Log in using GitHub

Author: carlos-granados

.env.example

@@ -65,7 +65,6 @@ LEMON_SQUEEZY_PATH=
 GITHUB_PERSONAL_ACCESS_TOKEN=
 GITHUB_CLIENT_ID=
 GITHUB_CLIENT_SECRET=
-GITHUB_REDIRECT_URI=
 
 SPONSORS_GITHUB_USERNAMES=
 SPONSORS_GITHUB_COMPANY_USERNAMES=

app/Http/Controllers/Auth/GitHubLoginController.php

@@ -0,0 +1,55 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Auth;
+
+use App\Models\User;
+use App\Services\GitHub;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Laravel\Socialite\Facades\Socialite;
+use Laravel\Socialite\Two\GithubProvider;
+
+final readonly class GitHubLoginController
+{
+    /**
+     * Handles the GitHub login redirect.
+     */
+    public function index(): RedirectResponse
+    {
+        /** @var GithubProvider $driver */
+        $driver = Socialite::driver('github');
+
+        return $driver->redirectUrl(route('profile.connect.github.login.callback'))->redirect();
+    }
+
+    /**
+     * Handles the GitHub login callback.
+     */
+    public function update(Request $request, GitHub $github): RedirectResponse
+    {
+        $githubUser = Socialite::driver('github')->user();
+
+        $user = User::where('email', $githubUser->getEmail())->first();
+        if (! $user instanceof User) {
+            session([
+                'github_email' => $githubUser->getEmail(),
+                'github_username' => $githubUser->getNickname(),
+            ]);
+
+            return to_route('register');
+        }
+        if ($user->github_username === null) {
+            $errors = $github->linkGitHubUser($githubUser->getNickname(), $user, $request);
+
+            if ($errors !== []) {
+                return to_route('login')->withErrors($errors, 'github');
+            }
+        }
+        Auth::login($user);
+
+        return to_route('home.feed');
+    }
+}

app/Http/Controllers/Auth/RegisteredUserController.php

@@ -9,9 +9,11 @@
 use App\Rules\Recaptcha;
 use App\Rules\UnauthorizedEmailProviders;
 use App\Rules\Username;
+use App\Services\GitHub;
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Validation\Rules;
@@ -24,16 +26,27 @@
      */
     public function create(): View
     {
-        return view('auth.register');
+        $githubEmail = session()->pull('github_email');
+        $githubUsername = session()->pull('github_username');
+
+        return view('auth.register')->with('githubEmail', $githubEmail)->with('githubUsername', $githubUsername);
     }
 
     /**
      * Handle an incoming registration request.
      *
      * @throws \Illuminate\Validation\ValidationException
      */
-    public function store(Request $request): RedirectResponse
+    public function store(Request $request, GitHub $gitHub): RedirectResponse
     {
+        $githubUsername = $request->github_username;
+        if ($githubUsername) {
+            session([
+                'github_email' => $request->email,
+                'github_username' => $request->github_username,
+            ]);
+        }
+
         $request->validate([
             'name' => ['required', 'string', 'max:255'],
             'username' => ['required', 'string', 'min:4', 'max:50', 'unique:'.User::class, new Username],
@@ -43,13 +56,26 @@ public function store(Request $request): RedirectResponse
             'g-recaptcha-response' => app()->environment('production') ? ['required', new Recaptcha($request->ip())] : [],
         ]);
 
+        $request->session()->forget(['github_email', 'github_username']);
+
         $user = User::create([
             'name' => $request->name,
             'email' => $request->email,
             'username' => $request->username,
             'password' => Hash::make($request->string('password')->value()),
         ]);
 
+        if (is_string($githubUsername) && $githubUsername !== '') {
+            $errors = $gitHub->linkGitHubUser($githubUsername, $user, $request);
+            if ($errors !== []) {
+                $user->delete();
+
+                return to_route('register')->withErrors($errors, 'github');
+            }
+            $user->email_verified_at = Carbon::now();
+            $user->save();
+        }
+
         event(new Registered($user));
 
