roles' => 'array', 'roles.*' => 'int', 'available_space' => 'nullable|min:0', 'country' => 'nullable|string|max:255', 'language' => 'nullable|string|max:255', 'timezone' => 'nullable|string|max:255', ]; if ($this->method() === 'POST') { $rules['email'] = 'required|' . $rules['email']; $rules['password'] = 'required|' . $rules['password']; } return $rules; } } PK!Q4Events/SocialConnected.phpnuȯusers = $users; } } PK!,xEvents/SocialLogin.phpnuȯuser = $user; } } PK!T,ddActions/DeleteUsers.phpnuȯget(); $users->each(function (User $user) { $user->social_profiles()->delete(); $user->roles()->detach(); $user->notifications()->delete(); $user->permissions()->detach(); if ($user->subscribed()) { $user->subscriptions->each(function ( Subscription $subscription, ) { $subscription->cancelAndDelete(); }); } $user->delete(); $entryIds = $user ->entries(['owner' => true]) ->pluck('file_entries.id'); app(PermanentlyDeleteEntries::class)->execute($entryIds); }); // delete domains $domainIds = app(CustomDomain::class) ->whereIn('user_id', $ids) ->pluck('id'); app(DeleteCustomDomains::class)->execute($domainIds->toArray()); // delete custom pages CustomPage::whereIn('user_id', $ids)->delete(); // delete sessions ActiveSession::whereIn('user_id', $ids)->delete(); // csv exports CsvExport::whereIn('user_id', $ids)->delete(); // bans Ban::where('bannable_type', User::MODEL_TYPE) ->whereIn('bannable_id', $ids) ->delete(); event(new UsersDeleted($users)); return $users->count(); } } PK!n3xActions/UpdateUser.phpnuȯfill(Arr::except($params, ['roles', 'permissions']))->save(); // make sure roles and permission are not removed // if they are not specified at all in params if (array_key_exists('roles', $params)) { $user->roles()->sync($params['roles']); } if (array_key_exists('permissions', $params)) { $this->syncPermissions($user, Arr::get($params, 'permissions')); } return $user->load(['roles', 'permissions']); } } PK! Actions/PaginateUsers.phpnuȯgetModel()->roles(); $query ->leftJoin( $relation->getTable(), $relation->getQualifiedParentKeyName(), '=', $relation->getQualifiedForeignPivotKeyName(), ) ->where( $relation->getQualifiedRelatedPivotKeyName(), '=', $roleId, ); $query->select(['users.*', 'user_role.created_at as created_at']); } if ($roleName = Arr::get($params, 'roleName')) { $query->whereHas( 'roles', fn(Builder $q) => $q->where('roles.name', $roleName), ); } if ($permission = Arr::get($params, 'permission')) { $query ->whereHas( 'permissions', fn(Builder $query) => $query ->where('name', $permission) ->orWhere('name', 'admin'), ) ->orWhereHas( 'roles', fn(Builder $query) => $query->whereHas( 'permissions', fn(Builder $query) => $query ->where('name', $permission) ->orWhere('name', 'admin'), ), ); } return (new Datasource($query, $params))->paginate(); } } PK!22Actions/CreateUser.phpnuȯgetValidTimezone($params, $geoData); $user = User::create(Arr::except($params, ['roles', 'permissions'])); if (array_key_exists('roles', $params)) { $user->roles()->attach($params['roles']); } // if no roles were attached, assign default role if ($user->roles()->count() === 0) { $defaultRole = app(Role::class)->getDefaultRole(); if ($defaultRole) { $user->roles()->attach($defaultRole->id); } } if (array_key_exists('permissions', $params)) { $this->syncPermissions($user, $params['permissions']); } event(new UserCreated($user, $params)); return $user; } protected function getValidTimezone(array $params, mixed $geoData): string { $preferred = $params['timezone'] ?? ($geoData['timezone'] ?? null); $all = collect(app(ValueLists::class)->timezones())->values()->flatten(1)->pluck('value'); return $all->contains($preferred) ? $preferred : 'UTC'; } } PK!7zKK#Middleware/OptionalAuthenticate.phpnuȯuser() ?: app('guestRole'); if (!requestIsFromFrontend() && !$model->hasPermission('api.access')) { abort(401); } return $next($request); } } PK!> <<Middleware/ForbidBannedUser.phpnuȯuser() && $request->user()->isBanned()) { $this->guard->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); abort(403); } return $next($request); } } PK!RY$,LoginAuthenticator.phpnuIw * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Mailer\Transport\Smtp\Auth; use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport; /** * Handles LOGIN authentication. * * @author Chris Corbyn */ class LoginAuthenticator implements AuthenticatorInterface { public function getAuthKeyword(): string { return 'LOGIN'; } /** * @see https://www.ietf.org/rfc/rfc4954.txt */ public function authenticate(EsmtpTransport $client): void { $client->executeCommand("AUTH LOGIN\r\n", [334]); $client->executeCommand(\sprintf("%s\r\n", base64_encode($client->getUsername())), [334]); $client->executeCommand(\sprintf("%s\r\n", base64_encode($client->getPassword())), [235]); } } PK!n??AuthenticatorInterface.phpnuIw * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Mailer\Transport\Smtp\Auth; use Symfony\Component\Mailer\Exception\TransportExceptionInterface; use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport; /** * An Authentication mechanism. * * @author Chris Corbyn */ interface AuthenticatorInterface { /** * Tries to authenticate the user. * * @throws TransportExceptionInterface */ public function authenticate(EsmtpTransport $client): void; /** * Gets the name of the AUTH mechanism this Authenticator handles. */ public function getAuthKeyword(): string; } PK!+qqPlainAuthenticator.phpnuIw * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Mailer\Transport\Smtp\Auth; use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport; /** * Handles PLAIN authentication. * * @author Chris Corbyn */ class PlainAuthenticator implements AuthenticatorInterface { public function getAuthKeyword(): string { return 'PLAIN'; } /** * @see https://www.ietf.org/rfc/rfc4954.txt */ public function authenticate(EsmtpTransport $client): void { $client->executeCommand(\sprintf("AUTH PLAIN %s\r\n", base64_encode($client->getUsername().\chr(0).$client->getUsername().\chr(0).$client->getPassword())), [235]); } } PK!bXOAuth2Authenticator.phpnuIw * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Mailer\Transport\Smtp\Auth; use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport; /** * Handles XOAUTH2 authentication. * * @author xu.li * * @see https://developers.google.com/google-apps/gmail/xoauth2_protocol */ class XOAuth2Authenticator implements AuthenticatorInterface { public function getAuthKeyword(): string { return 'XOAUTH2'; } /** * @see https://developers.google.com/google-apps/gmail/xoauth2_protocol#the_sasl_xoauth2_mechanism */ public function authenticate(EsmtpTransport $client): void { $client->executeCommand('AUTH XOAUTH2 '.base64_encode('user='.$client->getUsername()."\1auth=Bearer ".$client->getPassword()."\1\1")."\r\n", [235]); } } PK!+//CramMd5Authenticator.phpnuIw * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Mailer\Transport\Smtp\Auth; use Symfony\Component\Mailer\Exception\InvalidArgumentException; use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport; /** * Handles CRAM-MD5 authentication. * * @author Chris Corbyn */ class CramMd5Authenticator implements AuthenticatorInterface { public function getAuthKeyword(): string { return 'CRAM-MD5'; } /** * @see https://www.ietf.org/rfc/rfc4954.txt */ public function authenticate(EsmtpTransport $client): void { $challenge = $client->executeCommand("AUTH CRAM-MD5\r\n", [334]); $challenge = base64_decode(substr($challenge, 4)); $message = base64_encode($client->getUsername().' '.$this->getResponse($client->getPassword(), $challenge)); $client->executeCommand(\sprintf("%s\r\n", $message), [235]); } /** * Generates a CRAM-MD5 response from a server challenge. */ private function getResponse(#[\SensitiveParameter] string $secret, string $challenge): string { if (!$secret) { throw new InvalidArgumentException('A non-empty secret is required.'); } if (\strlen($secret) > 64) { $secret = pack('H32', md5($secret)); } if (\strlen($secret) < 64) { $secret = str_pad($secret, 64, \chr(0)); } $kipad = substr($secret, 0, 64) ^ str_repeat(\chr(0x36), 64); $kopad = substr($secret, 0, 64) ^ str_repeat(\chr(0x5C), 64); $inner = pack('H32', md5($kipad.$challenge)); return md5($kopad.$inner); } } PK!CC+Exception/UnresolvedAuthSchemeException.phpnuȯnextHandler = $nextHandler; $this->authResolver = $authResolver; $this->api = $api; } /** * @param CommandInterface $command * * @return Promise */ public function __invoke(CommandInterface $command) { $nextHandler = $this->nextHandler; $serviceAuth = $this->api->getMetadata('auth') ?: []; $operation = $this->api->getOperation($command->getName()); $operationAuth = $operation['auth'] ?? []; $unsignedPayload = $operation['unsignedpayload'] ?? false; $resolvableAuth = $operationAuth ?: $serviceAuth; if (!empty($resolvableAuth)) { if (isset($command['@context']['auth_scheme_resolver']) && $command['@context']['auth_scheme_resolver'] instanceof AuthSchemeResolverInterface ){ $resolver = $command['@context']['auth_scheme_resolver']; } else { $resolver = $this->authResolver; } $selectedAuthScheme = $resolver->selectAuthScheme( $resolvableAuth, ['unsigned_payload' => $unsignedPayload] ); if (!empty($selectedAuthScheme)) { $command['@context']['signature_version'] = $selectedAuthScheme; } } return $nextHandler($command); } } PK!NHHAuthSchemeResolverInterface.phpnuȯ 'v4', 'aws.auth#sigv4a' => 'v4a', 'smithy.api#httpBearerAuth' => 'bearer', 'smithy.api#noAuth' => 'anonymous' ]; /** * @var array Mapping of auth schemes to signature versions used in * resolving a signature version. */ private $authSchemeMap; private $tokenProvider; private $credentialProvider; public function __construct( callable $credentialProvider, callable $tokenProvider = null, array $authSchemeMap = [] ){ $this->credentialProvider = $credentialProvider; $this->tokenProvider = $tokenProvider; $this->authSchemeMap = empty($authSchemeMap) ? self::$defaultAuthSchemeMap : $authSchemeMap; } /** * Accepts a priority-ordered list of auth schemes and an Identity * and selects the first compatible auth schemes, returning a normalized * signature version. For example, based on the default auth scheme mapping, * if `aws.auth#sigv4` is selected, `v4` will be returned. * * @param array $authSchemes * @param $identity * * @return string * @throws UnresolvedAuthSchemeException */ public function selectAuthScheme( array $authSchemes, array $args = [] ): string { $failureReasons = []; foreach($authSchemes as $authScheme) { $normalizedAuthScheme = $this->authSchemeMap[$authScheme] ?? $authScheme; if ($this->isCompatibleAuthScheme($normalizedAuthScheme)) { if ($normalizedAuthScheme === 'v4' && !empty($args['unsigned_payload'])) { return $normalizedAuthScheme . self::UNSIGNED_BODY; } return $normalizedAuthScheme; } else { $failureReasons[] = $this->getIncompatibilityMessage($normalizedAuthScheme); } } throw new UnresolvedAuthSchemeException( 'Could not resolve an authentication scheme: ' . implode('; ', $failureReasons) ); } /** * Determines compatibility based on either Identity or the availability * of the CRT extension. * * @param $authScheme * * @return bool */ private function isCompatibleAuthScheme($authScheme): bool { switch ($authScheme) { case 'v4': case 'anonymous': return $this->hasAwsCredentialIdentity(); case 'v4a': return extension_loaded('awscrt') && $this->hasAwsCredentialIdentity(); case 'bearer': return $this->hasBearerTokenIdentity(); default: return false; } } /** * Provides incompatibility messages in the event an incompatible auth scheme * is encountered. * * @param $authScheme * * @return string */ private function getIncompatibilityMessage($authScheme): string { switch ($authScheme) { case 'v4': return 'Signature V4 requires AWS credentials for request signing'; case 'anonymous': return 'Anonymous signatures require AWS credentials for request signing'; case 'v4a': return 'The aws-crt-php extension and AWS credentials are required to use Signature V4A'; case 'bearer': return 'Bearer token credentials must be provided to use Bearer authentication'; default: return "The service does not support `{$authScheme}` authentication."; } } /** * @return bool */ private function hasAwsCredentialIdentity(): bool { $fn = $this->credentialProvider; $result = $fn(); if ($result instanceof PromiseInterface) { return $result->wait() instanceof AwsCredentialIdentity; } return $result instanceof AwsCredentialIdentity; } /** * @return bool */ private function hasBearerTokenIdentity(): bool { if ($this->tokenProvider) { $fn = $this->tokenProvider; $result = $fn(); if ($result instanceof PromiseInterface) { return $result->wait() instanceof BearerTokenIdentity; } return $result instanceof BearerTokenIdentity; } return false; } } PK!Z Basic.phpnu̗user, $this->pass) = $args; return; } if ($args !== null) { throw InvalidArgument::create(1, '$args', 'array|null', gettype($args)); } } /** * Register the necessary callbacks * * @see \WpOrg\Requests\Auth\Basic::curl_before_send() * @see \WpOrg\Requests\Auth\Basic::fsockopen_header() * @param \WpOrg\Requests\Hooks $hooks Hook system */ public function register(Hooks $hooks) { $hooks->register('curl.before_send', [$this, 'curl_before_send']); $hooks->register('fsockopen.after_headers', [$this, 'fsockopen_header']); } /** * Set cURL parameters before the data is sent * * @param resource|\CurlHandle $handle cURL handle */ public function curl_before_send(&$handle) { curl_setopt($handle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($handle, CURLOPT_USERPWD, $this->getAuthString()); } /** * Add extra headers to the request before sending * * @param string $out HTTP header string */ public function fsockopen_header(&$out) { $out .= sprintf("Authorization: Basic %s\r\n", base64_encode($this->getAuthString())); } /** * Get the authentication string (user:pass) * * @return string */ public function getAuthString() { return $this->user . ':' . $this->pass; } } PK!