archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2026-02-05 14:14:03 +00:00
Code Activity
tenancy/src/Features/UserImpersonation.php
Samuel Štancl 2a39b0526a Fix #998, properly replace ALL tenant_id literals
2022-11-10 16:44:52 +01:00

53 lines
1.7 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Features;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth;
use Stancl\Tenancy\Contracts\Feature;
use Stancl\Tenancy\Contracts\Tenant;
use Stancl\Tenancy\Database\Models\ImpersonationToken;
use Stancl\Tenancy\Tenancy;
class UserImpersonation implements Feature
{
/** The lifespan of impersonation tokens (in seconds). */
public static int $ttl = 60;
public function bootstrap(Tenancy $tenancy): void
{
$tenancy->macro('impersonate', function (Tenant $tenant, string $userId, string $redirectUrl, string $authGuard = null): ImpersonationToken {
return ImpersonationToken::create([
Tenancy::tenantKeyColumn() => $tenant->getTenantKey(),
'user_id' => $userId,
'redirect_url' => $redirectUrl,
'auth_guard' => $authGuard,
]);
});
}
/** Impersonate a user and get an HTTP redirect response. */
public static function makeResponse(string|ImpersonationToken $token, int $ttl = null): RedirectResponse
{
/** @var ImpersonationToken $token */
$token = $token instanceof ImpersonationToken ? $token : ImpersonationToken::findOrFail($token);
$ttl ??= static::$ttl;
$tokenExpired = $token->created_at->diffInSeconds(now()) > $ttl;
abort_if($tokenExpired, 403);
$tokenTenantId = (string) $token->getAttribute(Tenancy::tenantKeyColumn());
$currentTenantId = (string) tenant()->getTenantKey();
abort_unless($tokenTenantId === $currentTenantId, 403);
Auth::guard($token->auth_guard)->loginUsingId($token->user_id);
$token->delete();
return redirect($token->redirect_url);
}
}
View git blame Copy permalink