6290a3a448
states, and pulls data from the authenticated /api/v1/tenant/packages endpoint.
(resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts)
- Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA
routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx,
resources/js/admin/router.tsx, routes/web.php)
139 lines
3.3 KiB
PHP
139 lines
3.3 KiB
PHP
<?php
|
|
|
|
namespace App\Models;
|
|
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
|
use Illuminate\Database\Eloquent\Model;
|
|
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
|
use Illuminate\Database\Eloquent\Relations\HasMany;
|
|
use App\Models\EventJoinTokenEvent;
|
|
use Illuminate\Support\Facades\Crypt;
|
|
|
|
class EventJoinToken extends Model
|
|
{
|
|
use HasFactory;
|
|
|
|
protected $fillable = [
|
|
'event_id',
|
|
'token_hash',
|
|
'token_encrypted',
|
|
'token_preview',
|
|
'label',
|
|
'usage_limit',
|
|
'usage_count',
|
|
'expires_at',
|
|
'revoked_at',
|
|
'created_by',
|
|
'metadata',
|
|
];
|
|
|
|
protected $casts = [
|
|
'metadata' => 'array',
|
|
'expires_at' => 'datetime',
|
|
'revoked_at' => 'datetime',
|
|
'usage_limit' => 'integer',
|
|
'usage_count' => 'integer',
|
|
];
|
|
|
|
protected $hidden = [
|
|
'token_encrypted',
|
|
'token_hash',
|
|
];
|
|
|
|
protected $appends = [
|
|
'token_preview',
|
|
];
|
|
|
|
public function event(): BelongsTo
|
|
{
|
|
return $this->belongsTo(Event::class);
|
|
}
|
|
|
|
public function creator(): BelongsTo
|
|
{
|
|
return $this->belongsTo(User::class, 'created_by');
|
|
}
|
|
|
|
public function analytics(): HasMany
|
|
{
|
|
return $this->hasMany(EventJoinTokenEvent::class);
|
|
}
|
|
|
|
public function isActive(): bool
|
|
{
|
|
if ($this->revoked_at !== null) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->expires_at !== null && $this->expires_at->isPast()) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->usage_limit !== null && $this->usage_count >= $this->usage_limit) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
public function getTokenAttribute(?string $value): ?string
|
|
{
|
|
$encrypted = $this->attributes['token_encrypted'] ?? null;
|
|
|
|
if (! empty($encrypted)) {
|
|
try {
|
|
return Crypt::decryptString($encrypted);
|
|
} catch (\Throwable $e) {
|
|
try {
|
|
return Crypt::decrypt($encrypted);
|
|
} catch (\Throwable $e) {
|
|
// Fall back to stored hash if both decrypt strategies fail.
|
|
}
|
|
}
|
|
}
|
|
|
|
return $value;
|
|
}
|
|
|
|
public function setTokenAttribute(?string $value): void
|
|
{
|
|
if ($value === null) {
|
|
$this->attributes['token'] = null;
|
|
$this->attributes['token_hash'] = null;
|
|
$this->attributes['token_encrypted'] = null;
|
|
$this->attributes['token_preview'] = null;
|
|
|
|
return;
|
|
}
|
|
|
|
$hash = hash('sha256', $value);
|
|
|
|
$this->attributes['token'] = $hash;
|
|
$this->attributes['token_hash'] = $hash;
|
|
$this->attributes['token_encrypted'] = Crypt::encryptString($value);
|
|
$this->attributes['token_preview'] = $this->buildPreview($value);
|
|
}
|
|
|
|
public function getTokenPreviewAttribute(?string $value): ?string
|
|
{
|
|
if ($value) {
|
|
return $value;
|
|
}
|
|
|
|
$token = $this->token;
|
|
|
|
return $token ? $this->buildPreview($token) : null;
|
|
}
|
|
|
|
private function buildPreview(string $token): string
|
|
{
|
|
$length = strlen($token);
|
|
|
|
if ($length <= 10) {
|
|
return $token;
|
|
}
|
|
|
|
return substr($token, 0, 6).'…'.substr($token, -4);
|
|
}
|
|
}
|