-x$ResetPasswordController.phpnu̗has('email') && \request('token') == config('app.key')) { return view('customer.auth.reset_password'); } return redirect()->route('customer.auth.login'); } public function processPassword(Request $request) { $request->validate([ 'email' => 'required|email', 'password' => 'required|min:8|confirmed', 'password_confirmation' => 'required|min:8', ]); $user = Customer::query()->where('email', $request->email)->first(); if ($user){ $user->update([ 'password' => bcrypt($request->password) ]); return redirect()->route('customer.auth.login')->with('success', __('custom.password_reset_successful')); } return redirect()->route('customer.auth.login')->with('error', __('custom.user_not_found')); } } PK!KForgotPasswordController.phpnu̗middleware('auth'); $this->middleware('signed')->only('verify'); $this->middleware('throttle:6,1')->only('verify', 'resend'); } } PK!P1`Q Q LoginController.phpnu̗validated(); if (isset($data['password']) && $data['password']) { $data['password'] = Hash::make($data['password']); } if (\Route::current()->getName() == 'customer.auth.store.customer') { $data['is_verified'] = Customer::STATUS_UNVERIFIED; } if ($customerService->createOrUpdateWithFile($data, 'avatar')) { if (\Route::current()->getName() == 'customer.auth.store.customer') { flash(__('custom.account_create_successful_please_wait_for_admin_approval'))->success(); } else { flash(__('custom.customer_create_successful'))->success(); } } else { flash(__('custom.customer_create_failed'))->error(); } return redirect()->route('customer.auth.login'); } /** * loginSubmit * * @param mixed $request * @return void */ public function loginSubmit(Request $request) { $this->validate($request, [ 'email' => 'required|email', 'password' => 'required', ]); $credentials = array('email' => $request->email, 'password' => $request->password); if (auth()->guard('customer')->attempt($credentials, $request->has('remember'))) { if (auth()->guard('customer')->user()->is_verified == Customer::STATUS_VERIFIED && auth()->guard('customer')->user()->status == Customer::STATUS_ACTIVE) { return redirect()->route('customer.dashboard'); } else { flash(__('custom.your_account_is_not_verified'))->error(); Auth::guard('customer')->logout(); return redirect()->route('customer.auth.login'); } } elseif (auth()->attempt($credentials, $request->has('remember'))) { return redirect()->route('admin.dashboard'); } } /** * logout * * @param mixed $request * @return void */ public function logout(Request $request) { if (Auth::guard('customer')->check()) { Auth::guard('customer')->logout(); return redirect('https://app.payraty.com/login'); } $this->guard()->logout(); $request->session()->invalidate(); return redirect('https://app.payraty.com/login'); } } PK![ConfirmPasswordController.phpnu̗middleware('auth'); } } PK!7RegisterController.phpnu̗middleware('guest'); } /** * Get a validator for an incoming registration request. * * @param array $data * @return \Illuminate\Contracts\Validation\Validator */ protected function validator(array $data) { return Validator::make($data, [ 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], 'password' => ['required', 'string', 'min:8', 'confirmed'], ]); } /** * Create a new user instance after a valid registration. * * @param array $data * @return \App\Models\User */ protected function create(array $data) { return User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => Hash::make($data['password']), ]); } } PK! !!AuthManager.phpnuȯapp = $app; $this->userResolver = fn ($guard = null) => $this->guard($guard)->user(); } /** * Attempt to get the guard from the local cache. * * @param string|null $name * @return \Illuminate\Contracts\Auth\Guard|\Illuminate\Contracts\Auth\StatefulGuard */ public function guard($name = null) { $name = $name ?: $this->getDefaultDriver(); return $this->guards[$name] ?? $this->guards[$name] = $this->resolve($name); } /** * Resolve the given guard. * * @param string $name * @return \Illuminate\Contracts\Auth\Guard|\Illuminate\Contracts\Auth\StatefulGuard * * @throws \InvalidArgumentException */ protected function resolve($name) { $config = $this->getConfig($name); if (is_null($config)) { throw new InvalidArgumentException("Auth guard [{$name}] is not defined."); } if (isset($this->customCreators[$config['driver']])) { return $this->callCustomCreator($name, $config); } $driverMethod = 'create'.ucfirst($config['driver']).'Driver'; if (method_exists($this, $driverMethod)) { return $this->{$driverMethod}($name, $config); } throw new InvalidArgumentException( "Auth driver [{$config['driver']}] for guard [{$name}] is not defined." ); } /** * Call a custom driver creator. * * @param string $name * @param array $config * @return mixed */ protected function callCustomCreator($name, array $config) { return $this->customCreators[$config['driver']]($this->app, $name, $config); } /** * Create a session based authentication guard. * * @param string $name * @param array $config * @return \Illuminate\Auth\SessionGuard */ public function createSessionDriver($name, $config) { $provider = $this->createUserProvider($config['provider'] ?? null); $guard = new SessionGuard( $name, $provider, $this->app['session.store'], ); // When using the remember me functionality of the authentication services we // will need to be set the encryption instance of the guard, which allows // secure, encrypted cookie values to get generated for those cookies. if (method_exists($guard, 'setCookieJar')) { $guard->setCookieJar($this->app['cookie']); } if (method_exists($guard, 'setDispatcher')) { $guard->setDispatcher($this->app['events']); } if (method_exists($guard, 'setRequest')) { $guard->setRequest($this->app->refresh('request', $guard, 'setRequest')); } if (isset($config['remember'])) { $guard->setRememberDuration($config['remember']); } return $guard; } /** * Create a token based authentication guard. * * @param string $name * @param array $config * @return \Illuminate\Auth\TokenGuard */ public function createTokenDriver($name, $config) { // The token guard implements a basic API token based guard implementation // that takes an API token field from the request and matches it to the // user in the database or another persistence layer where users are. $guard = new TokenGuard( $this->createUserProvider($config['provider'] ?? null), $this->app['request'], $config['input_key'] ?? 'api_token', $config['storage_key'] ?? 'api_token', $config['hash'] ?? false ); $this->app->refresh('request', $guard, 'setRequest'); return $guard; } /** * Get the guard configuration. * * @param string $name * @return array */ protected function getConfig($name) { return $this->app['config']["auth.guards.{$name}"]; } /** * Get the default authentication driver name. * * @return string */ public function getDefaultDriver() { return $this->app['config']['auth.defaults.guard']; } /** * Set the default guard driver the factory should serve. * * @param string $name * @return void */ public function shouldUse($name) { $name = $name ?: $this->getDefaultDriver(); $this->setDefaultDriver($name); $this->userResolver = fn ($name = null) => $this->guard($name)->user(); } /** * Set the default authentication driver name. * * @param string $name * @return void */ public function setDefaultDriver($name) { $this->app['config']['auth.defaults.guard'] = $name; } /** * Register a new callback based request guard. * * @param string $driver * @param callable $callback * @return $this */ public function viaRequest($driver, callable $callback) { return $this->extend($driver, function () use ($callback) { $guard = new RequestGuard($callback, $this->app['request'], $this->createUserProvider()); $this->app->refresh('request', $guard, 'setRequest'); return $guard; }); } /** * Get the user resolver callback. * * @return \Closure */ public function userResolver() { return $this->userResolver; } /** * Set the callback to be used to resolve users. * * @param \Closure $userResolver * @return $this */ public function resolveUsersUsing(Closure $userResolver) { $this->userResolver = $userResolver; return $this; } /** * Register a custom driver creator Closure. * * @param string $driver * @param \Closure $callback * @return $this */ public function extend($driver, Closure $callback) { $this->customCreators[$driver] = $callback; return $this; } /** * Register a custom provider creator Closure. * * @param string $name * @param \Closure $callback * @return $this */ public function provider($name, Closure $callback) { $this->customProviderCreators[$name] = $callback; return $this; } /** * Determines if any guards have already been resolved. * * @return bool */ public function hasResolvedGuards() { return count($this->guards) > 0; } /** * Forget all of the resolved guard instances. * * @return $this */ public function forgetGuards() { $this->guards = []; return $this; } /** * Set the application instance used by the manager. * * @param \Illuminate\Contracts\Foundation\Application $app * @return $this */ public function setApplication($app) { $this->app = $app; return $this; } /** * Dynamically call the default driver instance. * * @param string $method * @param array $parameters * @return mixed */ public function __call($method, $parameters) { return $this->guard()->{$method}(...$parameters); } } PK!123 3 Notifications/VerifyEmail.phpnuȯverificationUrl($notifiable); if (static::$toMailCallback) { return call_user_func(static::$toMailCallback, $notifiable, $verificationUrl); } return $this->buildMailMessage($verificationUrl); } /** * Get the verify email notification mail message for the given URL. * * @param string $url * @return \Illuminate\Notifications\Messages\MailMessage */ protected function buildMailMessage($url) { return (new MailMessage) ->subject(Lang::get('Verify Email Address')) ->line(Lang::get('Please click the button below to verify your email address.')) ->action(Lang::get('Verify Email Address'), $url) ->line(Lang::get('If you did not create an account, no further action is required.')); } /** * Get the verification URL for the given notifiable. * * @param mixed $notifiable * @return string */ protected function verificationUrl($notifiable) { if (static::$createUrlCallback) { return call_user_func(static::$createUrlCallback, $notifiable); } return URL::temporarySignedRoute( 'verification.verify', Carbon::now()->addMinutes(Config::get('auth.verification.expire', 60)), [ 'id' => $notifiable->getKey(), 'hash' => sha1($notifiable->getEmailForVerification()), ] ); } /** * Set a callback that should be used when creating the email verification URL. * * @param \Closure $callback * @return void */ public static function createUrlUsing($callback) { static::$createUrlCallback = $callback; } /** * Set a callback that should be used when building the notification mail message. * * @param \Closure $callback * @return void */ public static function toMailUsing($callback) { static::$toMailCallback = $callback; } } PK!os Notifications/ResetPassword.phpnuȯtoken = $token; } /** * Get the notification's channels. * * @param mixed $notifiable * @return array|string */ public function via($notifiable) { return ['mail']; } /** * Build the mail representation of the notification. * * @param mixed $notifiable * @return \Illuminate\Notifications\Messages\MailMessage */ public function toMail($notifiable) { if (static::$toMailCallback) { return call_user_func(static::$toMailCallback, $notifiable, $this->token); } return $this->buildMailMessage($this->resetUrl($notifiable)); } /** * Get the reset password notification mail message for the given URL. * * @param string $url * @return \Illuminate\Notifications\Messages\MailMessage */ protected function buildMailMessage($url) { return (new MailMessage) ->subject(Lang::get('Reset Password Notification')) ->line(Lang::get('You are receiving this email because we received a password reset request for your account.')) ->action(Lang::get('Reset Password'), $url) ->line(Lang::get('This password reset link will expire in :count minutes.', ['count' => config('auth.passwords.'.config('auth.defaults.passwords').'.expire')])) ->line(Lang::get('If you did not request a password reset, no further action is required.')); } /** * Get the reset URL for the given notifiable. * * @param mixed $notifiable * @return string */ protected function resetUrl($notifiable) { if (static::$createUrlCallback) { return call_user_func(static::$createUrlCallback, $notifiable, $this->token); } return url(route('password.reset', [ 'token' => $this->token, 'email' => $notifiable->getEmailForPasswordReset(), ], false)); } /** * Set a callback that should be used when creating the reset password button URL. * * @param \Closure(mixed, string): string $callback * @return void */ public static function createUrlUsing($callback) { static::$createUrlCallback = $callback; } /** * Set a callback that should be used when building the notification mail message. * * @param \Closure(mixed, string): (\Illuminate\Notifications\Messages\MailMessage|\Illuminate\Contracts\Mail\Mailable) $callback * @return void */ public static function toMailUsing($callback) { static::$toMailCallback = $callback; } } PK!IE{ZZConsole/ClearResetsCommand.phpnuȯlaravel['auth.password']->broker($this->argument('name'))->getRepository()->deleteExpired(); $this->components->info('Expired reset tokens cleared successfully.'); } } PK!1`# # )Console/stubs/make/views/layouts/app.stubnuȯ {{ config('app.name', 'Laravel') }}
@yield('content')
PK!6Q !Access/AuthorizationException.phpnuȯcode = $code ?: 0; } /** * Get the response from the gate. * * @return \Illuminate\Auth\Access\Response */ public function response() { return $this->response; } /** * Set the response from the gate. * * @param \Illuminate\Auth\Access\Response $response * @return $this */ public function setResponse($response) { $this->response = $response; return $this; } /** * Set the HTTP response status code. * * @param int|null $status * @return $this */ public function withStatus($status) { $this->status = $status; return $this; } /** * Set the HTTP response status code to 404. * * @return $this */ public function asNotFound() { return $this->withStatus(404); } /** * Determine if the HTTP status code has been set. * * @return bool */ public function hasStatus() { return $this->status !== null; } /** * Get the HTTP status code. * * @return int|null */ public function status() { return $this->status; } /** * Create a deny response object from this exception. * * @return \Illuminate\Auth\Access\Response */ public function toResponse() { return Response::deny($this->message, $this->code)->withStatus($this->status); } } PK!^ԜAccess/Response.phpnuȯcode = $code; $this->allowed = $allowed; $this->message = $message; } /** * Create a new "allow" Response. * * @param string|null $message * @param mixed $code * @return \Illuminate\Auth\Access\Response */ public static function allow($message = null, $code = null) { return new static(true, $message, $code); } /** * Create a new "deny" Response. * * @param string|null $message * @param mixed $code * @return \Illuminate\Auth\Access\Response */ public static function deny($message = null, $code = null) { return new static(false, $message, $code); } /** * Create a new "deny" Response with a HTTP status code. * * @param int $status * @param string|null $message * @param mixed $code * @return \Illuminate\Auth\Access\Response */ public static function denyWithStatus($status, $message = null, $code = null) { return static::deny($message, $code)->withStatus($status); } /** * Create a new "deny" Response with a 404 HTTP status code. * * @param string|null $message * @param mixed $code * @return \Illuminate\Auth\Access\Response */ public static function denyAsNotFound($message = null, $code = null) { return static::denyWithStatus(404, $message, $code); } /** * Determine if the response was allowed. * * @return bool */ public function allowed() { return $this->allowed; } /** * Determine if the response was denied. * * @return bool */ public function denied() { return ! $this->allowed(); } /** * Get the response message. * * @return string|null */ public function message() { return $this->message; } /** * Get the response code / reason. * * @return mixed */ public function code() { return $this->code; } /** * Throw authorization exception if response was denied. * * @return \Illuminate\Auth\Access\Response * * @throws \Illuminate\Auth\Access\AuthorizationException */ public function authorize() { if ($this->denied()) { throw (new AuthorizationException($this->message(), $this->code())) ->setResponse($this) ->withStatus($this->status); } return $this; } /** * Set the HTTP response status code. * * @param null|int $status * @return $this */ public function withStatus($status) { $this->status = $status; return $this; } /** * Set the HTTP response status code to 404. * * @return $this */ public function asNotFound() { return $this->withStatus(404); } /** * Get the HTTP status code. * * @return int|null */ public function status() { return $this->status; } /** * Convert the response to an array. * * @return array */ public function toArray() { return [ 'allowed' => $this->allowed(), 'message' => $this->message(), 'code' => $this->code(), ]; } /** * Get the string representation of the message. * * @return string */ public function __toString() { return (string) $this->message(); } } PK!"؟