Changes the way discord verification works

.env.example

@@ -1,7 +1,7 @@
 APP_NAME=Laravel
-APP_ENV=local
+APP_ENV=production
 APP_KEY=
-APP_DEBUG=true
+APP_DEBUG=false
 APP_URL=http://localhost
 
 LOG_CHANNEL=stack
@@ -20,20 +20,33 @@ PAYPAL_SECRET=
 PAYPAL_CLIENT_ID=
 PAYPAL_EMAIL=
 
+DISCORD_INVITE_URL=https://discord.gg/vrUYdxG4wZ
+#set-up for extra discord verification
 DISCORD_CLIENT_ID=
 DISCORD_CLIENT_SECRET=
-DISCORD_REDIRECT_URI=http://localhost:8000/auth/callback
-DISCORD_INVITE_URL=https://discord.gg/vrUYdxG4wZ
+DISCORD_REDIRECT_URI=http://YOUR_DOMAIN.COM/auth/callback
+#set-up will join users automaticly to your discord
+DISCORD_BOT_TOKEN=YOUR_DISCORD_BOT_TOKEN
+DISCORD_GUILD_ID=YOUR_DISCORD_SERVER_ID
 
 PTERODACTYL_TOKEN=
 PTERODACTYL_URL=https://panel.bitsec.dev
 PHPMYADMIN_URL=https://mysql.bitsec.dev
 
-
 RECAPTCHA_SITE_KEY=YOUR_API_SITE_KEY
 RECAPTCHA_SECRET_KEY=YOUR_API_SECRET_KEY
 
+MAIL_MAILER=smtp
+MAIL_HOST=mailhog
+MAIL_PORT=1025
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDRESS=null
+MAIL_FROM_NAME="${APP_NAME}"
 
+
+#you can leave everything below the way it is
 BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 QUEUE_CONNECTION=database
@@ -46,15 +59,6 @@ REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379
 
-MAIL_MAILER=smtp
-MAIL_HOST=mailhog
-MAIL_PORT=1025
-MAIL_USERNAME=null
-MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
-MAIL_FROM_ADDRESS=null
-MAIL_FROM_NAME="${APP_NAME}"
-
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 AWS_DEFAULT_REGION=us-east-1

app/Http/Controllers/Api/VerifyController.php

@@ -1,49 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\Configuration;
-use App\Models\DiscordUser;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Validation\ValidationException;
-
-class VerifyController extends Controller
-{
-    /**
-     * @param Request $request
-     * @return JsonResponse
-     * @throws ValidationException
-     */
-    public function verify(Request $request){
-        $request->validate([
-           'user_id' => 'required|exists:discord_users,id'
-        ] , [
-            'exists' => "You have not linked your account to our site"
-        ]);
-
-        $discordUser = DiscordUser::findOrFail($request->input('user_id'));
-
-        if(is_null($discordUser->user)){
-            throw ValidationException::withMessages([
-                'user_id' => ['User does not exist']
-            ]);
-        }
-
-        if (!is_null($discordUser->user->discord_verified_at)) {
-            throw ValidationException::withMessages([
-                'user_id' => ['Already verified!']
-            ]);
-        }
-
-        $discordUser->user->update([
-            'discord_verified_at' => now()
-        ]);
-
-        $discordUser->user->increment('credits' , Configuration::getValueByKey('CREDITS_REWARD_AFTER_VERIFY_DISCORD'));
-        $discordUser->user->increment('server_limit' , Configuration::getValueByKey('SERVER_LIMIT_REWARD_AFTER_VERIFY_DISCORD'));
-
-        return response()->json($discordUser , 200);
-    }
-}

app/Http/Controllers/Auth/SocialiteController.php

@@ -3,28 +3,60 @@
 namespace App\Http\Controllers\Auth;
 
 use App\Http\Controllers\Controller;
+use App\Models\Configuration;
 use App\Models\DiscordUser;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Http;
 use Laravel\Socialite\Facades\Socialite;
 
 class SocialiteController extends Controller
 {
     public function redirect()
     {
-        return Socialite::driver('discord')->redirect();
+        return Socialite::driver('discord')
+            ->scopes(['guilds.join'])
+            ->redirect();
     }
 
     public function callback()
     {
-        if (Auth::guest()) return abort(500);
+        if (Auth::guest()) {
+            return abort(500);
+        }
 
         $discord = Socialite::driver('discord')->user();
         $discordUser = DiscordUser::find($discord->id);
 
