UserAccessController.php
1.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
namespace App\Http\Controllers\Backend\Access\User;
use App\Helpers\Auth\Auth;
use App\Access\Model\User\User;
use App\Exceptions\GeneralException;
use App\Http\Controllers\Controller;
use App\Http\Requests\Backend\Access\User\ManageUserRequest;
/**
* Class UserAccessController.
*/
class UserAccessController extends Controller
{
/**
* @param User $user
* @param ManageUserRequest $request
*
* @throws GeneralException
*
* @return \Illuminate\Http\RedirectResponse
*/
public function loginAs(User $user, ManageUserRequest $request)
{
// Overwrite who we're logging in as, if we're already logged in as someone else.
if (session()->has('admin_user_id') && session()->has('temp_user_id')) {
// Let's not try to login as ourselves.
if (access()->id() == $user->id || session()->get('admin_user_id') == $user->id) {
throw new GeneralException('Do not try to login as yourself.');
}
// Overwrite temp user ID.
session(['temp_user_id' => $user->id]);
// Login.
access()->loginUsingId($user->id);
// Redirect.
return redirect()->route(homeRoute());
}
app()->make(Auth::class)->flushTempSession();
// Won't break, but don't let them "Login As" themselves
if (access()->id() == $user->id) {
throw new GeneralException('Do not try to login as yourself.');
}
// Add new session variables
session(['admin_user_id' => access()->id()]);
session(['admin_user_name' => access()->user()->full_name]);
session(['temp_user_id' => $user->id]);
// Login user
access()->loginUsingId($user->id);
// Redirect to frontend
return redirect()->route(homeRoute());
}
}