         Auth::login($user);

app/Http/Controllers/UserGitHubUsernameController.php

@@ -5,13 +5,12 @@
 namespace App\Http\Controllers;
 
 use App\Jobs\SyncVerifiedUser;
-use App\Jobs\UpdateUserAvatar;
 use App\Models\User;
+use App\Services\GitHub;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Validator;
-use Illuminate\Validation\ValidationException;
 use Laravel\Socialite\Facades\Socialite;
+use Laravel\Socialite\Two\GithubProvider;
 
 final readonly class UserGitHubUsernameController
 {
@@ -20,51 +19,31 @@
      */
     public function index(): RedirectResponse
     {
-        return type(Socialite::driver('github')->redirect())->as(RedirectResponse::class);
+        /** @var GithubProvider $driver */
+        $driver = Socialite::driver('github');
+
+        return $driver->redirectUrl(route('profile.connect.github.update'))->redirect();
     }
 
     /**
      * Handles the GitHub connection update.
      */
-    public function update(Request $request): RedirectResponse
+    public function update(Request $request, GitHub $github): RedirectResponse
     {
         $githubUser = Socialite::driver('github')->user();
 
         $user = type($request->user())->as(User::class);
 
-        try {
-            $validated = Validator::validate([
-                'github_username' => $githubUser->getNickname(),
-            ], [
-                'github_username' => ['required', 'string', 'max:255', 'unique:users,github_username'],
-            ], [
-                'github_username.unique' => 'This GitHub username is already connected to another account.',
-            ]);
-        } catch (ValidationException $e) {
-            if ($githubUser->getNickname() === $user->github_username) {
-                session()->flash('flash-message', 'The same GitHub account has been connected.');
-
-                return to_route('profile.edit');
-            }
-
-            return to_route('profile.edit')->withErrors($e->errors(), 'verified');
-        }
+        $githubUsername = $githubUser->getNickname();
 
-        $user->update($validated);
+        $errors = $github->linkGitHubUser($githubUsername, $user, $request);
 
-        SyncVerifiedUser::dispatchSync($user);
-
-        $user = type($user->fresh())->as(User::class);
-
-        $user->is_verified
-            ? session()->flash('flash-message', 'Your GitHub account has been connected and you are now verified.')
-            : session()->flash('flash-message', 'Your GitHub account has been connected.');
+        if ($errors !== []) {
+            if ($githubUsername === $user->github_username) {
+                session()->flash('flash-message', 'The same GitHub account has been connected.');
+            }
 
-        if (! $user->is_uploaded_avatar) {
-            UpdateUserAvatar::dispatch(
-                user: $user,
-                service: 'github',
-            );
+            return to_route('profile.edit')->withErrors($errors, 'verified');
         }
 
         return to_route('profile.edit');

app/Services/GitHub.php

@@ -5,7 +5,13 @@
 namespace App\Services;
 
 use App\Exceptions\GitHubException;
+use App\Jobs\SyncVerifiedUser;
+use App\Jobs\UpdateUserAvatar;
+use App\Models\User;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\ValidationException;
 
 final readonly class GitHub
 {
@@ -41,6 +47,55 @@ public function isCompanySponsor(string $username): bool
         )->values()->isNotEmpty();
     }
 
+    /**
+     * Validates the user received from Github and links our user to it
+     *
+     * @return array<string, mixed> list of validation errors
+     */
+    public function linkGitHubUser(?string $githubUsername, User $user, Request $request): array
+    {
+        try {
+            $validated = $this->validateGitHubUsername($githubUsername);
+        } catch (ValidationException $e) {
+            return $e->errors();
+        }
+
+        $user->update($validated);
+
+        SyncVerifiedUser::dispatchSync($user);
+
+        $user = type($user->fresh())->as(User::class);
+
+        $user->is_verified
+            ? $request->session()->flash('flash-message', 'Your GitHub account has been connected and you are now verified.')
+            : $request->session()->flash('flash-message', 'Your GitHub account has been connected.');
+
+        if (! $user->is_uploaded_avatar) {
+            UpdateUserAvatar::dispatch(
+                user: $user,
+                service: 'github',
+            );
+        }
+
+        return [];
+    }
+
+    /**
+     * @return array<string, mixed>
+     *
+     * @throws ValidationException
+     */
+    private function validateGitHubUsername(?string $githubUsername): array
+    {
+        return Validator::validate([
+            'github_username' => $githubUsername,
+        ], [
+            'github_username' => ['required', 'string', 'max:255', 'unique:users,github_username'],
+        ], [
+            'github_username.unique' => 'This GitHub username is already connected to another account.',
+        ]);
+    }
+
     /**
      * Get the content from the GitHub API.
      *