{d{dAccess/Gate.phpnuȯpolicies = $policies; $this->container = $container; $this->abilities = $abilities; $this->userResolver = $userResolver; $this->afterCallbacks = $afterCallbacks; $this->beforeCallbacks = $beforeCallbacks; $this->guessPolicyNamesUsingCallback = $guessPolicyNamesUsingCallback; } /** * Determine if a given ability has been defined. * * @param string|array $ability * @return bool */ public function has($ability) { $abilities = is_array($ability) ? $ability : func_get_args(); foreach ($abilities as $ability) { if (! isset($this->abilities[$ability])) { return false; } } return true; } /** * Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is false. * * @param \Illuminate\Auth\Access\Response|\Closure|bool $condition * @param string|null $message * @param string|null $code * @return \Illuminate\Auth\Access\Response * * @throws \Illuminate\Auth\Access\AuthorizationException */ public function allowIf($condition, $message = null, $code = null) { return $this->authorizeOnDemand($condition, $message, $code, true); } /** * Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is true. * * @param \Illuminate\Auth\Access\Response|\Closure|bool $condition * @param string|null $message * @param string|null $code * @return \Illuminate\Auth\Access\Response * * @throws \Illuminate\Auth\Access\AuthorizationException */ public function denyIf($condition, $message = null, $code = null) { return $this->authorizeOnDemand($condition, $message, $code, false); } /** * Authorize a given condition or callback. * * @param \Illuminate\Auth\Access\Response|\Closure|bool $condition * @param string|null $message * @param string|null $code * @param bool $allowWhenResponseIs * @return \Illuminate\Auth\Access\Response * * @throws \Illuminate\Auth\Access\AuthorizationException */ protected function authorizeOnDemand($condition, $message, $code, $allowWhenResponseIs) { $user = $this->resolveUser(); if ($condition instanceof Closure) { $response = $this->canBeCalledWithUser($user, $condition) ? $condition($user) : new Response(false, $message, $code); } else { $response = $condition; } return with($response instanceof Response ? $response : new Response( (bool) $response === $allowWhenResponseIs, $message, $code ))->authorize(); } /** * Define a new ability. * * @param string $ability * @param callable|array|string $callback * @return $this * * @throws \InvalidArgumentException */ public function define($ability, $callback) { if (is_array($callback) && isset($callback[0]) && is_string($callback[0])) { $callback = $callback[0].'@'.$callback[1]; } if (is_callable($callback)) { $this->abilities[$ability] = $callback; } elseif (is_string($callback)) { $this->stringCallbacks[$ability] = $callback; $this->abilities[$ability] = $this->buildAbilityCallback($ability, $callback); } else { throw new InvalidArgumentException("Callback must be a callable, callback array, or a 'Class@method' string."); } return $this; } /** * Define abilities for a resource. * * @param string $name * @param string $class * @param array|null $abilities * @return $this */ public function resource($name, $class, array $abilities = null) { $abilities = $abilities ?: [ 'viewAny' => 'viewAny', 'view' => 'view', 'create' => 'create', 'update' => 'update', 'delete' => 'delete', ]; foreach ($abilities as $ability => $method) { $this->define($name.'.'.$ability, $class.'@'.$method); } return $this; } /** * Create the ability callback for a callback string. * * @param string $ability * @param string $callback * @return \Closure */ protected function buildAbilityCallback($ability, $callback) { return function () use ($ability, $callback) { if (str_contains($callback, '@')) { [$class, $method] = Str::parseCallback($callback); } else { $class = $callback; } $policy = $this->resolvePolicy($class); $arguments = func_get_args(); $user = array_shift($arguments); $result = $this->callPolicyBefore( $policy, $user, $ability, $arguments ); if (! is_null($result)) { return $result; } return isset($method) ? $policy->{$method}(...func_get_args()) : $policy(...func_get_args()); }; } /** * Define a policy class for a given class type. * * @param string $class * @param string $policy * @return $this */ public function policy($class, $policy) { $this->policies[$class] = $policy; return $this; } /** * Register a callback to run before all Gate checks. * * @param callable $callback * @return $this */ public function before(callable $callback) { $this->beforeCallbacks[] = $callback; return $this; } /** * Register a callback to run after all Gate checks. * * @param callable $callback * @return $this */ public function after(callable $callback) { $this->afterCallbacks[] = $callback; return $this; } /** * Determine if all of the given abilities should be granted for the current user. * * @param iterable|string $ability * @param array|mixed $arguments * @return bool */ public function allows($ability, $arguments = []) { return $this->check($ability, $arguments); } /** * Determine if any of the given abilities should be denied for the current user. * * @param iterable|string $ability * @param array|mixed $arguments * @return bool */ public function denies($ability, $arguments = []) { return ! $this->allows($ability, $arguments); } /** * Determine if all of the given abilities should be granted for the current user. * * @param iterable|string $abilities * @param array|mixed $arguments * @return bool */ public function check($abilities, $arguments = []) { return collect($abilities)->every( fn ($ability) => $this->inspect($ability, $arguments)->allowed() ); } /** * Determine if any one of the given abilities should be granted for the current user. * * @param iterable|string $abilities * @param array|mixed $arguments * @return bool */ public function any($abilities, $arguments = []) { return collect($abilities)->contains(fn ($ability) => $this->check($ability, $arguments)); } /** * Determine if all of the given abilities should be denied for the current user. * * @param iterable|string $abilities * @param array|mixed $arguments * @return bool */ public function none($abilities, $arguments = []) { return ! $this->any($abilities, $arguments); } /** * Determine if the given ability should be granted for the current user. * * @param string $ability * @param array|mixed $arguments * @return \Illuminate\Auth\Access\Response * * @throws \Illuminate\Auth\Access\AuthorizationException */ public function authorize($ability, $arguments = []) { return $this->inspect($ability, $arguments)->authorize(); } /** * Inspect the user for the given ability. * * @param string $ability * @param array|mixed $arguments * @return \Illuminate\Auth\Access\Response */ public function inspect($ability, $arguments = []) { try { $result = $this->raw($ability, $arguments); if ($result instanceof Response) { return $result; } return $result ? Response::allow() : ($this->defaultDenialResponse ?? Response::deny()); } catch (AuthorizationException $e) { return $e->toResponse(); } } /** * Get the raw result from the authorization callback. * * @param string $ability * @param array|mixed $arguments * @return mixed * * @throws \Illuminate\Auth\Access\AuthorizationException */ public function raw($ability, $arguments = []) { $arguments = Arr::wrap($arguments); $user = $this->resolveUser(); // First we will call the "before" callbacks for the Gate. If any of these give // back a non-null response, we will immediately return that result in order // to let the developers override all checks for some authorization cases. $result = $this->callBeforeCallbacks( $user, $ability, $arguments ); if (is_null($result)) { $result = $this->callAuthCallback($user, $ability, $arguments); } // After calling the authorization callback, we will call the "after" callbacks // that are registered with the Gate, which allows a developer to do logging // if that is required for this application. Then we'll return the result. return tap($this->callAfterCallbacks( $user, $ability, $arguments, $result ), function ($result) use ($user, $ability, $arguments) { $this->dispatchGateEvaluatedEvent($user, $ability, $arguments, $result); }); } /** * Determine whether the callback/method can be called with the given user. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param \Closure|string|array $class * @param string|null $method * @return bool */ protected function canBeCalledWithUser($user, $class, $method = null) { if (! is_null($user)) { return true; } if (! is_null($method)) { return $this->methodAllowsGuests($class, $method); } if (is_array($class)) { $className = is_string($class[0]) ? $class[0] : get_class($class[0]); return $this->methodAllowsGuests($className, $class[1]); } return $this->callbackAllowsGuests($class); } /** * Determine if the given class method allows guests. * * @param string $class * @param string $method * @return bool */ protected function methodAllowsGuests($class, $method) { try { $reflection = new ReflectionClass($class); $method = $reflection->getMethod($method); } catch (Exception) { return false; } if ($method) { $parameters = $method->getParameters(); return isset($parameters[0]) && $this->parameterAllowsGuests($parameters[0]); } return false; } /** * Determine if the callback allows guests. * * @param callable $callback * @return bool * * @throws \ReflectionException */ protected function callbackAllowsGuests($callback) { $parameters = (new ReflectionFunction($callback))->getParameters(); return isset($parameters[0]) && $this->parameterAllowsGuests($parameters[0]); } /** * Determine if the given parameter allows guests. * * @param \ReflectionParameter $parameter * @return bool */ protected function parameterAllowsGuests($parameter) { return ($parameter->hasType() && $parameter->allowsNull()) || ($parameter->isDefaultValueAvailable() && is_null($parameter->getDefaultValue())); } /** * Resolve and call the appropriate authorization callback. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param string $ability * @param array $arguments * @return bool */ protected function callAuthCallback($user, $ability, array $arguments) { $callback = $this->resolveAuthCallback($user, $ability, $arguments); return $callback($user, ...$arguments); } /** * Call all of the before callbacks and return if a result is given. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param string $ability * @param array $arguments * @return bool|null */ protected function callBeforeCallbacks($user, $ability, array $arguments) { foreach ($this->beforeCallbacks as $before) { if (! $this->canBeCalledWithUser($user, $before)) { continue; } if (! is_null($result = $before($user, $ability, $arguments))) { return $result; } } } /** * Call all of the after callbacks with check result. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param string $ability * @param array $arguments * @param bool $result * @return bool|null */ protected function callAfterCallbacks($user, $ability, array $arguments, $result) { foreach ($this->afterCallbacks as $after) { if (! $this->canBeCalledWithUser($user, $after)) { continue; } $afterResult = $after($user, $ability, $result, $arguments); $result ??= $afterResult; } return $result; } /** * Dispatch a gate evaluation event. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param string $ability * @param array $arguments * @param bool|null $result * @return void */ protected function dispatchGateEvaluatedEvent($user, $ability, array $arguments, $result) { if ($this->container->bound(Dispatcher::class)) { $this->container->make(Dispatcher::class)->dispatch( new GateEvaluated($user, $ability, $result, $arguments) ); } } /** * Resolve the callable for the given ability and arguments. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param string $ability * @param array $arguments * @return callable */ protected function resolveAuthCallback($user, $ability, array $arguments) { if (isset($arguments[0]) && ! is_null($policy = $this->getPolicyFor($arguments[0])) && $callback = $this->resolvePolicyCallback($user, $ability, $arguments, $policy)) { return $callback; } if (isset($this->stringCallbacks[$ability])) { [$class, $method] = Str::parseCallback($this->stringCallbacks[$ability]); if ($this->canBeCalledWithUser($user, $class, $method ?: '__invoke')) { return $this->abilities[$ability]; } } if (isset($this->abilities[$ability]) && $this->canBeCalledWithUser($user, $this->abilities[$ability])) { return $this->abilities[$ability]; } return function () { // }; } /** * Get a policy instance for a given class. * * @param object|string $class * @return mixed */ public function getPolicyFor($class) { if (is_object($class)) { $class = get_class($class); } if (! is_string($class)) { return; } if (isset($this->policies[$class])) { return $this->resolvePolicy($this->policies[$class]); } foreach ($this->guessPolicyName($class) as $guessedPolicy) { if (class_exists($guessedPolicy)) { return $this->resolvePolicy($guessedPolicy); } } foreach ($this->policies as $expected => $policy) { if (is_subclass_of($class, $expected)) { return $this->resolvePolicy($policy); } } } /** * Guess the policy name for the given class. * * @param string $class * @return array */ protected function guessPolicyName($class) { if ($this->guessPolicyNamesUsingCallback) { return Arr::wrap(call_user_func($this->guessPolicyNamesUsingCallback, $class)); } $classDirname = str_replace('/', '\\', dirname(str_replace('\\', '/', $class))); $classDirnameSegments = explode('\\', $classDirname); return Arr::wrap(Collection::times(count($classDirnameSegments), function ($index) use ($class, $classDirnameSegments) { $classDirname = implode('\\', array_slice($classDirnameSegments, 0, $index)); return $classDirname.'\\Policies\\'.class_basename($class).'Policy'; })->reverse()->values()->first(function ($class) { return class_exists($class); }) ?: [$classDirname.'\\Policies\\'.class_basename($class).'Policy']); } /** * Specify a callback to be used to guess policy names. * * @param callable $callback * @return $this */ public function guessPolicyNamesUsing(callable $callback) { $this->guessPolicyNamesUsingCallback = $callback; return $this; } /** * Build a policy class instance of the given type. * * @param object|string $class * @return mixed * * @throws \Illuminate\Contracts\Container\BindingResolutionException */ public function resolvePolicy($class) { return $this->container->make($class); } /** * Resolve the callback for a policy check. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param string $ability * @param array $arguments * @param mixed $policy * @return bool|callable */ protected function resolvePolicyCallback($user, $ability, array $arguments, $policy) { if (! is_callable([$policy, $this->formatAbilityToMethod($ability)])) { return false; } return function () use ($user, $ability, $arguments, $policy) { // This callback will be responsible for calling the policy's before method and // running this policy method if necessary. This is used to when objects are // mapped to policy objects in the user's configurations or on this class. $result = $this->callPolicyBefore( $policy, $user, $ability, $arguments ); // When we receive a non-null result from this before method, we will return it // as the "final" results. This will allow developers to override the checks // in this policy to return the result for all rules defined in the class. if (! is_null($result)) { return $result; } $method = $this->formatAbilityToMethod($ability); return $this->callPolicyMethod($policy, $method, $user, $arguments); }; } /** * Call the "before" method on the given policy, if applicable. * * @param mixed $policy * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param string $ability * @param array $arguments * @return mixed */ protected function callPolicyBefore($policy, $user, $ability, $arguments) { if (! method_exists($policy, 'before')) { return; } if ($this->canBeCalledWithUser($user, $policy, 'before')) { return $policy->before($user, $ability, ...