HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/tracking.naniguide.com/app/controllers/UsersController.php
<?php
/**
 * =======================================================================================
 *                           GemFramework (c) GemPixel
 * ---------------------------------------------------------------------------------------
 *  This software is packaged with an exclusive framework as such distribution
 *  or modification of this framework is not allowed before prior consent from
 *  GemPixel. If you find that this framework is packaged in a software not distributed
 *  by GemPixel or authorized parties, you must not use this software and contact GemPixel
 *  at https://gempixel.com/contact to inform them of this misuse.
 * =======================================================================================
 *
 * @package GemPixel\Premium-URL-Shortener
 * @author GemPixel (https://gempixel.com)
 * @license https://gempixel.com/licenses
 * @link https://gempixel.com
 */


use Core\Request;
use Core\View;
use Core\Helper;
use Core\Auth;
use Core\DB;
use Models\User;
use Models\Plans;

class Users {

    /**
     * Regenerate Authentication Token
     * @param bool
     */
    private $regenerateToken = false;

    /**
     * Maximum Login Attempts
     * @param int
     */
    private $maxLoginAttempts = 10;

    /**
     * Login Page
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.4
     * @return void
     */
    public function login(Request $request){

        View::set('title', e('Login to your account'));
        View::set("description","Login to your account and bookmark your favorite sites.");

        if(_STATE == 'DEMO') {
            View::push('<script>if(this != top){top.location.href = this.location.href;}</script>', 'custom')->toHeader();
        }

        if($request->email){
            View::push('<script>$("input[name=email]").val("'.Helper::clean($request->email, 3, true).'")</script>', 'custom')->toFooter();
        }

        return View::with('auth.login')->extend('layouts.auth');
    }

    /**
     * Validate Login
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function loginAuth(Request $request){

        if($request->cookie('__bl')){
            return back()->with('danger', e('You have been blocked for 1 hour due to many unsuccessful login attempts.'));
        }

        if(!$request->email) return Helper::redirect()->back()->with('danger', e('Please enter a valid email or username.'));

        if(!$request->password) return Helper::redirect()->back()->with('danger', e('Wrong email and password combination.'));

        \Core\Plugin::dispatch('login.verify', $request);

        if(Helper::Email($request->email)){
            $user = User::where("email", clean($request->email))->first();
        } else {
            $user = User::where("username", clean($request->email))->first();
        }

        if(!$user) return Helper::redirect()->back()->with('danger', e('Wrong email and password combination.'));

        Helper::set("hashCost", 8);

        $loginCount = $request->session('login_count');

        if($loginCount === false){
            $request->session('login_count', 0);
            $loginCount = 0;
        }

        if(Helper::validatePass($request->password, $user->password)){

            \Core\Plugin::dispatch('login.verified', [$request, $user]);

            if(config('maintenance') && !$user->admin) return Helper::redirect()->back()->with("danger",e("We are currently offline for maintenance. We will be back online as soon as we are done. It should not take long."));

            // Check if banned
            if($user->banned){
                return Helper::redirect()->back()->with("danger",e("You have been banned due to abuse. Please contact us for clarification."));
            }
            // Check if inactive
            if(!$user->active){
                return Helper::redirect()->back()->with("danger",e("You haven't activated your account. Please check your email for the activation link. If you haven't received any emails from us, please contact us.").' '.(config('user_activate') ? '<br><br><a href="'.route('verifyemail', ['email' => $user->email, 'token' => Helper::nonce('verifyemail')]).'" class="btn btn-light text-danger btn-sm">'.e('Click here to resend').'</a>' : ''));
            }

            // Check if expired
			if($user->expiration && strtotime($user->expiration) < time()){
                $user->pro = 0;
                $user->save();
			}

