mirror of
https://github.com/coollabsio/coolify.git
synced 2026-03-11 08:55:47 +00:00
feat: add OAuth-only self-registration setting
This commit is contained in:
parent
79e8ff605a
commit
fa2b9cafe6
1 changed files with 77 additions and 0 deletions
77
app/Http/Controllers/Auth/OAuthController.php
Normal file
77
app/Http/Controllers/Auth/OAuthController.php
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Auth;
|
||||
|
||||
use App\Models\User;
|
||||
use App\Models\Team;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Routing\Controller;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Str;
|
||||
use Laravel\Socialite\Facades\Socialite;
|
||||
|
||||
class OAuthController extends Controller
|
||||
{
|
||||
public function redirect(string $provider, Request $request)
|
||||
{
|
||||
$this->validateProvider($provider);
|
||||
|
||||
return Socialite::driver($provider)->redirect();
|
||||
}
|
||||
|
||||
public function callback(string $provider, Request $request)
|
||||
{
|
||||
$this->validateProvider($provider);
|
||||
|
||||
try {
|
||||
$oauthUser = Socialite::driver($provider)->user();
|
||||
} catch (\Exception $e) {
|
||||
return redirect()->route('login')->withErrors(['oauth' => 'OAuth authentication failed. Please try again.']);
|
||||
}
|
||||
|
||||
$settings = instanceSettings();
|
||||
|
||||
$existingUser = User::where('email', strtolower($oauthUser->getEmail()))->first();
|
||||
|
||||
if ($existingUser) {
|
||||
Auth::login($existingUser, true);
|
||||
$team = $existingUser->currentTeam();
|
||||
if (! $team) {
|
||||
$team = $existingUser->teams()->first();
|
||||
}
|
||||
session(['currentTeam' => $team]);
|
||||
|
||||
return redirect()->intended(RouteServiceProvider::HOME ?? '/dashboard');
|
||||
}
|
||||
|
||||
// No existing user — check registration permissions
|
||||
if (! $settings->is_registration_enabled && ! $settings->is_oauth_registration_enabled) {
|
||||
return redirect()->route('login')->withErrors(['oauth' => 'Registration is disabled. Please contact your administrator.']);
|
||||
}
|
||||
|
||||
// Create new user from OAuth
|
||||
$newUser = User::create([
|
||||
'name' => $oauthUser->getName() ?? $oauthUser->getNickname() ?? explode('@', $oauthUser->getEmail())[0],
|
||||
'email' => strtolower($oauthUser->getEmail()),
|
||||
'password' => Hash::make(Str::random(32)),
|
||||
'email_verified_at' => now(),
|
||||
]);
|
||||
|
||||
$team = $newUser->teams()->first();
|
||||
session(['currentTeam' => $newUser->currentTeam = $team]);
|
||||
|
||||
Auth::login($newUser, true);
|
||||
|
||||
return redirect()->intended('/dashboard');
|
||||
}
|
||||
|
||||
protected function validateProvider(string $provider): void
|
||||
{
|
||||
$allowedProviders = ['github', 'gitlab', 'google', 'bitbucket', 'azure'];
|
||||
|
||||
if (! in_array($provider, $allowedProviders)) {
|
||||
abort(404, 'OAuth provider not supported.');
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue