ibnezzoubayr/L-Ami-Fiduciaire
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
88e580306139b0743f56b80f1fcffb5517499dde
L-Ami-Fiduciaire/app/Http/Responses/LoginResponse.php
Saad Zoubir 88e5803061 feat: add team invitation acceptance flow with email link routing 
Implement end-to-end invitation acceptance: neutral entry route validates
token and routes to register (new users), login (existing users), or
auto-accepts (authenticated users). Handles 2FA token survival via
session, email case-insensitive matching, and dedicated error pages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 15:16:45 +01:00

62 lines
2.2 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Responses;
use App\Models\TeamInvitation;
use App\Models\WorkspaceUser;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\DB;
use Laravel\Fortify\Contracts\LoginResponse as LoginResponseContract;
class LoginResponse implements LoginResponseContract
{
/**
* Create an HTTP response that represents the object.
*
* @param \Illuminate\Http\Request $request
* @return \Symfony\Component\HttpFoundation\Response
*/
public function toResponse($request)
{
$token = $request->input('invitation')
?? $request->session()->pull('pending_invitation_token');
if ($token) {
$invitation = TeamInvitation::where('token', $token)->first();
$user = $request->user();
if ($invitation && $invitation->isValid() && strtolower($invitation->email) === strtolower($user->email)) {
$alreadyMember = WorkspaceUser::where('workspace_id', $invitation->workspace_id)
->where('user_id', $user->id)
->exists();
if (! $alreadyMember) {
DB::transaction(function () use ($user, $invitation) {
$user->workspaces()->attach($invitation->workspace_id, [
'role' => $invitation->role,
'permissions' => json_encode(config("permissions.defaults.{$invitation->role}", [])),
]);
$invitation->update(['accepted_at' => now()]);
});
} else {
session(['current_workspace_id' => $invitation->workspace_id]);
return redirect()->intended('/dashboard');
}
session(['current_workspace_id' => $invitation->workspace_id]);
return redirect()->intended('/dashboard');
}
}
// Clean up session token if present but not used
$request->session()->forget('pending_invitation_token');
return $request->wantsJson()
? new JsonResponse('', 204)
: redirect()->intended(config('fortify.home'));
}
}
Reference in New Issue View Git Blame Copy Permalink