critical patches for production environments, hotfix commonmark depre…

…cation error, use Redis facade instead of cache facade
fleetbase · Jan 19, 2024 · d57d0ba · d57d0ba
1 parent cfba573
commit d57d0ba
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 46 deletions.
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "fleetbase/core-api",
-    "version": "1.3.8",
+    "version": "1.3.9",
     "description": "Core Framework and Resources for Fleetbase API",
     "keywords": [
         "fleetbase",

diff --git a/src/Http/Controllers/Internal/v1/AuthController.php b/src/Http/Controllers/Internal/v1/AuthController.php
@@ -20,7 +20,6 @@
 use Fleetbase\Support\Utils;
 use Illuminate\Http\Request;
 use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Redis;
 use Illuminate\Support\Str;
 
@@ -210,8 +209,8 @@ public function createVerificationSession(Request $request)
         $token = Str::random(40);
         $verificationSessionToken = base64_encode($email . '|' . $token);
 
-        // Store in session
-        Cache::put($verificationSessionToken, $token, Carbon::now()->addMinutes(5));
+        // Store in redis
+        Redis::set($token, $verificationSessionToken, Carbon::now()->addMinutes(5));
 
         // If opted to send verification token along with session
         if ($send) {
@@ -243,9 +242,10 @@ public function validateVerificationSession(Request $request)
         $email = $request->input('email');
         $token = $request->input('token');
         $verificationSessionToken = base64_encode($email . '|' . $token);
+        $isValid = Redis::get($token) === $verificationSessionToken;
 
         return response()->json([
-            'valid' => Cache::has($verificationSessionToken)
+            'valid' => $isValid
         ]);
     }
 
@@ -261,9 +261,10 @@ public function sendVerificationEmail(Request $request)
         $email = $request->input('email');
         $token = $request->input('token');
         $verificationSessionToken = base64_encode($email . '|' . $token);
+        $isValid = Redis::get($token) === $verificationSessionToken;
 
         // Check in session
-        if (!Cache::has($verificationSessionToken)) {
+        if (!$isValid) {
             return response()->error('Invalid verification session.');
         }
 
@@ -296,9 +297,10 @@ public function verifyEmail(Request $request)
         $email = $request->input('email');
         $code    = $request->input('code');
         $verificationSessionToken = base64_encode($email . '|' . $token);
+        $isValid = Redis::get($token) === $verificationSessionToken;
 
         // Check in session
-        if (!Cache::has($verificationSessionToken)) {
+        if (!$isValid) {
             return response()->error('Invalid verification session.');
         }
 

diff --git a/src/Http/Controllers/Internal/v1/OnboardController.php b/src/Http/Controllers/Internal/v1/OnboardController.php
@@ -11,6 +11,7 @@
 use Fleetbase\Models\VerificationCode;
 use Illuminate\Http\Request;
 use Illuminate\Support\Carbon;
+use Illuminate\Support\Str;
 
 class OnboardController extends Controller
 {
@@ -38,11 +39,18 @@ public function createAccount(OnboardRequest $request)
         // if first user make admin
         $isAdmin = !User::exists();
 
+        // Get user properties
+        $name = $request->input('name');
+        $email = $request->input('email');
+        $phone = $request->input('phone');
+        $username = Str::slug($name . Str::random(3), '_');
+
         // create user account
         $user = User::create([
-            'name'   => $request->input('name'),
-            'email'  => $request->input('email'),
-            'phone'  => $request->input('phone'),
+            'name'   => $name,
+            'email'  => $email,
+            'phone'  => $phone,
+            'username' => $username,
             'status' => 'active',
         ]);
 
@@ -70,7 +78,14 @@ public function createAccount(OnboardRequest $request)
         try {
             VerificationCode::generateEmailVerificationFor($user);
         } catch (\Throwable $e) {
-            // silence
+            // If phone number is supplied send via SMS
+            if ($user->phone) {
+                try {
+                    VerificationCode::generateSmsVerificationFor($user);
+                } catch (\Throwable $e) {
+                    // silence
+                }
+            }
         }
 
         // send account created event
@@ -204,7 +219,6 @@ public function verifyEmail(Request $request)
         } elseif ($verifyCode->for === 'phone_verification') {
             $user->phone_verified_at = $verifiedAt;
         }
-
 
