yann64
f5a7407be0
Le champ de connexion accepte désormais les deux : - Si la saisie contient un @, Auth::attempt() cherche par email - Sinon, cherche par name Champ renommé login dans le formulaire et la LoginRequest. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
86 lines
2.3 KiB
PHP
86 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Requests\Auth;
|
|
|
|
use Illuminate\Auth\Events\Lockout;
|
|
use Illuminate\Contracts\Validation\ValidationRule;
|
|
use Illuminate\Foundation\Http\FormRequest;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\Str;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class LoginRequest extends FormRequest
|
|
{
|
|
/**
|
|
* Determine if the user is authorized to make this request.
|
|
*/
|
|
public function authorize(): bool
|
|
{
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Get the validation rules that apply to the request.
|
|
*
|
|
* @return array<string, ValidationRule|array<mixed>|string>
|
|
*/
|
|
public function rules(): array
|
|
{
|
|
return [
|
|
'login' => ['required', 'string'],
|
|
'password' => ['required', 'string'],
|
|
];
|
|
}
|
|
|
|
public function authenticate(): void
|
|
{
|
|
$this->ensureIsNotRateLimited();
|
|
|
|
$login = $this->string('login')->toString();
|
|
$field = filter_var($login, FILTER_VALIDATE_EMAIL) ? 'email' : 'name';
|
|
|
|
if (! Auth::attempt([$field => $login, 'password' => $this->string('password')->toString()], $this->boolean('remember'))) {
|
|
RateLimiter::hit($this->throttleKey());
|
|
|
|
throw ValidationException::withMessages([
|
|
'login' => trans('auth.failed'),
|
|
]);
|
|
}
|
|
|
|
if (! Auth::user()->is_active) {
|
|
Auth::logout();
|
|
RateLimiter::hit($this->throttleKey());
|
|
|
|
throw ValidationException::withMessages([
|
|
'login' => 'Votre compte est désactivé. Contactez un administrateur.',
|
|
]);
|
|
}
|
|
|
|
RateLimiter::clear($this->throttleKey());
|
|
}
|
|
|
|
public function ensureIsNotRateLimited(): void
|
|
{
|
|
if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
|
|
return;
|
|
}
|
|
|
|
event(new Lockout($this));
|
|
|
|
$seconds = RateLimiter::availableIn($this->throttleKey());
|
|
|
|
throw ValidationException::withMessages([
|
|
'login' => trans('auth.throttle', [
|
|
'seconds' => $seconds,
|
|
'minutes' => ceil($seconds / 60),
|
|
]),
|
|
]);
|
|
}
|
|
|
|
public function throttleKey(): string
|
|
{
|
|
return Str::transliterate(Str::lower($this->string('login')).'|'.$this->ip());
|
|
}
|
|
}
|