-        if (is_null($discordUser)) DiscordUser::create(array_merge($discord->user, ['user_id' => Auth::user()->id]));
-        else $discordUser->update($discord->user);
-
-
-        return redirect()->route('profile.index')->with('success', 'Discord account linked!');
+        $guildId = env('DISCORD_GUILD_ID', null);
+        $botToken = env('DISCORD_BOT_TOKEN', null);
+
+        //force user into discord server
+        //TODO Add event on failure, to notify ppl involved
+        if (!empty($guildId) && !empty($botToken)) {
+            $response = Http::withHeaders(
+                [
+                    'Authorization' => 'Bot ' . $botToken,
+                    'Content-Type' => 'application/json',
+                ]
+            )->put("https://discord.com/api/guilds/{$guildId}/members/{$discord->id}",
+                ['access_token' => $discord->token]);
+        }
+
+
+        if (is_null($discordUser)) {
+            //create discord user in db
+            DiscordUser::create(array_merge($discord->user, ['user_id' => Auth::user()->id]));
+            //update user
+            Auth::user()->increment('credits' , Configuration::getValueByKey('CREDITS_REWARD_AFTER_VERIFY_DISCORD'));
+            Auth::user()->increment('server_limit' , Configuration::getValueByKey('SERVER_LIMIT_REWARD_AFTER_VERIFY_DISCORD'));
+            Auth::user()->update(['discord_verified_at' => now()]);
+        } else {
+            $discordUser->update($discord->user);
+        }
+
+        return redirect()->route('profile.index')->with(
+            'success',
+            'Discord account linked!'
+        );
     }
 }

app/Http/Controllers/ProfileController.php

@@ -24,7 +24,11 @@ class ProfileController extends Controller
         ]);
     }
 
-    /** Update the specified resource in storage. */
+    /** Update the specified resource in storage.
+     * @param Request $request
+     * @param int $id
+     * @return RedirectResponse
+     */
     public function update(Request $request, int $id)
     {
         //prevent other users from editing a user

resources/views/profile/index.blade.php

@@ -44,7 +44,7 @@
                                          data-save-initial-image="true"
                                          style="width: 140px;height:140px; cursor: pointer"
                                          data-size="140,140">
-                                         <img src="{{$user->getAvatar()}}" alt="avatar">
+                                        <img src="{{$user->getAvatar()}}" alt="avatar">
                                     </div>
                                 </div>
                                 <div class="col d-flex flex-column flex-sm-row justify-content-between mb-3">
@@ -154,36 +154,36 @@
                                                 </div>
                                             </div>
                                         </div>
-                                        <div class="col-12 col-sm-5 offset-sm-1 mb-3">
-                                            <b>Link your discord account!</b>
-                                            @if(is_null(Auth::user()->discordUser))
-                                            <div class="verify-discord">
-                                                <div class="mb-3">
-                                                    <p>By verifying your discord account, you receive an extra <b><i class="fa fa-coins mx-1"></i>{{$credits_reward_after_verify_discord}}</b> credits and the <span class="text-primary">Verified</span> role!</p>
-                                                </div>
-                                            </div>
-
-                                            <a class="btn btn-light" href="{{route('auth.redirect')}}">
-                                                <i class="fab fa-discord mr-2"></i>Login with Discord
-                                            </a>
-                                            @else
-                                                @if(is_null(Auth::user()->discord_verified_at))
-                                                <div class="verify-in-server">
-                                                    <div class="my-3 callout callout-warning">
-                                                      <p>Hello <b>{{Auth::user()->discordUser->username}}</b>!<br>
-                                                          To complete the verification process, join our discord server and type the command <code>{{$discord_verify_command}}</code></p>
+                                        @if(!empty(env('DISCORD_CLIENT_ID')) && !empty(env('DISCORD_CLIENT_SECRET')))
+                                            <div class="col-12 col-sm-5 offset-sm-1 mb-3">
+                                                <b>Link your discord account!</b>
+                                                @if(is_null(Auth::user()->discordUser))
+                                                    <div class="verify-discord">
+                                                        <div class="mb-3">
+                                                            @if($credits_reward_after_verify_discord)
+                                                                <p>By verifying your discord account, you receive an
+                                                                    extra
+                                                                    <b><i
+                                                                            class="fa fa-coins mx-1"></i>{{$credits_reward_after_verify_discord}}
+                                                                    </b> credits and increased server limit
+                                                                </p>
+                                                            @endif
+                                                        </div>
                                                     </div>
-                                                </div>
+
+                                                    <a class="btn btn-light" href="{{route('auth.redirect')}}">
+                                                        <i class="fab fa-discord mr-2"></i>Login with Discord
+                                                    </a>
                                                 @else
                                                     <div class="verified-discord">
                                                         <div class="my-3 callout callout-info">
                                                             <p>You are verified!</p>
                                                         </div>
                                                     </div>
-                                                    @endif
-                                            @endif
+                                                @endif
 
-                                        </div>
+                                            </div>
+                                        @endif
                                     </div>
                                     <div class="row">
                                         <div class="col d-flex justify-content-end">

routes/api.php

@@ -2,7 +2,6 @@
 
 use App\Http\Controllers\Api\ServerController;
 use App\Http\Controllers\Api\UserController;
-use App\Http\Controllers\Api\VerifyController;
 use Illuminate\Support\Facades\Route;
 
 /*
@@ -15,7 +14,6 @@ use Illuminate\Support\Facades\Route;
 | is assigned the "api" middleware group. Enjoy building your API!
 |
 */
-Route::post('/verify', [VerifyController::class, 'verify']);
 
 Route::middleware('api.token')->group(function () {
     Route::resource('users', UserController::class)->except(['store', 'create']);