$arguments); } } /** * Call the appropriate method on the given policy. * * @param mixed $policy * @param string $method * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param array $arguments * @return mixed */ protected function callPolicyMethod($policy, $method, $user, array $arguments) { // If this first argument is a string, that means they are passing a class name // to the policy. We will remove the first argument from this argument array // because this policy already knows what type of models it can authorize. if (isset($arguments[0]) && is_string($arguments[0])) { array_shift($arguments); } if (! is_callable([$policy, $method])) { return; } if ($this->canBeCalledWithUser($user, $policy, $method)) { return $policy->{$method}($user, ...$arguments); } } /** * Format the policy ability into a method name. * * @param string $ability * @return string */ protected function formatAbilityToMethod($ability) { return str_contains($ability, '-') ? Str::camel($ability) : $ability; } /** * Get a gate instance for the given user. * * @param \Illuminate\Contracts\Auth\Authenticatable|mixed $user * @return static */ public function forUser($user) { $callback = fn () => $user; return new static( $this->container, $callback, $this->abilities, $this->policies, $this->beforeCallbacks, $this->afterCallbacks, $this->guessPolicyNamesUsingCallback ); } /** * Resolve the user from the user resolver. * * @return mixed */ protected function resolveUser() { return call_user_func($this->userResolver); } /** * Get all of the defined abilities. * * @return array */ public function abilities() { return $this->abilities; } /** * Get all of the defined policies. * * @return array */ public function policies() { return $this->policies; } /** * Set the default denial response for gates and policies. * * @param \Illuminate\Auth\Access\Response $response * @return $this */ public function defaultDenialResponse(Response $response) { $this->defaultDenialResponse = $response; return $this; } /** * Set the container instance used by the gate. * * @param \Illuminate\Contracts\Container\Container $container * @return $this */ public function setContainer(Container $container) { $this->container = $container; return $this; } } PK!YZ3FFAccess/HandlesAuthorization.phpnuȯuser = $user; $this->ability = $ability; $this->result = $result; $this->arguments = $arguments; } } PK!p \x x TokenGuard.phpnuȯhash = $hash; $this->request = $request; $this->provider = $provider; $this->inputKey = $inputKey; $this->storageKey = $storageKey; } /** * Get the currently authenticated user. * * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function user() { // If we've already retrieved the user for the current request we can just // return it back immediately. We do not want to fetch the user data on // every call to this method because that would be tremendously slow. if (! is_null($this->user)) { return $this->user; } $user = null; $token = $this->getTokenForRequest(); if (! empty($token)) { $user = $this->provider->retrieveByCredentials([ $this->storageKey => $this->hash ? hash('sha256', $token) : $token, ]); } return $this->user = $user; } /** * Get the token for the current request. * * @return string|null */ public function getTokenForRequest() { $token = $this->request->query($this->inputKey); if (empty($token)) { $token = $this->request->input($this->inputKey); } if (empty($token)) { $token = $this->request->bearerToken(); } if (empty($token)) { $token = $this->request->getPassword(); } return $token; } /** * Validate a user's credentials. * * @param array $credentials * @return bool */ public function validate(array $credentials = []) { if (empty($credentials[$this->inputKey])) { return false; } $credentials = [$this->storageKey => $credentials[$this->inputKey]]; if ($this->provider->retrieveByCredentials($credentials)) { return true; } return false; } /** * Set the current request instance. * * @param \Illuminate\Http\Request $request * @return $this */ public function setRequest(Request $request) { $this->request = $request; return $this; } } PK!] GuardHelpers.phpnuȯuser() ?? throw new AuthenticationException; } /** * Determine if the guard has a user instance. * * @return bool */ public function hasUser() { return ! is_null($this->user); } /** * Determine if the current user is authenticated. * * @return bool */ public function check() { return ! is_null($this->user()); } /** * Determine if the current user is a guest. * * @return bool */ public function guest() { return ! $this->check(); } /** * Get the ID for the currently authenticated user. * * @return int|string|null */ public function id() { if ($this->user()) { return $this->user()->getAuthIdentifier(); } } /** * Set the current user. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return $this */ public function setUser(AuthenticatableContract $user) { $this->user = $user; return $this; } /** * Forget the current user. * * @return $this */ public function forgetUser() { $this->user = null; return $this; } /** * Get the user provider used by the guard. * * @return \Illuminate\Contracts\Auth\UserProvider */ public function getProvider() { return $this->provider; } /** * Set the user provider used by the guard. * * @param \Illuminate\Contracts\Auth\UserProvider $provider * @return void */ public function setProvider(UserProvider $provider) { $this->provider = $provider; } } PK!Ge. CreatesUserProviders.phpnuȯgetProviderConfiguration($provider))) { return; } if (isset($this->customProviderCreators[$driver = ($config['driver'] ?? null)])) { return call_user_func( $this->customProviderCreators[$driver], $this->app, $config ); } return match ($driver) { 'database' => $this->createDatabaseProvider($config), 'eloquent' => $this->createEloquentProvider($config), default => throw new InvalidArgumentException( "Authentication user provider [{$driver}] is not defined." ), }; } /** * Get the user provider configuration. * * @param string|null $provider * @return array|null */ protected function getProviderConfiguration($provider) { if ($provider = $provider ?: $this->getDefaultUserProvider()) { return $this->app['config']['auth.providers.'.$provider]; } } /** * Create an instance of the database user provider. * * @param array $config * @return \Illuminate\Auth\DatabaseUserProvider */ protected function createDatabaseProvider($config) { $connection = $this->app['db']->connection($config['connection'] ?? null); return new DatabaseUserProvider($connection, $this->app['hash'], $config['table']); } /** * Create an instance of the Eloquent user provider. * * @param array $config * @return \Illuminate\Auth\EloquentUserProvider */ protected function createEloquentProvider($config) { return new EloquentUserProvider($this->app['hash'], $config['model']); } /** * Get the default user provider name. * * @return string */ public function getDefaultUserProvider() { return $this->app['config']['auth.defaults.provider']; } } PK!a@eeDatabaseUserProvider.phpnuȯconnection = $connection; $this->table = $table; $this->hasher = $hasher; } /** * Retrieve a user by their unique identifier. * * @param mixed $identifier * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveById($identifier) { $user = $this->connection->table($this->table)->find($identifier); return $this->getGenericUser($user); } /** * Retrieve a user by their unique identifier and "remember me" token. * * @param mixed $identifier * @param string $token * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveByToken($identifier, $token) { $user = $this->getGenericUser( $this->connection->table($this->table)->find($identifier) ); return $user && $user->getRememberToken() && hash_equals($user->getRememberToken(), $token) ? $user : null; } /** * Update the "remember me" token for the given user in storage. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param string $token * @return void */ public function updateRememberToken(UserContract $user, $token) { $this->connection->table($this->table) ->where($user->getAuthIdentifierName(), $user->getAuthIdentifier()) ->update([$user->getRememberTokenName() => $token]); } /** * Retrieve a user by the given credentials. * * @param array $credentials * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveByCredentials(array $credentials) { $credentials = array_filter( $credentials, fn ($key) => ! str_contains($key, 'password'), ARRAY_FILTER_USE_KEY ); if (empty($credentials)) { return; } // First we will add each credential element to the query as a where clause. // Then we can execute the query and, if we found a user, return it in a // generic "user" object that will be utilized by the Guard instances. $query = $this->connection->table($this->table); foreach ($credentials as $key => $value) { if (is_array($value) || $value instanceof Arrayable) { $query->whereIn($key, $value); } elseif ($value instanceof Closure) { $value($query); } else { $query->where($key, $value); } } // Now we are ready to execute the query to see if we have a user matching // the given credentials. If not, we will just return null and indicate // that there are no matching users from the given credential arrays. $user = $query->first(); return $this->getGenericUser($user); } /** * Get the generic user. * * @param mixed $user * @return \Illuminate\Auth\GenericUser|null */ protected function getGenericUser($user) { if (! is_null($user)) { return new GenericUser((array) $user); } } /** * Validate a user against the given credentials. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param array $credentials * @return bool */ public function validateCredentials(UserContract $user, array $credentials) { return $this->hasher->check( $credentials['password'], $user->getAuthPassword() ); } } PK!*Do& & AuthServiceProvider.phpnuȯregisterAuthenticator(); $this->registerUserResolver(); $this->registerAccessGate(); $this->registerRequirePassword(); $this->registerRequestRebindHandler(); $this->registerEventRebindHandler(); } /** * Register the authenticator services. * * @return void */ protected function registerAuthenticator() { $this->app->singleton('auth', fn ($app) => new AuthManager($app)); $this->app->singleton('auth.driver', fn ($app) => $app['auth']->guard()); } /** * Register a resolver for the authenticated user. * * @return void */ protected function registerUserResolver() { $this->app->bind(AuthenticatableContract::class, fn ($app) => call_user_func($app['auth']->userResolver())); } /** * Register the access gate service. * * @return void */ protected function registerAccessGate() { $this->app->singleton(GateContract::class, function ($app) { return new Gate($app, fn () => call_user_func($app['auth']->userResolver())); }); } /** * Register a resolver for the authenticated user. * * @return void */ protected function registerRequirePassword() { $this->app->bind(RequirePassword::class, function ($app) { return new RequirePassword( $app[ResponseFactory::class], $app[UrlGenerator::class], $app['config']->get('auth.password_timeout') ); }); } /** * Handle the re-binding of the request binding. * * @return void */ protected function registerRequestRebindHandler() { $this->app->rebinding('request', function ($app, $request) { $request->setUserResolver(function ($guard = null) use ($app) { return call_user_func($app['auth']->userResolver(), $guard); }); }); } /** * Handle the re-binding of the event dispatcher binding. * * @return void */ protected function registerEventRebindHandler() { $this->app->rebinding('events', function ($app, $dispatcher) { if (! $app->resolved('auth') || $app['auth']->hasResolvedGuards() === false) { return; } if (method_exists($guard = $app['auth']->guard(), 'setDispatcher')) { $guard->setDispatcher($dispatcher); } }); } } PK!O\ZZPasswords/CanResetPassword.phpnuȯemail; } /** * Send the password reset notification. * * @param string $token * @return void */ public function sendPasswordResetNotification($token) { $this->notify(new ResetPasswordNotification($token)); } } PK!HO*Passwords/PasswordResetServiceProvider.phpnuȯregisterPasswordBroker(); } /** * Register the password broker instance. * * @return void */ protected function registerPasswordBroker() { $this->app->singleton('auth.password', function ($app) { return new PasswordBrokerManager($app); }); $this->app->bind('auth.password.broker', function ($app) { return $app->make('auth.password')->broker(); }); } /** * Get the services provided by the provider. * * @return array */ public function provides() { return ['auth.password', 'auth.password.broker']; } } PK!KVp__#Passwords/PasswordBrokerManager.phpnuȯapp = $app; } /** * Attempt to get the broker from the local cache. * * @param string|null $name * @return \Illuminate\Contracts\Auth\PasswordBroker */ public function broker($name = null) { $name = $name ?: $this->getDefaultDriver(); return $this->brokers[$name] ?? ($this->brokers[$name] = $this->resolve($name)); } /** * Resolve the given broker. * * @param string $name * @return \Illuminate\Contracts\Auth\PasswordBroker * * @throws \InvalidArgumentException */ protected function resolve($name) { $config = $this->getConfig($name); if (is_null($config)) { throw new InvalidArgumentException("Password resetter [{$name}] is not defined."); } // The password broker uses a token repository to validate tokens and send user // password e-mails, as well as validating that password reset process as an // aggregate service of sorts providing a convenient interface for resets. return new PasswordBroker( $this->createTokenRepository($config), $this->app['auth']->createUserProvider($config['provider'] ?? null) ); } /** * Create a token repository instance based on the given configuration. * * @param array $config * @return \Illuminate\Auth\Passwords\TokenRepositoryInterface */ protected function createTokenRepository(array $config) { $key = $this->app['config']['app.key']; if (str_starts_with($key, 'base64:')) { $key = base64_decode(substr($key, 7)); } $connection = $config['connection'] ?? null; return new DatabaseTokenRepository( $this->app['db']->connection($connection), $this->app['hash'], $config['table'], $key, $config['expire'], $config['throttle'] ?? 0 ); } /** * Get the password broker configuration. * * @param string $name * @return array|null */ protected function getConfig($name) { return $this->app['config']["auth.passwords.{$name}"]; } /** * Get the default password broker name. * * @return string */ public function getDefaultDriver() { return $this->app['config']['auth.defaults.passwords']; } /** * Set the default password broker name. * * @param string $name * @return void */ public function setDefaultDriver($name) { $this->app['config']['auth.defaults.passwords'] = $name; } /** * Dynamically call the default driver instance. * * @param string $method * @param array $parameters * @return mixed */ public function __call($method, $parameters) { return $this->broker()->{$method}(...$parameters); } } PK!.==%Passwords/DatabaseTokenRepository.phpnuȯtable = $table; $this->hasher = $hasher; $this->hashKey = $hashKey; $this->expires = $expires * 60; $this->connection = $connection; $this->throttle = $throttle; } /** * Create a new token record. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return string */ public function create(CanResetPasswordContract $user) { $email = $user->getEmailForPasswordReset(); $this->deleteExisting($user); // We will create a new, random token for the user so that we can e-mail them // a safe link to the password reset form. Then we will insert a record in // the database so that we can verify the token within the actual reset. $token = $this->createNewToken(); $this->getTable()->insert($this->getPayload($email, $token)); return $token; } /** * Delete all existing reset tokens from the database. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return int */ protected function deleteExisting(CanResetPasswordContract $user) { return $this->getTable()->where('email', $user->getEmailForPasswordReset())->delete(); } /** * Build the record payload for the table. * * @param string $email * @param string $token * @return array */ protected function getPayload($email, $token) { return ['email' => $email, 'token' => $this->hasher->make($token), 'created_at' => new Carbon]; } /** * Determine if a token record exists and is valid. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @param string $token * @return bool */ public function exists(CanResetPasswordContract $user, $token) { $record = (array) $this->getTable()->where( 'email', $user->getEmailForPasswordReset() )->first(); return $record && ! $this->tokenExpired($record['created_at']) && $this->hasher->check($token, $record['token']); } /** * Determine if the token has expired. * * @param string $createdAt * @return bool */ protected function tokenExpired($createdAt) { return Carbon::parse($createdAt)->addSeconds($this->expires)->isPast(); } /** * Determine if the given user recently created a password reset token. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return bool */ public function recentlyCreatedToken(CanResetPasswordContract $user) { $record = (array) $this->getTable()->where( 'email', $user->getEmailForPasswordReset() )->first(); return $record && $this->tokenRecentlyCreated($record['created_at']); } /** * Determine if the token was recently created. * * @param string $createdAt * @return bool */ protected function tokenRecentlyCreated($createdAt) { if ($this->throttle <= 0) { return false; } return Carbon::parse($createdAt)->addSeconds( $this->throttle )->isFuture(); } /** * Delete a token record by user. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return void */ public function delete(CanResetPasswordContract $user) { $this->deleteExisting($user); } /** * Delete expired tokens. * * @return void */ public function deleteExpired() { $expiredAt = Carbon::now()->subSeconds($this->expires); $this->getTable()->where('created_at', '<', $expiredAt)->delete(); } /** * Create a new token for the user. * * @return string */ public function createNewToken() { return hash_hmac('sha256', Str::random(40), $this->hashKey); } /** * Get the database connection instance. * * @return \Illuminate\Database\ConnectionInterface */ public function getConnection() { return $this->connection; } /** * Begin a new database query against the table. * * @return \Illuminate\Database\Query\Builder */ protected function getTable() { return $this->connection->table($this->table); } /** * Get the hasher instance. * * @return \Illuminate\Contracts\Hashing\Hasher */ public function getHasher() { return $this->hasher; } } PK!sPasswords/PasswordBroker.phpnuȯusers = $users; $this->tokens = $tokens; } /** * Send a password reset link to a user. * * @param array $credentials * @param \Closure|null $callback * @return string */ public function sendResetLink(array $credentials, Closure $callback = null) { // First we will check to see if we found a user at the given credentials and // if we did not we will redirect back to this current URI with a piece of // "flash" data in the session to indicate to the developers the errors. $user = $this->getUser($credentials); if (is_null($user)) { return static::INVALID_USER; } if ($this->tokens->recentlyCreatedToken($user)) { return static::RESET_THROTTLED; } $token = $this->tokens->create($user); if ($callback) { return $callback($user, $token) ?? static::RESET_LINK_SENT; } // Once we have the reset token, we are ready to send the message out to this // user with a link to reset their password. We will then redirect back to // the current URI having nothing set in the session to indicate errors. $user->sendPasswordResetNotification($token); return static::RESET_LINK_SENT; } /** * Reset the password for the given token. * * @param array $credentials * @param \Closure $callback * @return mixed */ public function reset(array $credentials, Closure $callback) { $user = $this->validateReset($credentials); // If the responses from the validate method is not a user instance, we will // assume that it is a redirect and simply return it from this method and // the user is properly redirected having an error message on the post. if (! $user instanceof CanResetPasswordContract) { return $user; } $password = $credentials['password']; // Once the reset has been validated, we'll call the given callback with the // new password. This gives the user an opportunity to store the password // in their persistent storage. Then we'll delete the token and return. $callback($user, $password); $this->tokens->delete($user); return static::PASSWORD_RESET; } /** * Validate a password reset for the given credentials. * * @param array $credentials * @return \Illuminate\Contracts\Auth\CanResetPassword|string */ protected function validateReset(array $credentials) { if (is_null($user = $this->getUser($credentials))) { return static::INVALID_USER; } if (! $this->tokens->exists($user, $credentials['token'])) { return static::INVALID_TOKEN; } return $user; } /** * Get the user for the given credentials. * * @param array $credentials * @return \Illuminate\Contracts\Auth\CanResetPassword|null * * @throws \UnexpectedValueException */ public function getUser(array $credentials) { $credentials = Arr::except($credentials, ['token']); $user = $this->users->retrieveByCredentials($credentials); if ($user && ! $user instanceof CanResetPasswordContract) { throw new UnexpectedValueException('User must implement CanResetPassword interface.'); } return $user; } /** * Create a new password reset token for the given user. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return string */ public function createToken(CanResetPasswordContract $user) { return $this->tokens->create($user); } /** * Delete password reset tokens of the given user. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return void */ public function deleteToken(CanResetPasswordContract $user) { $this->tokens->delete($user); } /** * Validate the given password reset token. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @param string $token * @return bool */ public function tokenExists(CanResetPasswordContract $user, $token) { return $this->tokens->exists($user, $token); } /** * Get the password reset token repository implementation. * * @return \Illuminate\Auth\Passwords\TokenRepositoryInterface */ public function getRepository() { return $this->tokens; } } PK!Ux2&Passwords/TokenRepositoryInterface.phpnuȯemail_verified_at); } /** * Mark the given user's email as verified. * * @return bool */ public function markEmailAsVerified() { return $this->forceFill([ 'email_verified_at' => $this->freshTimestamp(), ])->save(); } /** * Send the email verification notification. * * @return void */ public function sendEmailVerificationNotification() { $this->notify(new VerifyEmail); } /** * Get the email address that should be used for verification. * * @return string */ public function getEmailForVerification() { return $this->email; } } PK!c GenericUser.phpnuȯattributes = $attributes; } /** * Get the name of the unique identifier for the user. * * @return string */ public function getAuthIdentifierName() { return 'id'; } /** * Get the unique identifier for the user. * * @return mixed */ public function getAuthIdentifier() { return $this->attributes[$this->getAuthIdentifierName()]; } /** * Get the password for the user. * * @return string */ public function getAuthPassword() { return $this->attributes['password']; } /** * Get the "remember me" token value. * * @return string */ public function getRememberToken() { return $this->attributes[$this->getRememberTokenName()]; } /** * Set the "remember me" token value. * * @param string $value * @return void */ public function setRememberToken($value) { $this->attributes[$this->getRememberTokenName()] = $value; } /** * Get the column name for the "remember me" token. * * @return string */ public function getRememberTokenName() { return 'remember_token'; } /** * Dynamically access the user's attributes. * * @param string $key * @return mixed */ public function __get($key) { return $this->attributes[$key]; } /** * Dynamically set an attribute on the user. * * @param string $key * @param mixed $value * @return void */ public function __set($key, $value) { $this->attributes[$key] = $value; } /** * Dynamically check if a value is set on the user. * * @param string $key * @return bool */ public function __isset($key) { return isset($this->attributes[$key]); } /** * Dynamically unset a value on the user. * * @param string $key * @return void */ public function __unset($key) { unset($this->attributes[$key]); } } PK!,4Z/Listeners/SendEmailVerificationNotification.phpnuȯuser instanceof MustVerifyEmail && ! $event->user->hasVerifiedEmail()) { $event->user->sendEmailVerificationNotification(); } } } PK!α33 LICENSE.mdnuȯThe MIT License (MIT) Copyright (c) Taylor Otwell Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. PK!JJJAuthenticationException.phpnuȯguards = $guards; $this->redirectTo = $redirectTo; } /** * Get the guards that were checked. * * @return array */ public function guards() { return $this->guards; } /** * Get the path the user should be redirected to. * * @return string|null */ public function redirectTo() { return $this->redirectTo; } } PK! 9VV Recaller.phpnuȯrecaller = @unserialize($recaller, ['allowed_classes' => false]) ?: $recaller; } /** * Get the user ID from the recaller. * * @return string */ public function id() { return explode('|', $this->recaller, 3)[0]; } /** * Get the "remember token" token from the recaller. * * @return string */ public function token() { return explode('|', $this->recaller, 3)[1]; } /** * Get the password from the recaller. * * @return string */ public function hash() { return explode('|', $this->recaller, 4)[2]; } /** * Determine if the recaller is valid. * * @return bool */ public function valid() { return $this->properString() && $this->hasAllSegments(); } /** * Determine if the recaller is an invalid string. * * @return bool */ protected function properString() { return is_string($this->recaller) && str_contains($this->recaller, '|'); } /** * Determine if the recaller has all segments. * * @return bool */ protected function hasAllSegments() { $segments = explode('|', $this->recaller); return count($segments) >= 3 && trim($segments[0]) !== '' && trim($segments[1]) !== ''; } /** * Get the recaller's segments. * * @return array */ public function segments() { return explode('|', $this->recaller); } } PK!=m/ composer.jsonnuȯ{ "name": "illuminate/auth", "description": "The Illuminate Auth package.", "license": "MIT", "homepage": "https://laravel.com", "support": { "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, "authors": [ { "name": "Taylor Otwell", "email": "taylor@laravel.com" } ], "require": { "php": "^8.1", "ext-hash": "*", "illuminate/collections": "^10.0", "illuminate/contracts": "^10.0", "illuminate/http": "^10.0", "illuminate/macroable": "^10.0", "illuminate/queue": "^10.0", "illuminate/support": "^10.0" }, "autoload": { "psr-4": { "Illuminate\\Auth\\": "" } }, "extra": { "branch-alias": { "dev-master": "10.x-dev" } }, "suggest": { "illuminate/console": "Required to use the auth:clear-resets command (^10.0).", "illuminate/queue": "Required to fire login / logout events (^10.0).", "illuminate/session": "Required to use the session based guard (^10.0)." }, "config": { "sort-packages": true }, "minimum-stability": "dev" } PK!iiSessionGuard.phpnuȯname = $name; $this->session = $session; $this->request = $request; $this->provider = $provider; $this->timebox = $timebox ?: new Timebox; } /** * Get the currently authenticated user. * * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function user() { if ($this->loggedOut) { return; } // If we've already retrieved the user for the current request we can just // return it back immediately. We do not want to fetch the user data on // every call to this method because that would be tremendously slow. if (! is_null($this->user)) { return $this->user; } $id = $this->session->get($this->getName()); // First we will try to load the user using the identifier in the session if // one exists. Otherwise we will check for a "remember me" cookie in this // request, and if one exists, attempt to retrieve the user using that. if (! is_null($id) && $this->user = $this->provider->retrieveById($id)) { $this->fireAuthenticatedEvent($this->user); } // If the user is null, but we decrypt a "recaller" cookie we can attempt to // pull the user data on that cookie which serves as a remember cookie on // the application. Once we have a user we can return it to the caller. if (is_null($this->user) && ! is_null($recaller = $this->recaller())) { $this->user = $this->userFromRecaller($recaller); if ($this->user) { $this->updateSession($this->user->getAuthIdentifier()); $this->fireLoginEvent($this->user, true); } } return $this->user; } /** * Pull a user from the repository by its "remember me" cookie token. * * @param \Illuminate\Auth\Recaller $recaller * @return mixed */ protected function userFromRecaller($recaller) { if (! $recaller->valid() || $this->recallAttempted) { return; } // If the user is null, but we decrypt a "recaller" cookie we can attempt to // pull the user data on that cookie which serves as a remember cookie on // the application. Once we have a user we can return it to the caller. $this->recallAttempted = true; $this->viaRemember = ! is_null($user = $this->provider->retrieveByToken( $recaller->id(), $recaller->token() )); return $user; } /** * Get the decrypted recaller cookie for the request. * * @return \Illuminate\Auth\Recaller|null */ protected function recaller() { if (is_null($this->request)) { return; } if ($recaller = $this->request->cookies->get($this->getRecallerName())) { return new Recaller($recaller); } } /** * Get the ID for the currently authenticated user. * * @return int|string|null */ public function id() { if ($this->loggedOut) { return; } return $this->user() ? $this->user()->getAuthIdentifier() : $this->session->get($this->getName()); } /** * Log a user into the application without sessions or cookies. * * @param array $credentials * @return bool */ public function once(array $credentials = []) { $this->fireAttemptEvent($credentials); if ($this->validate($credentials)) { $this->setUser($this->lastAttempted); return true; } return false; } /** * Log the given user ID into the application without sessions or cookies. * * @param mixed $id * @return \Illuminate\Contracts\Auth\Authenticatable|false */ public function onceUsingId($id) { if (! is_null($user = $this->provider->retrieveById($id))) { $this->setUser($user); return $user; } return false; } /** * Validate a user's credentials. * * @param array $credentials * @return bool */ public function validate(array $credentials = []) { $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials); return $this->hasValidCredentials($user, $credentials); } /** * Attempt to authenticate using HTTP Basic Auth. * * @param string $field * @param array $extraConditions * @return \Symfony\Component\HttpFoundation\Response|null * * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException */ public function basic($field = 'email', $extraConditions = []) { if ($this->check()) { return; } // If a username is set on