         $user->status = 'active';
         $user->updateLastLogin();

diff --git a/src/Http/Requests/OnboardRequest.php b/src/Http/Requests/OnboardRequest.php
@@ -16,37 +16,7 @@ public function authorize()
     {
         return true;
     }
-
-    protected function failedValidation(Validator $validator)
-    {
-        $errors   = $validator->errors();
-        $response = [
-            'errors' => [$errors->first()],
-        ];
-        // if more than one error display the others
-        if ($errors->count() > 1) {
-            $response['errors'] = collect($errors->all())
-                ->values()
-                ->toArray();
-        }
-
-        return response()->json($response, 422);
-    }
-
-    /**
-     * Get custom attributes for validator errors.
-     *
-     * @return array
-     */
-    public function attributes()
-    {
-        return collect(array_keys($this->rules()))
-            ->mapWithKeys(function ($key) {
-                return [$key => str_replace(['.', '_'], ' ', $key)];
-            })
-            ->toArray();
-    }
-
+
     /**
      * Get the validation rules that apply to the request.
      *

diff --git a/src/Mail/VerifyEmail.php b/src/Mail/VerifyEmail.php
@@ -5,6 +5,7 @@
 use Fleetbase\Models\VerificationCode;
 use Illuminate\Bus\Queueable;
 use Illuminate\Mail\Mailable;
+// use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Queue\SerializesModels;
 
@@ -40,6 +41,7 @@ public function build()
             ->html((new MailMessage())
                     ->greeting($this->greeting)
                     ->line('Welcome to Fleetbase, use the code below to verify your email address and complete registration to Fleetbase.')
+                    ->line('')
                     ->line('Your verification code: ' . $this->verifyCode)
                     ->render()
             );

diff --git a/src/Models/User.php b/src/Models/User.php
@@ -104,7 +104,6 @@ class User extends Authenticatable
         'uuid',
         'public_id',
         '_key',
-        'company_uuid',
         'avatar_uuid',
         'username',
         'email',
@@ -127,7 +126,7 @@ class User extends Authenticatable
      *
      * @var array
      */
-    protected $guarded = ['password', 'type'];
+    protected $guarded = ['password', 'type', 'company_uuid'];
 
     /**
      * The attributes that should be hidden for arrays.
@@ -568,7 +567,6 @@ public function sendInviteFromCompany(Company $company = null): bool
             'protocol'     => 'email',
             'reason'       => 'join_company',
         ])->whereJsonContains('recipients', $this->email)->exists();
-
         if ($isAlreadyInvited) {
             return false;
         }

diff --git a/src/Providers/CoreServiceProvider.php b/src/Providers/CoreServiceProvider.php
@@ -74,6 +74,7 @@ public function boot()
     {
         JsonResource::withoutWrapping();
 
+        $this->__hotfixCommonmarkDeprecation();
         $this->registerCommands();
         $this->registerObservers();
         $this->registerExpansionsFrom();
@@ -446,4 +447,38 @@ private function findPackageNamespace($path = null): ?string
     {
         return Utils::findPackageNamespace($path);
     }
+
+    /**
+     * Apply a hotfix for a deprecation issue in the league/commonmark package.
+     *
+     * The league/commonmark package triggers deprecation notices using the `trigger_deprecation` function,
+     * which interferes with the normal application flow. This hotfix introduces a custom implementation
+     * of `trigger_deprecation` that specifically skips triggering deprecations for the league/commonmark package.
+     * This allows the application to continue running without being affected by the league/commonmark deprecations.
+     *
+     * @return void
+     */
+    private function __hotfixCommonmarkDeprecation(): void
+    {
+        if (!function_exists('trigger_deprecation')) {
+            /**
+             * Custom implementation of trigger_deprecation.
+             *
+             * @param string $package The name of the Composer package
+             * @param string $version The version of the package
+             * @param string $message The message of the deprecation
+             * @param mixed  ...$args Values to insert in the message using printf() formatting
+             */
+            function trigger_deprecation(string $package, string $version, string $message, mixed ...$args): void
+            {
+                // Check if the package is "league/commonmark" and skip triggering the deprecation
+                if ($package === 'league/commonmark') {
+                    return;
+                }
+
+                // Otherwise, trigger the deprecation as usual
+                @trigger_error(($package || $version ? "Since $package $version: " : '') . ($args ? vsprintf($message, $args) : $message), \E_USER_DEPRECATED);
+            }
+        }
+    }
 }