config/services.php

@@ -41,7 +41,7 @@
     'github' => [
         'client_id' => env('GITHUB_CLIENT_ID'),
         'client_secret' => env('GITHUB_CLIENT_SECRET'),
-        'redirect' => env('GITHUB_REDIRECT_URI'),
+        'redirect' => '',
         'token' => env('GITHUB_PERSONAL_ACCESS_TOKEN'),
     ],
 ];

resources/views/auth/login.blade.php

@@ -1,4 +1,9 @@
 <x-guest-layout>
+    <x-input-error
+        :messages="$errors->github->get('github_username')"
+        class="mb-5"
+    />
+
     <form
         method="POST"
         action="{{ route('login') }}"
@@ -91,6 +96,17 @@ class="text-sm dark:text-slate-200 text-slate-800 underline hover:no-underline"
         </div>
     </form>
 
+    <div class="mt-4 text-center">
+        <a
+            href="{{ route('profile.connect.github.login') }}"
+        >
+            <span class="inline-flex items-center gap-x-2 text-sm dark:text-slate-200 text-slate-800 underline hover:no-underline">
+                <x-icons.github class="inline-block h-6 w-6 mr-100" />
+                {{ __('Log in using GitHub') }}
+            </span>
+        </a>
+    </div>
+
     <x-section-border />
 
     <div class="mt-4 text-center text-sm text-slate-500">

resources/views/auth/register.blade.php

@@ -6,6 +6,17 @@
         ></script>
     @endsection
 
+    <x-input-error
+        :messages="$errors->github->get('github_username')"
+        class="mb-5"
+    />
+
+    @if ($githubUsername)
+        <div class="mb-5">
+            {{ __('To complete your registration using GitHub, please fill in these additional fields:') }}
+        </div>
+    @endif
+
     <form
         method="POST"
         action="{{ route('register') }}"
@@ -61,11 +72,12 @@ class="mt-2"
             />
             <x-text-input
                 id="email"
-                class="mt-1 block w-full"
+                class="mt-1 block w-full {{ $githubEmail !== null ? 'text-slate-500' : '' }}"
                 type="email"
                 name="email"
-                :value="old('email')"
+                :value="old('email', $githubEmail)"
                 required
+                :readonly="$githubEmail !== null"
                 autocomplete="email"
             />
             <x-input-error
@@ -162,6 +174,15 @@ class="mt-2"
             />
         @endif
 
+        @if ($githubUsername)
+            <x-text-input
+                id="github_username"
+                name="github_username"
+                type="hidden"
+                :value="$githubUsername"
+            />
+        @endif
+
         <div class="mt-4 flex items-center justify-end space-x-3.5 text-sm">
             <div>
                 <span class="text-slate-500">Already have an account?</span>

routes/auth.php

@@ -6,6 +6,7 @@
 use App\Http\Controllers\Auth\ConfirmablePasswordController;
 use App\Http\Controllers\Auth\EmailVerificationNotificationController;
 use App\Http\Controllers\Auth\EmailVerificationPromptController;
+use App\Http\Controllers\Auth\GitHubLoginController;
 use App\Http\Controllers\Auth\NewPasswordController;
 use App\Http\Controllers\Auth\PasswordResetLinkController;
 use App\Http\Controllers\Auth\RegisteredUserController;
@@ -47,6 +48,15 @@
         ->middleware('throttle:two-factor');
 });
 
+Route::prefix('/profile/connect/github')->group(function () {
+    Route::get('/login', [GitHubLoginController::class, 'index'])
+        ->name('profile.connect.github.login');
+
+    Route::get('/login/callback', [
+        GitHubLoginController::class, 'update',
+    ])->name('profile.connect.github.login.callback');
+});
+
 Route::middleware('auth')->group(function () {
     Route::get('verify-email', EmailVerificationPromptController::class)
         ->name('verification.notice');