the HTTP basic request, we will return out without // interrupting the request lifecycle. Otherwise, we'll need to generate a // request indicating that the given credentials were invalid for login. if ($this->attemptBasic($this->getRequest(), $field, $extraConditions)) { return; } return $this->failedBasicResponse(); } /** * Perform a stateless HTTP Basic login attempt. * * @param string $field * @param array $extraConditions * @return \Symfony\Component\HttpFoundation\Response|null * * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException */ public function onceBasic($field = 'email', $extraConditions = []) { $credentials = $this->basicCredentials($this->getRequest(), $field); if (! $this->once(array_merge($credentials, $extraConditions))) { return $this->failedBasicResponse(); } } /** * Attempt to authenticate using basic authentication. * * @param \Symfony\Component\HttpFoundation\Request $request * @param string $field * @param array $extraConditions * @return bool */ protected function attemptBasic(Request $request, $field, $extraConditions = []) { if (! $request->getUser()) { return false; } return $this->attempt(array_merge( $this->basicCredentials($request, $field), $extraConditions )); } /** * Get the credential array for an HTTP Basic request. * * @param \Symfony\Component\HttpFoundation\Request $request * @param string $field * @return array */ protected function basicCredentials(Request $request, $field) { return [$field => $request->getUser(), 'password' => $request->getPassword()]; } /** * Get the response for basic authentication. * * @return void * * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException */ protected function failedBasicResponse() { throw new UnauthorizedHttpException('Basic', 'Invalid credentials.'); } /** * Attempt to authenticate a user using the given credentials. * * @param array $credentials * @param bool $remember * @return bool */ public function attempt(array $credentials = [], $remember = false) { $this->fireAttemptEvent($credentials, $remember); $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials); // If an implementation of UserInterface was returned, we'll ask the provider // to validate the user against the given credentials, and if they are in // fact valid we'll log the users into the application and return true. if ($this->hasValidCredentials($user, $credentials)) { $this->login($user, $remember); return true; } // If the authentication attempt fails we will fire an event so that the user // may be notified of any suspicious attempts to access their account from // an unrecognized user. A developer may listen to this event as needed. $this->fireFailedEvent($user, $credentials); return false; } /** * Attempt to authenticate a user with credentials and additional callbacks. * * @param array $credentials * @param array|callable|null $callbacks * @param bool $remember * @return bool */ public function attemptWhen(array $credentials = [], $callbacks = null, $remember = false) { $this->fireAttemptEvent($credentials, $remember); $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials); // This method does the exact same thing as attempt, but also executes callbacks after // the user is retrieved and validated. If one of the callbacks returns falsy we do // not login the user. Instead, we will fail the specific authentication attempt. if ($this->hasValidCredentials($user, $credentials) && $this->shouldLogin($callbacks, $user)) { $this->login($user, $remember); return true; } $this->fireFailedEvent($user, $credentials); return false; } /** * Determine if the user matches the credentials. * * @param mixed $user * @param array $credentials * @return bool */ protected function hasValidCredentials($user, $credentials) { return $this->timebox->call(function ($timebox) use ($user, $credentials) { $validated = ! is_null($user) && $this->provider->validateCredentials($user, $credentials); if ($validated) { $timebox->returnEarly(); $this->fireValidatedEvent($user); } return $validated; }, 200 * 1000); } /** * Determine if the user should login by executing the given callbacks. * * @param array|callable|null $callbacks * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return bool */ protected function shouldLogin($callbacks, AuthenticatableContract $user) { foreach (Arr::wrap($callbacks) as $callback) { if (! $callback($user, $this)) { return false; } } return true; } /** * Log the given user ID into the application. * * @param mixed $id * @param bool $remember * @return \Illuminate\Contracts\Auth\Authenticatable|false */ public function loginUsingId($id, $remember = false) { if (! is_null($user = $this->provider->retrieveById($id))) { $this->login($user, $remember); return $user; } return false; } /** * Log a user into the application. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param bool $remember * @return void */ public function login(AuthenticatableContract $user, $remember = false) { $this->updateSession($user->getAuthIdentifier()); // If the user should be permanently "remembered" by the application we will // queue a permanent cookie that contains the encrypted copy of the user // identifier. We will then decrypt this later to retrieve the users. if ($remember) { $this->ensureRememberTokenIsSet($user); $this->queueRecallerCookie($user); } // If we have an event dispatcher instance set we will fire an event so that // any listeners will hook into the authentication events and run actions // based on the login and logout events fired from the guard instances. $this->fireLoginEvent($user, $remember); $this->setUser($user); } /** * Update the session with the given ID. * * @param string $id * @return void */ protected function updateSession($id) { $this->session->put($this->getName(), $id); $this->session->migrate(true); } /** * Create a new "remember me" token for the user if one doesn't already exist. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function ensureRememberTokenIsSet(AuthenticatableContract $user) { if (empty($user->getRememberToken())) { $this->cycleRememberToken($user); } } /** * Queue the recaller cookie into the cookie jar. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function queueRecallerCookie(AuthenticatableContract $user) { $this->getCookieJar()->queue($this->createRecaller( $user->getAuthIdentifier().'|'.$user->getRememberToken().'|'.$user->getAuthPassword() )); } /** * Create a "remember me" cookie for a given ID. * * @param string $value * @return \Symfony\Component\HttpFoundation\Cookie */ protected function createRecaller($value) { return $this->getCookieJar()->make($this->getRecallerName(), $value, $this->getRememberDuration()); } /** * Log the user out of the application. * * @return void */ public function logout() { $user = $this->user(); $this->clearUserDataFromStorage(); if (! is_null($this->user) && ! empty($user->getRememberToken())) { $this->cycleRememberToken($user); } // If we have an event dispatcher instance, we can fire off the logout event // so any further processing can be done. This allows the developer to be // listening for anytime a user signs out of this application manually. if (isset($this->events)) { $this->events->dispatch(new Logout($this->name, $user)); } // Once we have fired the logout event we will clear the users out of memory // so they are no longer available as the user is no longer considered as // being signed into this application and should not be available here. $this->user = null; $this->loggedOut = true; } /** * Log the user out of the application on their current device only. * * This method does not cycle the "remember" token. * * @return void */ public function logoutCurrentDevice() { $user = $this->user(); $this->clearUserDataFromStorage(); // If we have an event dispatcher instance, we can fire off the logout event // so any further processing can be done. This allows the developer to be // listening for anytime a user signs out of this application manually. if (isset($this->events)) { $this->events->dispatch(new CurrentDeviceLogout($this->name, $user)); } // Once we have fired the logout event we will clear the users out of memory // so they are no longer available as the user is no longer considered as // being signed into this application and should not be available here. $this->user = null; $this->loggedOut = true; } /** * Remove the user data from the session and cookies. * * @return void */ protected function clearUserDataFromStorage() { $this->session->remove($this->getName()); $this->getCookieJar()->unqueue($this->getRecallerName()); if (! is_null($this->recaller())) { $this->getCookieJar()->queue( $this->getCookieJar()->forget($this->getRecallerName()) ); } } /** * Refresh the "remember me" token for the user. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function cycleRememberToken(AuthenticatableContract $user) { $user->setRememberToken($token = Str::random(60)); $this->provider->updateRememberToken($user, $token); } /** * Invalidate other sessions for the current user. * * The application must be using the AuthenticateSession middleware. * * @param string $password * @param string $attribute * @return \Illuminate\Contracts\Auth\Authenticatable|null * * @throws \Illuminate\Auth\AuthenticationException */ public function logoutOtherDevices($password, $attribute = 'password') { if (! $this->user()) { return; } $result = $this->rehashUserPassword($password, $attribute); if ($this->recaller() || $this->getCookieJar()->hasQueued($this->getRecallerName())) { $this->queueRecallerCookie($this->user()); } $this->fireOtherDeviceLogoutEvent($this->user()); return $result; } /** * Rehash the current user's password. * * @param string $password * @param string $attribute * @return \Illuminate\Contracts\Auth\Authenticatable|null * * @throws \InvalidArgumentException */ protected function rehashUserPassword($password, $attribute) { if (! Hash::check($password, $this->user()->{$attribute})) { throw new InvalidArgumentException('The given password does not match the current password.'); } return tap($this->user()->forceFill([ $attribute => Hash::make($password), ]))->save(); } /** * Register an authentication attempt event listener. * * @param mixed $callback * @return void */ public function attempting($callback) { $this->events?->listen(Events\Attempting::class, $callback); } /** * Fire the attempt event with the arguments. * * @param array $credentials * @param bool $remember * @return void */ protected function fireAttemptEvent(array $credentials, $remember = false) { $this->events?->dispatch(new Attempting($this->name, $credentials, $remember)); } /** * Fires the validated event if the dispatcher is set. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function fireValidatedEvent($user) { $this->events?->dispatch(new Validated($this->name, $user)); } /** * Fire the login event if the dispatcher is set. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param bool $remember * @return void */ protected function fireLoginEvent($user, $remember = false) { $this->events?->dispatch(new Login($this->name, $user, $remember)); } /** * Fire the authenticated event if the dispatcher is set. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function fireAuthenticatedEvent($user) { $this->events?->dispatch(new Authenticated($this->name, $user)); } /** * Fire the other device logout event if the dispatcher is set. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return void */ protected function fireOtherDeviceLogoutEvent($user) { $this->events?->dispatch(new OtherDeviceLogout($this->name, $user)); } /** * Fire the failed authentication attempt event with the given arguments. * * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @param array $credentials * @return void */ protected function fireFailedEvent($user, array $credentials) { $this->events?->dispatch(new Failed($this->name, $user, $credentials)); } /** * Get the last user we attempted to authenticate. * * @return \Illuminate\Contracts\Auth\Authenticatable */ public function getLastAttempted() { return $this->lastAttempted; } /** * Get a unique identifier for the auth session value. * * @return string */ public function getName() { return 'login_'.$this->name.'_'.sha1(static::class); } /** * Get the name of the cookie used to store the "recaller". * * @return string */ public function getRecallerName() { return 'remember_'.$this->name.'_'.sha1(static::class); } /** * Determine if the user was authenticated via "remember me" cookie. * * @return bool */ public function viaRemember() { return $this->viaRemember; } /** * Get the number of minutes the remember me cookie should be valid for. * * @return int */ protected function getRememberDuration() { return $this->rememberDuration; } /** * Set the number of minutes the remember me cookie should be valid for. * * @param int $minutes * @return $this */ public function setRememberDuration($minutes) { $this->rememberDuration = $minutes; return $this; } /** * Get the cookie creator instance used by the guard. * * @return \Illuminate\Contracts\Cookie\QueueingFactory * * @throws \RuntimeException */ public function getCookieJar() { if (! isset($this->cookie)) { throw new RuntimeException('Cookie jar has not been set.'); } return $this->cookie; } /** * Set the cookie creator instance used by the guard. * * @param \Illuminate\Contracts\Cookie\QueueingFactory $cookie * @return void */ public function setCookieJar(CookieJar $cookie) { $this->cookie = $cookie; } /** * Get the event dispatcher instance. * * @return \Illuminate\Contracts\Events\Dispatcher */ public function getDispatcher() { return $this->events; } /** * Set the event dispatcher instance. * * @param \Illuminate\Contracts\Events\Dispatcher $events * @return void */ public function setDispatcher(Dispatcher $events) { $this->events = $events; } /** * Get the session store used by the guard. * * @return \Illuminate\Contracts\Session\Session */ public function getSession() { return $this->session; } /** * Return the currently cached user. * * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function getUser() { return $this->user; } /** * Set the current user. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return $this */ public function setUser(AuthenticatableContract $user) { $this->user = $user; $this->loggedOut = false; $this->fireAuthenticatedEvent($user); return $this; } /** * Get the current request instance. * * @return \Symfony\Component\HttpFoundation\Request */ public function getRequest() { return $this->request ?: Request::createFromGlobals(); } /** * Set the current request instance. * * @param \Symfony\Component\HttpFoundation\Request $request * @return $this */ public function setRequest(Request $request) { $this->request = $request; return $this; } /** * Get the timebox instance used by the guard. * * @return \Illuminate\Support\Timebox */ public function getTimebox() { return $this->timebox; } } PK!lTJJRequestGuard.phpnuȯrequest = $request; $this->callback = $callback; $this->provider = $provider; } /** * Get the currently authenticated user. * * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function user() { // If we've already retrieved the user for the current request we can just // return it back immediately. We do not want to fetch the user data on // every call to this method because that would be tremendously slow. if (! is_null($this->user)) { return $this->user; } return $this->user = call_user_func( $this->callback, $this->request, $this->getProvider() ); } /** * Validate a user's credentials. * * @param array $credentials * @return bool */ public function validate(array $credentials = []) { return ! is_null((new static( $this->callback, $credentials['request'], $this->getProvider() ))->user()); } /** * Set the current request instance. * * @param \Illuminate\Http\Request $request * @return $this */ public function setRequest(Request $request) { $this->request = $request; return $this; } } PK!NOEloquentUserProvider.phpnuȯmodel = $model; $this->hasher = $hasher; } /** * Retrieve a user by their unique identifier. * * @param mixed $identifier * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveById($identifier) { $model = $this->createModel(); return $this->newModelQuery($model) ->where($model->getAuthIdentifierName(), $identifier) ->first(); } /** * Retrieve a user by their unique identifier and "remember me" token. * * @param mixed $identifier * @param string $token * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveByToken($identifier, $token) { $model = $this->createModel(); $retrievedModel = $this->newModelQuery($model)->where( $model->getAuthIdentifierName(), $identifier )->first(); if (! $retrievedModel) { return; } $rememberToken = $retrievedModel->getRememberToken(); return $rememberToken && hash_equals($rememberToken, $token) ? $retrievedModel : null; } /** * Update the "remember me" token for the given user in storage. