Saad Zoubir
88e5803061
Implement end-to-end invitation acceptance: neutral entry route validates token and routes to register (new users), login (existing users), or auto-accepts (authenticated users). Handles 2FA token survival via session, email case-insensitive matching, and dedicated error pages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
56 lines
1.7 KiB
PHP
56 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Actions\Fortify;
|
|
|
|
use App\Concerns\PasswordValidationRules;
|
|
use App\Concerns\ProfileValidationRules;
|
|
use App\Models\TeamInvitation;
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Validator;
|
|
use Laravel\Fortify\Contracts\CreatesNewUsers;
|
|
|
|
class CreateNewUser implements CreatesNewUsers
|
|
{
|
|
use PasswordValidationRules, ProfileValidationRules;
|
|
|
|
/**
|
|
* Validate and create a newly registered user.
|
|
*
|
|
* @param array<string, string> $input
|
|
*/
|
|
public function create(array $input): User
|
|
{
|
|
Validator::make($input, [
|
|
...$this->profileRules(),
|
|
'password' => $this->passwordRules(),
|
|
])->validate();
|
|
|
|
$user = User::create([
|
|
'name' => $input['name'],
|
|
'email' => $input['email'],
|
|
'password' => $input['password'],
|
|
]);
|
|
|
|
if (! empty($input['invitation'])) {
|
|
$invitation = TeamInvitation::where('token', $input['invitation'])->first();
|
|
|
|
if ($invitation && $invitation->isValid() && strtolower($user->email) === strtolower($invitation->email)) {
|
|
DB::transaction(function () use ($user, $invitation) {
|
|
$user->workspaces()->attach($invitation->workspace_id, [
|
|
'role' => $invitation->role,
|
|
'permissions' => json_encode(config("permissions.defaults.{$invitation->role}", [])),
|
|
]);
|
|
|
|
$invitation->update(['accepted_at' => now()]);
|
|
});
|
|
|
|
session(['current_workspace_id' => $invitation->workspace_id]);
|
|
session(['invitation_accepted' => true]);
|
|
}
|
|
}
|
|
|
|
return $user;
|
|
}
|
|
}
|