			// If not pro set as free plan
			if(!$user->pro){
				if(is_null($user->planid) || $user->plan() ){
					if($plan = Plans::where("free", "1")->where('status', 1)->orderByDesc('id')->first()){
						$user->planid = $plan->id;
                        $user->save();
					}
				}
			}
            // Check 2FA
            if(!empty($user->secret2fa)) {
                $key = Helper::encrypt($user->secret2fa);
				$request->session('2FAKEY', $key);
				return Helper::redirect()->to(route('login.2fa'))->with("success", e("Please enter the 2FA access code to login."));
			}

            if(config('userlogging')){
                if($logs = \Core\DB::appevents()->where('type', 'login')->where('userid', $user->id)->limit(10)->findMany()){
                    $ips = [];
                    foreach($logs as $log){
                        $data = json_decode($log->data);
                        $ips[] = $data->ip;
                    }                 
                    if(!in_array($request->ip(), $ips)){
                        \Helpers\Emails::newip($user);
                    }   
                }
            }

            session_regenerate_id();

            if($this->regenerateToken || empty($user->auth_key)){
                $newAuthKey = Helper::Encode($user->email.$user->id.uniqid().rand(0, 99999));
                $user->auth_key = $newAuthKey;
                $user->save();
            }

            // Set Session
            $sessiondata = Helper::encrypt(json_encode(["loggedin" => true, "key" => $user->auth_key.$user->id]));

            if($request->rememberme){
              // Set Cookie for 30 days
              $request->cookie(Auth::COOKIE, $sessiondata, 30*24*60);
            }else{
              $request->session(Auth::COOKIE, $sessiondata);
            }            

            // @group Plugin
            \Core\Plugin::dispatch('logged', $user);
            
            $location = $request->country();

            \Helpers\Events::for('login')->user($user->id)->log(json_encode([
                'ip' => $request->ip(),
                'country' => $location['country'] ?? null,
                'city' => $location['city'] ?? null,
                'os' => $request->device(),
                'browser' => $request->browser()
            ]));

            if($location = $request->session('redirect')){
                $request->unset('redirect');
                return Helper::redirect()->to($location)->with('success', e('You have been successfully registered.'));
            }

            return Helper::redirect()->to(route('dashboard'));
        }

        $loginCount++;
        $request->session('login_count', $loginCount);

        if($loginCount >= $this->maxLoginAttempts){
            $request->cookie('__bl', md5(rand(10000, 101010)), 60);
        }

        return Helper::redirect()->back()->with('danger', e('Wrong email and password combination.'));
    }
    /**
     * Validate User 2FA
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @return void
     */
    public function login2FA(Request $request){

        if(!$request->session('2FAKEY')) return Helper::redirect()->to(route('login'));

        View::set('title', e("Enter your 2FA access code"));

        View::push(assets('frontend/libs/jquery-mask-plugin/dist/jquery.mask.min.js'), 'js')->toFooter();

        return View::with('auth.2fa')->extend('layouts.auth');
    }
    /**
     * Validate 2FA
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function login2FAValidate(Request $request){

        if(!$request->session('2FAKEY')) return Helper::redirect()->to(route('login'));

        $key = Helper::decrypt($request->session('2FAKEY'));

        if(!$user = DB::user()->where('secret2fa', $key)->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("Invalid token. Please try again."));
        }

        $request->secret = str_replace(' ', '', $request->secret);

        if(strlen($request->secret) != 6) return back()->with("danger", e("Invalid token. Please try again."));

        $gAuth = new \Sonata\GoogleAuthenticator\GoogleAuthenticator();

        if(!$gAuth->checkCode($user->secret2fa, $request->secret)) {
            
            $location = $request->country();

            \Helpers\Events::for('2fa')->user($user->id)->log(json_encode([
                'ip' => $request->ip(),
                'country' => $location['country'] ?? null,
                'city' => $location['city'] ?? null,
                'os' => $request->device(),
                'browser' => $request->browser()
            ]));

            return back()->with("danger", e("Invalid token. Please try again."));
        }

        session_regenerate_id();

        if($this->regenerateToken){
            $newAuthKey = Helper::Encode($user->email.$user->id.uniqid().rand(0, 99999));
            $user->auth_key = $newAuthKey;
            $user->save();
        }

        // Set Session
        $sessiondata = Helper::encrypt(json_encode(["loggedin" => true, "key" => $user->auth_key.$user->id]));

        $request->cookie(Auth::COOKIE, $sessiondata, 30*24*60);