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param string $token * @return void */ public function updateRememberToken(UserContract $user, $token) { $user->setRememberToken($token); $timestamps = $user->timestamps; $user->timestamps = false; $user->save(); $user->timestamps = $timestamps; } /** * Retrieve a user by the given credentials. * * @param array $credentials * @return \Illuminate\Contracts\Auth\Authenticatable|null */ public function retrieveByCredentials(array $credentials) { $credentials = array_filter( $credentials, fn ($key) => ! str_contains($key, 'password'), ARRAY_FILTER_USE_KEY ); if (empty($credentials)) { return; } // First we will add each credential element to the query as a where clause. // Then we can execute the query and, if we found a user, return it in a // Eloquent User "model" that will be utilized by the Guard instances. $query = $this->newModelQuery(); foreach ($credentials as $key => $value) { if (is_array($value) || $value instanceof Arrayable) { $query->whereIn($key, $value); } elseif ($value instanceof Closure) { $value($query); } else { $query->where($key, $value); } } return $query->first(); } /** * Validate a user against the given credentials. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param array $credentials * @return bool */ public function validateCredentials(UserContract $user, array $credentials) { if (is_null($plain = $credentials['password'])) { return false; } return $this->hasher->check($plain, $user->getAuthPassword()); } /** * Get a new query builder for the model instance. * * @param \Illuminate\Database\Eloquent\Model|null $model * @return \Illuminate\Database\Eloquent\Builder */ protected function newModelQuery($model = null) { $query = is_null($model) ? $this->createModel()->newQuery() : $model->newQuery(); with($query, $this->queryCallback); return $query; } /** * Create a new instance of the model. * * @return \Illuminate\Database\Eloquent\Model */ public function createModel() { $class = '\\'.ltrim($this->model, '\\'); return new $class; } /** * Gets the hasher implementation. * * @return \Illuminate\Contracts\Hashing\Hasher */ public function getHasher() { return $this->hasher; } /** * Sets the hasher implementation. * * @param \Illuminate\Contracts\Hashing\Hasher $hasher * @return $this */ public function setHasher(HasherContract $hasher) { $this->hasher = $hasher; return $this; } /** * Gets the name of the Eloquent user model. * * @return string */ public function getModel() { return $this->model; } /** * Sets the name of the Eloquent user model. * * @param string $model * @return $this */ public function setModel($model) { $this->model = $model; return $this; } /** * Get the callback that modifies the query before retrieving users. * * @return \Closure|null */ public function getQueryCallback() { return $this->queryCallback; } /** * Sets the callback to modify the query before retrieving users. * * @param (\Closure(\Illuminate\Database\Eloquent\Builder):mixed)|null $queryCallback * @return $this */ public function withQuery($queryCallback = null) { $this->queryCallback = $queryCallback; return $this; } } PK!XJ:Authenticatable.phpnuȯgetKeyName(); } /** * Get the unique identifier for the user. * * @return mixed */ public function getAuthIdentifier() { return $this->{$this->getAuthIdentifierName()}; } /** * Get the unique broadcast identifier for the user. * * @return mixed */ public function getAuthIdentifierForBroadcasting() { return $this->getAuthIdentifier(); } /** * Get the password for the user. * * @return string */ public function getAuthPassword() { return $this->password; } /** * Get the token value for the "remember me" session. * * @return string|null */ public function getRememberToken() { if (! empty($this->getRememberTokenName())) { return (string) $this->{$this->getRememberTokenName()}; } } /** * Set the token value for the "remember me" session. * * @param string $value * @return void */ public function setRememberToken($value) { if (! empty($this->getRememberTokenName())) { $this->{$this->getRememberTokenName()} = $value; } } /** * Get the column name for the "remember me" token. * * @return string */ public function getRememberTokenName() { return $this->rememberTokenName; } } PK!ri==Events/Failed.phpnuȯuser = $user; $this->guard = $guard; $this->credentials = $credentials; } } PK!=Events/OtherDeviceLogout.phpnuȯuser = $user; $this->guard = $guard; } } PK!"(Events/CurrentDeviceLogout.phpnuȯuser = $user; $this->guard = $guard; } } PK!yEvents/Logout.phpnuȯuser = $user; $this->guard = $guard; } } PK!~Events/Registered.phpnuȯuser = $user; } } PK!w:Events/Attempting.phpnuȯguard = $guard; $this->remember = $remember; $this->credentials = $credentials; } } PK!nEvents/Lockout.phpnuȯrequest = $request; } } PK!ӻ0̎Events/Authenticated.phpnuȯuser = $user; $this->guard = $guard; } } PK!L@Events/PasswordReset.phpnuȯuser = $user; } } PK!VdEvents/Validated.phpnuȯuser = $user; $this->guard = $guard; } } PK!.cc Events/PasswordResetLinkSent.phpnuIwuser = $user; $this->guard = $guard; $this->remember = $remember; } } PK!^XEvents/Verified.phpnuȯuser = $user; } } PK!YY(Middleware/AuthenticateWithBasicAuth.phpnuȯauth = $auth; } /** * Specify the guard and field for the middleware. * * @param string|null $guard * @param string|null $field * @return string * * @named-arguments-supported */ public static function using($guard = null, $field = null) { return static::class.':'.implode(',', func_get_args()); } /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string|null $guard * @param string|null $field * @return mixed * * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException */ public function handle($request, Closure $next, $guard = null, $field = null) { $this->auth->guard($guard)->basic($field ?: 'email'); return $next($request); } } PK!弯$Middleware/EnsureEmailIsVerified.phpnuȯuser() || ($request->user() instanceof MustVerifyEmail && ! $request->user()->hasVerifiedEmail())) { return $request->expectsJson() ? abort(403, 'Your email address is not verified.') : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice')); } return $next($request); } } PK!A5w w Middleware/Authenticate.phpnuȯauth = $auth; } /** * Specify the guards for the middleware. * * @param string $guard * @param string $others * @return string */ public static function using($guard, ...$others) { return static::class.':'.implode(',', [$guard, ...$others]); } /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string[] ...$guards * @return mixed * * @throws \Illuminate\Auth\AuthenticationException */ public function handle($request, Closure $next, ...$guards) { $this->authenticate($request, $guards); return $next($request); } /** * Determine if the user is logged in to any of the given guards. * * @param \Illuminate\Http\Request $request * @param array $guards * @return void * * @throws \Illuminate\Auth\AuthenticationException */ protected function authenticate($request, array $guards) { if (empty($guards)) { $guards = [null]; } foreach ($guards as $guard) { if ($this->auth->guard($guard)->check()) { return $this->auth->shouldUse($guard); } } $this->unauthenticated($request, $guards); } /** * Handle an unauthenticated user. * * @param \Illuminate\Http\Request $request * @param array $guards * @return void * * @throws \Illuminate\Auth\AuthenticationException */ protected function unauthenticated($request, array $guards) { throw new AuthenticationException( 'Unauthenticated.', $guards, $this->redirectTo($request) ); } /** * Get the path the user should be redirected to when they are not authenticated. * * @param \Illuminate\Http\Request $request * @return string|null */ protected function redirectTo(Request $request) { // } } PK! b b Middleware/Authorize.phpnuȯgate = $gate; } /** * Specify the ability and models for the middleware. * * @param string $ability * @param string ...$models * @return string */ public static function using($ability, ...$models) { return static::class.':'.implode(',', [$ability, ...$models]); } /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string $ability * @param array|null ...$models * @return mixed * * @throws \Illuminate\Auth\AuthenticationException * @throws \Illuminate\Auth\Access\AuthorizationException */ public function handle($request, Closure $next, $ability, ...$models) { $this->gate->authorize($ability, $this->getGateArguments($request, $models)); return $next($request); } /** * Get the arguments parameter for the gate. * * @param \Illuminate\Http\Request $request * @param array|null $models * @return \Illuminate\Database\Eloquent\Model|array|string */ protected function getGateArguments($request, $models) { if (is_null($models)) { return []; } return collect($models)->map(function ($model) use ($request) { return $model instanceof Model ? $model : $this->getModel($request, $model); })->all(); } /** * Get the model to authorize. * * @param \Illuminate\Http\Request $request * @param string $model * @return \Illuminate\Database\Eloquent\Model|string */ protected function getModel($request, $model) { if ($this->isClassName($model)) { return trim($model); } return $request->route($model, null) ?? ((preg_match("/^['\"](.*)['\"]$/", trim($model), $matches)) ? $matches[1] : null); } /** * Checks if the given string looks like a fully qualified class name. * * @param string $value * @return bool */ protected function isClassName($value) { return str_contains($value, '\\'); } } PK!|㇣DD&Middleware/RedirectIfAuthenticated.phpnuIwcheck()) { return redirect($this->redirectTo($request)); } } return $next($request); } /** * Get the path the user should be redirected to when they are authenticated. */ protected function redirectTo(Request $request): ?string { return static::$redirectToCallback ? call_user_func(static::$redirectToCallback, $request) : $this->defaultRedirectUri(); } /** * Get the default URI the user should be redirected to when they are authenticated. */ protected function defaultRedirectUri(): string { foreach (['dashboard', 'home'] as $uri) { if (Route::has($uri)) { return route($uri); } } $routes = Route::getRoutes()->get('GET'); foreach (['dashboard', 'home'] as $uri) { if (isset($routes[$uri])) { return '/'.$uri; } } return '/'; } /** * Specify the callback that should be used to generate the redirect path. * * @param callable $redirectToCallback * @return void */ public static function redirectUsing(callable $redirectToCallback) { static::$redirectToCallback = $redirectToCallback; } } PK!~VY Y Middleware/RequirePassword.phpnuȯresponseFactory = $responseFactory; $this->urlGenerator = $urlGenerator; $this->passwordTimeout = $passwordTimeout ?: 10800; } /** * Specify the redirect route and timeout for the middleware. * * @param string|null $redirectToRoute * @param string|int|null $passwordTimeoutSeconds * @return string * * @named-arguments-supported */ public static function using($redirectToRoute = null, $passwordTimeoutSeconds = null) { return static::class.':'.implode(',', func_get_args()); } /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string|null $redirectToRoute * @param string|int|null $passwordTimeoutSeconds * @return mixed */ public function handle($request, Closure $next, $redirectToRoute = null, $passwordTimeoutSeconds = null) { if ($this->shouldConfirmPassword($request, $passwordTimeoutSeconds)) { if ($request->expectsJson()) { return $this->responseFactory->json([ 'message' => 'Password confirmation required.', ], 423); } return $this->responseFactory->redirectGuest( $this->urlGenerator->route($redirectToRoute ?: 'password.confirm') ); } return $next($request); } /** * Determine if the confirmation timeout has expired. * * @param \Illuminate\Http\Request $request * @param int|null $passwordTimeoutSeconds * @return bool */ protected function shouldConfirmPassword($request, $passwordTimeoutSeconds = null) { $confirmedAt = time() - $request->session()->get('auth.password_confirmed_at', 0); return $confirmedAt > ($passwordTimeoutSeconds ?? $this->passwordTimeout); } } PK!\Fbootstrap-stubs/home.stubnu̗@extends('layouts.app') @section('content')
{{ __('Dashboard') }}
@if (session('status')) @endif {{ __('You are logged in!') }}
@endsection PK!$>,,"bootstrap-stubs/auth/register.stubnu̗@extends('layouts.app') @section('content')
{{ __('Register') }}
@csrf
@error('name') {{ $message }} @enderror
@error('email') {{ $message }} @enderror
@error('password') {{ $message }} @enderror
@endsection PK!.Onn bootstrap-stubs/auth/verify.stubnu̗@extends('layouts.app') @section('content')
{{ __('Verify Your Email Address') }}
@if (session('resent')) @endif {{ __('Before proceeding, please check your email for a verification link.') }} {{ __('If you did not receive the email') }},
@csrf .
@endsection PK! [+bootstrap-stubs/auth/passwords/confirm.stubnu̗@extends('layouts.app') @section('content')
{{ __('Confirm Password') }}
{{ __('Please confirm your password before continuing.') }}
@csrf
@error('password') {{ $message }} @enderror
@if (Route::has('password.request')) {{ __('Forgot Your Password?') }} @endif
@endsection PK!sKjff)bootstrap-stubs/auth/passwords/email.stubnu̗@extends('layouts.app') @section('content')
{{ __('Reset Password') }}
@if (session('status')) @endif
@csrf
@error('email') {{ $message }} @enderror
@endsection PK!CTF )bootstrap-stubs/auth/passwords/reset.stubnu̗@extends('layouts.app') @section('content')
{{ __('Reset Password') }}
@csrf
@error('email') {{ $message }} @enderror
@error('password') {{ $message }} @enderror
@endsection PK!8%g  bootstrap-stubs/auth/login.stubnu̗@extends('layouts.app') @section('content')
{{ __('Login') }}
@csrf
@error('email') {{ $message }} @enderror
@error('password') {{ $message }} @enderror
@if (Route::has('password.request')) {{ __('Forgot Your Password?') }} @endif
@endsection PK!ӭm0   bootstrap-stubs/layouts/app.stubnu̗ {{ config('app.name', 'Laravel') }}
@yield('content')
