From d0eda6606e635664a535e01bf47f42724db64561 Mon Sep 17 00:00:00 2001
From: Dave Roverts <me@daveroverts.nl>
Date: Sun, 13 Feb 2022 16:47:03 +0100
Subject: [PATCH] fix: fix first login not logging in

This fixes the issue where the first login (register) somehow didn't happen. When you press 'Login'
a second time, user was logged in.

fix #408
---
 app/Http/Controllers/Auth/LoginController.php | 39 +++++++++++--------
 app/Models/User.php                           |  2 +-
 2 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 8a382cd6..1eec3cdc 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -58,7 +58,7 @@ public function login(Request $request)
             return redirect()->away($authorizationUrl);
         } elseif ($request->input('state') !== session()->pull('oauthstate')) { // State mismatch, error
             flashMessage('error', 'Login failed', 'Something went wrong, please try again');
-            return redirect('/')->withError("Something went wrong, please try again.");
+            return redirect(route('home'));
         } else { // Callback (user has just logged in Connect)
             return $this->verifyLogin($request);
         }
@@ -72,7 +72,7 @@ protected function verifyLogin(Request $request)
             ]);
         } catch (IdentityProviderException $e) {
             flashMessage('error', 'Login failed', 'Something went wrong, please try again');
-            return redirect('/')->withError("Something went wrong, please try again later.");
+            return redirect(route('home'));
         }
         $resourceOwner = json_decode(json_encode($this->provider->getResourceOwner($accessToken)->toArray()));
 
@@ -91,36 +91,40 @@ protected function verifyLogin(Request $request)
             !$data['email']
         ) {
             flashMessage('error', 'Login failed', 'We need you to grant us all marked permissions');
-            return redirect('/')->withError("We need you to grant us all marked permissions");
+            return redirect(route('home'));
         }
 
         $this->completeLogin($data, $accessToken);
+
         if (session('booking')) {
             $booking = Booking::whereUuid(session('booking'))->first();
             session()->forget('booking');
             if (!empty($booking)) {
                 if ($booking->status !== BookingStatus::BOOKED) {
-                    return redirect()->intended(route('bookings.edit', $booking))->withSuccess('Login Successful');
+                    return redirect(route('bookings.edit', $booking));
                 }
-                return redirect()->intended(route('bookings.show', $booking))->withSuccess('Login Successful');
+                return redirect(route('bookings.show', $booking));
             }
         } elseif (session('event')) {
             $event = Event::whereSlug(session('event'))->first();
             session()->forget('event');
             if (!empty($event)) {
-                return redirect()->intended(route('events.show', $event))->withSuccess('Login Successful');
+                return redirect(route('events.show', $event));
             }
         }
-        return redirect()->intended('/')->withSuccess('Login Successful');
+        return redirect(route('home'));
     }
 
-    protected function completeLogin($data, $token)
+    protected function completeLogin($data, $token): User
     {
-        $account = User::firstOrNew(['id' => $data['cid']]);
-        $account->id = $data['cid'];
-        $account->name_first = $data['first_name'];
-        $account->name_last = $data['last_name'];
-        $account->email = $data['email'];
+        $account = User::updateOrCreate(
+            ['id' => $data['cid']],
+            [
+                'name_first' => $data['first_name'],
+                'name_last' => $data['last_name'],
+                'email' => $data['email'],
+            ]
+        );
 
         if ($token->getToken() !== null) {
             $account->access_token = $token->getToken();
@@ -133,15 +137,16 @@ protected function completeLogin($data, $token)
         }
 
         $account->save();
-        auth()->login($account, true);
-        activity()->causedBy(auth()->user())->log('Login');
+        auth()->loginUsingId($data['cid'], true);
+        activity()->log('Login');
+
         return $account;
     }
 
     public function logout()
     {
-        activity()->causedBy(auth()->id())->log('Logout');
+        activity()->log('Logout');
         auth()->logout();
-        return redirect('/');
+        return redirect(route('home'));
     }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
index cf169f3c..c116bde1 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -63,7 +63,7 @@ class User extends Authenticatable
     use Notifiable;
 
     protected $guarded = [
-        'id', 'isAdmin'
+        'isAdmin'
     ];
     /**
      * The attributes that should be hidden for arrays.