        // @group Plugin
        \Core\Plugin::dispatch('logged', $user);

        if($location = $request->session('redirect')){
            $request->unset('redirect');
            return Helper::redirect()->to($location)->with('success', e('You have been successfully logged.'));
        }

        return Helper::redirect()->to(route('dashboard'));
    }

    /**
     * Register page
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.4
     * @return void
     */
    public function register(Request $request){

        if(!config("user") || config("private") || config("maintenance")) return Helper::redirect()->to(route('login'))->with("danger", e("We are not accepting users at this time."));

        View::set('title', e('Register and manage your urls'));
        View::set("description", e('Register an account and gain control over your urls. Manage them, edit them or remove them without hassle.'));

        $locale = \Core\Localization::locale();

        $page = DB::page()->where('category', 'terms')->where('lang', $locale)->first();

        if($request->email){
            View::push('<script>$("input[name=email]").val("'.Helper::clean($request->email, 3, true).'")</script>', 'custom')->toFooter();
        }
        if($request->username){
            View::push('<script>$("input[name=username]").val("'.Helper::clean($request->username, 3, true).'")</script>', 'custom')->toFooter();
        }

        return View::with('auth.register', compact('page'))->extend('layouts.auth');
    }

    /**
     * Validate Register
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function registerValidate(Request $request){

        if(!config("user") || config("private") || config("maintenance")) return Helper::redirect()->to(route('login'))->with("danger", e("We are not accepting users at this time."));

        if(!config('system_registration')) return Helper::redirect()->to(route('login'))->with("danger", e("Please use a social media platform to login or register."));

        $request->save('email', clean($request->email));
        $request->save('username', clean($request->username));

        if(!$request->email || !$request->username || !$request->password) return Helper::redirect()->back()->with('danger', e('The email, the username and the password are required.'));

        $user = DB::user()->create();

        if(!$request->validate($request->email, 'email')) return Helper::redirect()->back()->with('danger', e('Please enter a valid email.'));

        if(DB::user()->where('email', $request->email)->first()) return Helper::redirect()->back()->with('danger', e('An account is already associated with this email.'));

        $user->email = Helper::RequestClean($request->email);

        if(!$request->validate($request->username, 'username')) return Helper::redirect()->back()->with('danger', e('Please enter a valid username.'));
        if(DB::user()->where('username', $request->username)->first()) return Helper::redirect()->back()->with('danger', e('Username already exists.'));

        $user->username = Helper::RequestClean($request->username);

        if(in_array($user->username, ['admin','moderator','owner','founder'])) return Helper::redirect()->back()->with('danger', e("This username cannot be used or already exists. Please choose another username"));

        if(strlen($request->password) < 5) return Helper::redirect()->back()->with('danger', e('Password must be at least 5 characters.'));

        if(strlen($request->password) > 64) return Helper::redirect()->back()->with('danger', e('Your password is too long. Passwords must be between 8 to 64 characters.'));

        if($request->password != $request->cpassword) return Helper::redirect()->back()->with('danger', e("Passwords don't match."));

        if(!$request->terms) return Helper::redirect()->back()->with('danger', e('You must agree to our terms of service.'));


        if($request->bioalias){
            $request->cookie('bioalias', clean($request->bioalias), 2*24*60);
        }

        // @group Plugin
        \Core\Plugin::dispatch('register.verify', $request);

        Helper::set("hashCost", 8);
        $user->password = Helper::Encode($request->password);

        $user->date = Helper::dtime();
        $user->api = md5(Helper::rand(32).time());
        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->public = 0;
        $user->auth_key = Helper::Encode($user->email.Helper::dtime());
        $user->active = config("user_activate") ? 0 : 1;

        $user->address = json_encode([
            "type"      =>  'personal',
            "company" 	=>	'',
            "taxid" 	=>	'',
            "address" 	=>	'',
            "city" 		=>	'',
            "state" 	=>	'',
            "zip" 		=>	'',
            "country" 	=>	clean($request->country()['country'])
        ]);

        if($plan = DB::plans()->where('free', 1)->where('status', 1)->orderByDesc('id')->first()){
            $user->pro = '0';
            $user->planid = $plan->id;
        }

        $user->save();

        // @group Plugin
        \Core\Plugin::dispatch('registered', $user);

        $request->clear();

        if(config('affiliate')->enabled && $request->cookie('urid')){

            if(is_numeric($request->cookie('urid'))){
                $affuser = DB::user()->where('id', clean($request->cookie('urid')))->first();
            }else{
                $affuser = DB::user()->where('username', clean($request->cookie('urid')))->first();
            }

            if($affuser){
                $affiliate = DB::affiliates()->create();
                $affiliate->refid = $affuser->id;
                $affiliate->userid = $user->id;
                $affiliate->amount = "0.00";
                $affiliate->referred_on = Helper::dtime();
                $affiliate->save();
            }
        }

        if($request->bioalias){
            $request->cookie('bioalias', clean($request->bioalias), 2*24*60);
        }

        if(config('user_activate')){

            \Helpers\Emails::renewEmail($user);
            return Helper::redirect()->to(route('login'))->with('success', e("An email has been sent to activate your account. Please check your spam folder if you didn't receive it."));
        }

        \Helpers\Emails::registered($user);

        Auth::loginId($user->id);

        if($location = $request->session('redirect')){
            return Helper::redirect()->to($location)->with('success', e('You have been successfully registered.'));
        }

        return Helper::redirect()->to(route('dashboard'))->with('success', e('You have been successfully registered.'));
    }

    /**
     * Forgot Password page
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.4
     * @return void
     */
    public function forgot(Request $request){

        View::set('title', e("Reset Password"));
        View::set('description', e("If you forgot your password, you can request a link to reset your password."));

        if($request->email){
            View::push('<script>$("input[name=email]").val("'.Helper::clean($request->email, 3, true).'")</script>', 'custom')->toFooter();
        }

        return View::with('auth.forgot')->extend('layouts.auth');
    }

    /**
     * Validate and send new password link
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function forgotSend(Request $request){

        if(!$request->validate($request->email, 'email')) return back()->with('danger', e('Please enter a valid email.'));

        if($user = DB::user()->where('email', clean($request->email))->first()){

            $user->uniquetoken = md5(Helper::rand(64).time());
            $user->save();

            \Helpers\Emails::reset($user);
        }

        return Helper::redirect()->to(route('login'))->with("success", e("If an active account is associated with this email, you should receive an email shortly."));
    }

    /**
     * Reset Password
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param string $token
     * @return void
     */
    public function reset(string $token){

        $data = explode('-', clean($token));

        if(!isset($data[1])) return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));

        $unique = $data[0];

        $expiry = $data[1];

        if($expiry != md5(AuthToken.": Expires on".strtotime(date('Y-m-d')))){
            return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));
        }

        if(!$user = DB::user()->where('uniquetoken', $unique)->first()){
            return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));
        }

        View::set('title', e("Reset Password"));

        return View::with('auth.reset', compact('token'))->extend('layouts.auth');
    }
   /**
    * Change Password
    *
    * @author GemPixel <https://gempixel.com>
    * @version 6.0
    * @param \Core\Request $request
    * @param string $token
    * @return void
    */
    public function resetChange(Request $request, string $token){
        $data = explode('-', clean($token));

        if(!isset($data[1])) return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));

        $unique = $data[0];

        $expiry = $data[1];

        if($expiry != md5(AuthToken.": Expires on".strtotime(date('Y-m-d')))){
            return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));
        }

        if(!$user = DB::user()->where('uniquetoken', $unique)->first()){
            return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));
        }

        if(strlen($request->password) < 5) return Helper::redirect()->back()->with('danger', e('Password must be at least 5 characters.'));

        if($request->password != $request->cpassword) return Helper::redirect()->back()->with('danger', e("Passwords don't match."));

        if(Helper::validatePass($request->password, $user->password)){
            return Helper::redirect()->back()->with('danger', e("Your new password cannot be the same as the old password."));
        }

        Helper::set("hashCost", 8);
        $user->password = Helper::Encode($request->password);
        $user->auth_key = Helper::Encode($user->email.Helper::dtime());
        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->save();

        \Helpers\Emails::passwordChanged($user);
        