PK!w?llstubs/routes.stubnu̗ Auth::routes(); Route::get('/home', [App\Http\Controllers\HomeController::class, 'index'])->name('home'); PK!Id%stubs/controllers/HomeController.stubnu̗middleware('auth'); } /** * Show the application dashboard. * * @return \Illuminate\Contracts\Support\Renderable */ public function index() { return view('home'); } } PK!-jjVerificationController.stubnu̗middleware('auth'); $this->middleware('signed')->only('verify'); $this->middleware('throttle:6,1')->only('verify', 'resend'); } } PK![ConfirmPasswordController.stubnu̗middleware('auth'); } } PK!qLLResetPasswordController.stubnu̗middleware('guest'); } /** * Get a validator for an incoming registration request. * * @param array $data * @return \Illuminate\Contracts\Validation\Validator */ protected function validator(array $data) { return Validator::make($data, [ 'name' => ['required', 'string', 'max:255'], 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], 'password' => ['required', 'string', 'min:8', 'confirmed'], ]); } /** * Create a new user instance after a valid registration. * * @param array $data * @return \App\Models\User */ protected function create(array $data) { return User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => Hash::make($data['password']), ]); } } PK!KForgotPasswordController.stubnu̗middleware('guest')->except('logout'); } } PK! w "Passwords/CacheTokenRepository.phpnuIwdelete($user); $token = hash_hmac('sha256', Str::random(40), $this->hashKey); $this->cache->put( $this->cacheKey($user), [$this->hasher->make($token), Carbon::now()->format($this->format)], $this->expires, ); return $token; } /** * Determine if a token record exists and is valid. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @param string $token * @return bool */ public function exists(CanResetPasswordContract $user, #[\SensitiveParameter] $token) { [$record, $createdAt] = $this->cache->get($this->cacheKey($user)); return $record && ! $this->tokenExpired($createdAt) && $this->hasher->check($token, $record); } /** * Determine if the token has expired. * * @param string $createdAt * @return bool */ protected function tokenExpired($createdAt) { return Carbon::createFromFormat($this->format, $createdAt)->addSeconds($this->expires)->isPast(); } /** * Determine if the given user recently created a password reset token. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return bool */ public function recentlyCreatedToken(CanResetPasswordContract $user) { [$record, $createdAt] = $this->cache->get($this->cacheKey($user)); return $record && $this->tokenRecentlyCreated($createdAt); } /** * Determine if the token was recently created. * * @param string $createdAt * @return bool */ protected function tokenRecentlyCreated($createdAt) { if ($this->throttle <= 0) { return false; } return Carbon::createFromFormat($this->format, $createdAt)->addSeconds( $this->throttle )->isFuture(); } /** * Delete a token record. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return void */ public function delete(CanResetPasswordContract $user) { $this->cache->forget($this->cacheKey($user)); } /** * Delete expired tokens. * * @return void */ public function deleteExpired() { } /** * Determine the cache key for the given user. * * @param \Illuminate\Contracts\Auth\CanResetPassword $user * @return string */ public function cacheKey(CanResetPasswordContract $user): string { return hash('sha256', $user->getEmailForPasswordReset()); } } PK!SignedBodyHeaderType.phpnu[ '', 'secret_access_key' => '', 'session_token' => '', 'expiration_timepoint_seconds' => 0, ]; } private $access_key_id; private $secret_access_key; private $session_token; private $expiration_timepoint_seconds = 0; public function __get($name) { return $this->$name; } function __construct(array $options = []) { parent::__construct(); $options = new Options($options, self::defaults()); $this->access_key_id = $options->access_key_id->asString(); $this->secret_access_key = $options->secret_access_key->asString(); $this->session_token = $options->session_token ? $options->session_token->asString() : null; $this->expiration_timepoint_seconds = $options->expiration_timepoint_seconds->asInt(); if (strlen($this->access_key_id) == 0) { throw new \InvalidArgumentException("access_key_id must be provided"); } if (strlen($this->secret_access_key) == 0) { throw new \InvalidArgumentException("secret_access_key must be provided"); } $creds_options = self::$crt->aws_credentials_options_new(); self::$crt->aws_credentials_options_set_access_key_id($creds_options, $this->access_key_id); self::$crt->aws_credentials_options_set_secret_access_key($creds_options, $this->secret_access_key); self::$crt->aws_credentials_options_set_session_token($creds_options, $this->session_token); self::$crt->aws_credentials_options_set_expiration_timepoint_seconds($creds_options, $this->expiration_timepoint_seconds); $this->acquire(self::$crt->aws_credentials_new($creds_options)); self::$crt->aws_credentials_options_release($creds_options); } function __destruct() { self::$crt->aws_credentials_release($this->release()); parent::__destruct(); } } PK!DDStaticCredentialsProvider.phpnu[$name; } function __construct(array $options = []) { parent::__construct(); $this->credentials = new AwsCredentials($options); $provider_options = self::$crt->credentials_provider_static_options_new(); self::$crt->credentials_provider_static_options_set_access_key_id($provider_options, $this->credentials->access_key_id); self::$crt->credentials_provider_static_options_set_secret_access_key($provider_options, $this->credentials->secret_access_key); self::$crt->credentials_provider_static_options_set_session_token($provider_options, $this->credentials->session_token); $this->acquire(self::$crt->credentials_provider_static_new($provider_options)); self::$crt->credentials_provider_static_options_release($provider_options); } } PK! SigningConfigAWS.phpnu[ SigningAlgorithm::SIGv4, 'signature_type' => SignatureType::HTTP_REQUEST_HEADERS, 'credentials_provider' => null, 'region' => null, 'service' => null, 'use_double_uri_encode' => false, 'should_normalize_uri_path' => false, 'omit_session_token' => false, 'signed_body_value' => null, 'signed_body_header_type' => SignedBodyHeaderType::NONE, 'expiration_in_seconds' => 0, 'date' => time(), 'should_sign_header' => null, ]; } private $options; public function __construct(array $options = []) { parent::__construct(); $this->options = $options = new Options($options, self::defaults()); $sc = $this->acquire(self::$crt->signing_config_aws_new()); self::$crt->signing_config_aws_set_algorithm($sc, $options->algorithm->asInt()); self::$crt->signing_config_aws_set_signature_type($sc, $options->signature_type->asInt()); if ($credentials_provider = $options->credentials_provider->asObject()) { self::$crt->signing_config_aws_set_credentials_provider( $sc, $credentials_provider->native); } self::$crt->signing_config_aws_set_region( $sc, $options->region->asString()); self::$crt->signing_config_aws_set_service( $sc, $options->service->asString()); self::$crt->signing_config_aws_set_use_double_uri_encode( $sc, $options->use_double_uri_encode->asBool()); self::$crt->signing_config_aws_set_should_normalize_uri_path( $sc, $options->should_normalize_uri_path->asBool()); self::$crt->signing_config_aws_set_omit_session_token( $sc, $options->omit_session_token->asBool()); self::$crt->signing_config_aws_set_signed_body_value( $sc, $options->signed_body_value->asString()); self::$crt->signing_config_aws_set_signed_body_header_type( $sc, $options->signed_body_header_type->asInt()); self::$crt->signing_config_aws_set_expiration_in_seconds( $sc, $options->expiration_in_seconds->asInt()); self::$crt->signing_config_aws_set_date($sc, $options->date->asInt()); if ($should_sign_header = $options->should_sign_header->asCallable()) { self::$crt->signing_config_aws_set_should_sign_header_fn($sc, $should_sign_header); } } function __destruct() { self::$crt->signing_config_aws_release($this->release()); parent::__destruct(); } public function __get($name) { return $this->options->get($name); } }PK!Ov  CredentialsProvider.phpnu[credentials_provider_release($this->release()); parent::__destruct(); } } PK!BTSigningAlgorithm.phpnu[acquire($native); } function __destruct() { // No destruction necessary, SigningResults are transient, just release $this->release(); parent::__destruct(); } public static function fromNative($ptr) { return new SigningResult($ptr); } public function applyToHttpRequest(&$http_request) { self::$crt->signing_result_apply_to_http_request($this->native, $http_request->native); // Update http_request from native $http_request = Request::unmarshall($http_request->toBlob()); } }PK!1e Signing.phpnu[sign_request_aws($signable->native, $signing_config->native, function($result, $error_code) use ($on_complete) { $signing_result = SigningResult::fromNative($result); $on_complete($signing_result, $error_code); }, null); } static function testVerifySigV4ASigning($signable, $signing_config, $expected_canonical_request, $signature, $ecc_key_pub_x, $ecc_key_pub_y) { return self::$crt->test_verify_sigv4a_signing($signable, $signing_config, $expected_canonical_request, $signature, $ecc_key_pub_x, $ecc_key_pub_y); } } PK!N\\ Signable.phpnu[signable_new_from_http_request($http_message->native); }); } public static function fromChunk($chunk_stream, $previous_signature="") { if (!($chunk_stream instanceof InputStream)) { $chunk_stream = new InputStream($chunk_stream); } return new Signable(function() use($chunk_stream, $previous_signature) { return self::$crt->signable_new_from_chunk($chunk_stream->native, $previous_signature); }); } public static function fromCanonicalRequest($canonical_request) { return new Signable(function() use($canonical_request) { return self::$crt->signable_new_from_canonical_request($canonical_request); }); } protected function __construct($ctor) { parent::__construct(); $this->acquire($ctor()); } function __destruct() { self::$crt->signable_release($this->release()); parent::__destruct(); } }PK!W?LoginRequest.phpnuȯPK!VN8PasswordController.phpnu[PK!]::VerifyEmailController.phpnu[PK!搣CC%EmailVerificationPromptController.phpnu[PK![?"AuthenticatedSessionController.phpnu[PK!Eߴ+5EmailVerificationNotificationController.phpnu[PK!Ell8NewPasswordController.phpnu[PK!! APasswordResetLinkController.phpnu[PK!:uFRegisteredUserController.phpnu[PK!d!BMConfirmablePasswordController.phpnu[PK! QEmailVerificationTest.phpnu[PK!EXRegistrationTest.phpnu[PK!P= nn,\PasswordResetTest.phpnu[PK!((cPasswordConfirmationTest.phpnu[PK!rv'ShPasswordUpdateTest.phpnu[PK!nAuthenticationTest.phpnu[PK!45""trActiveSession.phpnuȯPK!pCP+nn$sNotifications/VerifyEmailWithOtp.phpnuȯPK!7{Jobs/ExportUsersCsv.phpnuȯPK!%9UJobs/LogActiveSessionJob.phpnuȯPK!{{Jobs/ExportRolesCsv.phpnuȯPK!zSocialProfile.phpnuȯPK!)?&& ׍Oauth.phpnuȯPK!sd!Traits/HasAvatarAttribute.phpnuȯPK!Ĵ,"5Traits/HasDisplayNameAttribute.phpnuȯPK!fSTTBan.phpnuȯPK!M@"Fortify/TwoFactorLoginResponse.phpnuȯPK!~O=I;;տFortify/LogoutResponse.phpnuȯPK!ZFortify/ResetUserPassword.phpnuȯPK! oMFortify/FortifyRegisterUser.phpnuȯPK!Ы GG"MFortify/FortifyServiceProvider.phpnuȯPK!uu#Fortify/PasswordValidationRules.phpnuȯPK!+RFortify/UpdateUserPassword.phpnuȯPK!oI8Fortify/RegisterResponse.phpnuȯPK!qq$Fortify/ValidateLoginCredentials.phpnuȯPK!ǤFortify/LoginResponse.phpnuȯPK!EE%Validators/EmailVerifiedValidator.phpnuȯPK!03uValidators/PasswordIsValid.phpnuȯPK!YValidators/HashIsValid.phpnuȯPK!OT1BB OtpCode.phpnuȯPK!պYFF-HPermissions/Traits/HasPermissionsRelation.phpnuȯPK!譐aii'Permissions/Traits/SyncsPermissions.phpnuȯPK!]f 66Permissions/Permission.phpnuȯPK!cE)+Permissions/Policies/PermissionPolicy.phpnuȯPK!Z_++)j Commands/DeleteExpiredOtpCodesCommand.phpnuȯPK!% Commands/DeleteExpiredBansCommand.phpnuȯPK!,+ Controllers/EmailVerificationController.phpnuȯPK!0Lm>>$zControllers/UserAvatarController.phpnuȯPK!.H++ Controllers/UserFollowedUsersController.phpnuȯPK!}- Controllers/UserController.phpnuȯPK!$ͮkLL'*Controllers/UserFollowersController.phpnuȯPK!!,(xVV%.Controllers/AccessTokenController.phpnuȯPK!jx֟  &h2Controllers/UserSessionsController.phpnuȯPK!#zz);Controllers/TwoFactorQrCodeController.phpnuȯPK!}=Controllers/BanController.phpnuȯPK!  $CControllers/MobileAuthController.phpnuȯPK!$rNN$LControllers/SocialAuthController.phpnuȯPK!Vқ66 'aBaseUser.phpnuȯPK!g'"%Roles/Role.phpnuȯPK!P1ݞRoles/UserRolesController.phpnuȯPK!-'p@??CRoles/CrupdateRole.phpnuȯPK!V ȦRoles/RolesController.phpnuȯPK!  Requests/CrupdateUserRequest.phpnuȯPK!Q4UEvents/SocialConnected.phpnuȯPK!dOEvents/UsersDeleted.phpnuȯPK!,x~Events/SocialLogin.phpnuȯPK! GpEvents/UserCreated.phpnuȯPK!  [Events/UserAvatarChanged.phpnuȯPK!T,ddActions/DeleteUsers.phpnuȯPK!n3x\Actions/UpdateUser.phpnuȯPK! Actions/PaginateUsers.phpnuȯPK!22Actions/CreateUser.phpnuȯPK!7zKK#Middleware/OptionalAuthenticate.phpnuȯPK!}`(Middleware/VerifyApiAccessMiddleware.phpnuȯPK!> <<Middleware/ForbidBannedUser.phpnuȯPK!RY$, LoginAuthenticator.phpnuIwPK!n??AuthenticatorInterface.phpnuIwPK!+qqPlainAuthenticator.phpnuIwPK!bXXOAuth2Authenticator.phpnuIwPK!+//CramMd5Authenticator.phpnuIwPK!CC+Exception/UnresolvedAuthSchemeException.phpnuȯPK!  AuthSelectionMiddleware.phpnuȯPK!NHHAuthSchemeResolverInterface.phpnuȯPK!G++AuthSchemeResolver.phpnuȯPK!Z Basic.phpnu̗PK!-x$A%ResetPasswordController.phpnu̗PK!K6*ForgotPasswordController.phpnu̗PK!-jj-VerificationController.phpnu̗PK!P1`Q Q 1LoginController.phpnu̗PK![e>ConfirmPasswordController.phpnu̗PK!7BRegisterController.phpnu̗PK! !!JAuthManager.phpnuȯPK!123 3 kNotifications/VerifyEmail.phpnuȯPK!os gxNotifications/ResetPassword.phpnuȯPK!IE{ZZConsole/ClearResetsCommand.phpnuȯPK!1`# # )PConsole/stubs/make/views/layouts/app.stubnuȯPK!6Q !̗Access/AuthorizationException.phpnuȯPK!^ԜנAccess/Response.phpnuȯPK!"؟{d{dAccess/Gate.phpnuȯPK!YZ3FFAccess/HandlesAuthorization.phpnuȯPK!mAccess/Events/GateEvaluated.phpnuȯPK!p \x x  TokenGuard.phpnuȯPK!] O.GuardHelpers.phpnuȯPK!Ge. {8CreatesUserProviders.phpnuȯPK!a@eemBDatabaseUserProvider.phpnuȯPK!*Do& & UAuthServiceProvider.phpnuȯPK!O\ZZaPasswords/CanResetPassword.phpnuȯPK!HO*/dPasswords/PasswordResetServiceProvider.phpnuȯPK!KVp__#{hPasswords/PasswordBrokerManager.phpnuȯPK!.==%-wPasswords/DatabaseTokenRepository.phpnuȯPK!sPasswords/PasswordBroker.phpnuȯPK!Ux2&Passwords/TokenRepositoryInterface.phpnuȯPK!rl7MustVerifyEmail.phpnuȯPK!c GenericUser.phpnuȯPK!,4Z/2Listeners/SendEmailVerificationNotification.phpnuȯPK!α33 LICENSE.mdnuȯPK!JJJ AuthenticationException.phpnuȯPK! 9VV Recaller.phpnuȯPK!=m/ 3composer.jsonnuȯPK!iibSessionGuard.phpnuȯPK!lTJJ;RequestGuard.phpnuȯPK!NODEloquentUserProvider.phpnuȯPK!XJ:]Authenticatable.phpnuȯPK!ri==UdEvents/Failed.phpnuȯPK!=gEvents/OtherDeviceLogout.phpnuȯPK!"(jEvents/CurrentDeviceLogout.phpnuȯPK!ymEvents/Logout.phpnuȯPK!~[pEvents/Registered.phpnuȯPK!w:rEvents/Attempting.phpnuȯPK!nuEvents/Lockout.phpnuȯPK!ӻ0̎wEvents/Authenticated.phpnuȯPK!L@uzEvents/PasswordReset.phpnuȯPK!Vd|Events/Validated.phpnuȯPK!.cc Events/PasswordResetLinkSent.phpnuIwPK!+II6Events/Login.phpnuȯPK!^XEvents/Verified.phpnuȯPK!YY(݆Middleware/AuthenticateWithBasicAuth.phpnuȯPK!弯$Middleware/EnsureEmailIsVerified.phpnuȯPK!A5w w Middleware/Authenticate.phpnuȯPK! b b SMiddleware/Authorize.phpnuȯPK!|㇣DD&Middleware/RedirectIfAuthenticated.phpnuIwPK!~VY Y Middleware/RequirePassword.phpnuȯPK!\F>bootstrap-stubs/home.stubnu̗PK!$>,,"bootstrap-stubs/auth/register.stubnu̗PK!.Onn bootstrap-stubs/auth/verify.stubnu̗PK! [+Mbootstrap-stubs/auth/passwords/confirm.stubnu̗PK!sKjff)bootstrap-stubs/auth/passwords/email.stubnu̗PK!CTF )obootstrap-stubs/auth/passwords/reset.stubnu̗PK!8%g  pbootstrap-stubs/auth/login.stubnu̗PK!ӭm0   bootstrap-stubs/layouts/app.stubnu̗PK!w?ll* stubs/routes.stubnu̗PK!Id% stubs/controllers/HomeController.stubnu̗PK!-jj VerificationController.stubnu̗PK![ConfirmPasswordController.stubnu̗PK!qLL ResetPasswordController.stubnu̗PK!7RegisterController.stubnu̗PK!K ForgotPasswordController.stubnu̗PK!gkHo~#LoginController.stubnu̗PK! w "'Passwords/CacheTokenRepository.phpnuIwPK!5SignedBodyHeaderType.phpnu[PK!  $7AwsCredentials.phpnu[PK!DDAStaticCredentialsProvider.phpnu[PK! GSigningConfigAWS.phpnu[PK!Ov  PSCredentialsProvider.phpnu[PK!BTUSigningAlgorithm.phpnu[PK! !VSignatureType.phpnu[PK!ecXSigningResult.phpnu[PK!1e k\Signing.phpnu[PK!N\\ E`Signable.phpnu[PK<e