Fix tenant event form package selector so it no longer renders empty-value options, handles loading/empty
states, and pulls data from the authenticated /api/v1/tenant/packages endpoint.
(resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts)
- Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA
routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx,
resources/js/admin/router.tsx, routes/web.php)
This commit is contained in:
Codex Agent
@@ -1,9 +1,13 @@
|
||||
<?php
|
||||
|
||||
namespace App\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
use Illuminate\Database\Eloquent\Relations\HasMany;
|
||||
use App\Models\EventJoinTokenEvent;
|
||||
use Illuminate\Support\Facades\Crypt;
|
||||
|
||||
class EventJoinToken extends Model
|
||||
{
|
||||
@@ -11,7 +15,9 @@ class EventJoinToken extends Model
|
||||
|
||||
protected $fillable = [
|
||||
'event_id',
|
||||
'token',
|
||||
'token_hash',
|
||||
'token_encrypted',
|
||||
'token_preview',
|
||||
'label',
|
||||
'usage_limit',
|
||||
'usage_count',
|
||||
@@ -29,6 +35,15 @@ class EventJoinToken extends Model
|
||||
'usage_count' => 'integer',
|
||||
];
|
||||
|
||||
protected $hidden = [
|
||||
'token_encrypted',
|
||||
'token_hash',
|
||||
];
|
||||
|
||||
protected $appends = [
|
||||
'token_preview',
|
||||
];
|
||||
|
||||
public function event(): BelongsTo
|
||||
{
|
||||
return $this->belongsTo(Event::class);
|
||||
@@ -39,6 +54,11 @@ class EventJoinToken extends Model
|
||||
return $this->belongsTo(User::class, 'created_by');
|
||||
}
|
||||
|
||||
public function analytics(): HasMany
|
||||
{
|
||||
return $this->hasMany(EventJoinTokenEvent::class);
|
||||
}
|
||||
|
||||
public function isActive(): bool
|
||||
{
|
||||
if ($this->revoked_at !== null) {
|
||||
@@ -55,4 +75,64 @@ class EventJoinToken extends Model
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public function getTokenAttribute(?string $value): ?string
|
||||
{
|
||||
$encrypted = $this->attributes['token_encrypted'] ?? null;
|
||||
|
||||
if (! empty($encrypted)) {
|
||||
try {
|
||||
return Crypt::decryptString($encrypted);
|
||||
} catch (\Throwable $e) {
|
||||
try {
|
||||
return Crypt::decrypt($encrypted);
|
||||
} catch (\Throwable $e) {
|
||||
// Fall back to stored hash if both decrypt strategies fail.
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
public function setTokenAttribute(?string $value): void
|
||||
{
|
||||
if ($value === null) {
|
||||
$this->attributes['token'] = null;
|
||||
$this->attributes['token_hash'] = null;
|
||||
$this->attributes['token_encrypted'] = null;
|
||||
$this->attributes['token_preview'] = null;
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$hash = hash('sha256', $value);
|
||||
|
||||
$this->attributes['token'] = $hash;
|
||||
$this->attributes['token_hash'] = $hash;
|
||||
$this->attributes['token_encrypted'] = Crypt::encryptString($value);
|
||||
$this->attributes['token_preview'] = $this->buildPreview($value);
|
||||
}
|
||||
|
||||
public function getTokenPreviewAttribute(?string $value): ?string
|
||||
{
|
||||
if ($value) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
$token = $this->token;
|
||||
|
||||
return $token ? $this->buildPreview($token) : null;
|
||||
}
|
||||
|
||||
private function buildPreview(string $token): string
|
||||
{
|
||||
$length = strlen($token);
|
||||
|
||||
if ($length <= 10) {
|
||||
return $token;
|
||||
}
|
||||
|
||||
return substr($token, 0, 6).'…'.substr($token, -4);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user