        $location = $request->country();
        \Helpers\Events::for('password')->user($user->id)->log(json_encode([
            'ip' => $request->ip(),
            'country' => $location['country'] ?? null,
            'city' => $location['city'] ?? null,
            'os' => $request->device(),
            'browser' => $request->browser()
        ]));

        return Helper::redirect()->to(route('login'))->with("success", e("Your password has been changed."));
    }

   /**
    * Activate Account
    *
    * @author GemPixel <https://gempixel.com>
    * @version 6.0
    * @param string $token
    * @return void
    */
    public function activate(string $token){

        if(!$user = DB::user()->where('uniquetoken', clean($token))->first()){
            return Helper::redirect()->to(route('forgot'))->with("danger", e("Token has expired, please request another link."));
        }

        if(!$user->active){
            $user->active = 1;
            $user->uniquetoken = md5(Helper::rand(64).time());
            $user->save();
            \Helpers\Emails::activate($user);
        }

        return Helper::redirect()->to(route('login'))->with("success", e("Your email has been successfully verified."));
    }

     /**
     * Invited
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.8
     * @param string $token
     * @return void
     */
    public function invited(Request $request, string $token){

        if(!$user = DB::user()->where('uniquetoken', clean($token))->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("The invitation link has expired or is currently unavailable. Please contact administrator."));
        }

        if($user->active == '1'){

            if(Auth::logged()){
                if(Auth::user()->id == $user->id){
                    return Helper::redirect()->to(route('team.accept', [$token]));
                }else{
                    return Helper::redirect()->to(route('dashboard'))->with('danger', e('An error occurred. Please try again.'));
                }
            }

            $request->session('redirect', route('team.accept', [$token]));
            return Helper::redirect()->to(route('login'))->with('success', e('Please login to your account to accept this invitation.'));
        }

        View::set('title', e("Join Team"));

        $page = DB::page()->where('category', 'terms')->first();

        return View::with('auth.invite', compact('token', 'page', 'user'))->extend('layouts.auth');
    }
    /**
     * Accept Invitation
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @param string $token
     * @return void
     */
    public function acceptInvitation(Request $request, string $token){

        if(!$user = DB::user()->where('uniquetoken', clean($token))->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("The invitation link has expired or is currently unavailable. Please contact administrator."));
        }

        if(!$request->validate($request->username, 'username')) return Helper::redirect()->back()->with('danger', e('Please enter a valid username.'));

        if(DB::user()->where('username', $request->username)->first()) return Helper::redirect()->back()->with('danger', e('Username already exists.'));

        $user->username = Helper::RequestClean($request->username);

        if(in_array($user->username, ['admin','moderator','owner','founder'])) return Helper::redirect()->back()->with('danger', e("This username cannot be used or already exists. Please choose another username"));

        if(strlen($request->password) < 5) return Helper::redirect()->back()->with('danger', e('Password must be at least 5 characters.'));

        if($request->password != $request->cpassword) return Helper::redirect()->back()->with('danger', e("Passwords don't match."));

        if(!$request->terms) return Helper::redirect()->back()->with('danger', e('You must agree to our terms of service.'));

        Helper::set("hashCost", 8);

        $user->password = Helper::Encode($request->password);
        $user->date = Helper::dtime();
        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->active = 1;
        $user->save();

        $team = DB::members()->where('userid', $user->id)->first();
        $team->status = 1;
        $team->save();

        return Helper::redirect()->to(route('login'))->with('success', e('Your account has been successfully activated.'));
    }
    /**
     * Logout User
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.6
     * @return void
     */
    public function logout(){

        Auth::logout();

        request()->unset('logged_as');

        return Helper::redirect()->to(route('login'))->with('success', e('You have been successfully logged out.'));
    }

    /**
    * Login with Facebook
    *
    * @author GemPixel <https://gempixel.com>
    * @version 6.0
    * @param \Core\Request $request
    * @return void
    */
    public function loginWithFacebook(Request $request){

        if(!config("fb_connect") || empty(config("facebook_app_id")) || empty(config("facebook_secret"))) return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Facebook connect is not available right now."));

        if($request->error) return Helper::redirect()->to(route('login'))->with("danger", e("You must grant access to this application to use your facebook account."));

        $fb = new \Helpers\FacebookAuth(config("facebook_app_id"), config("facebook_secret"), route('login.facebook'));


        if(!$request->code){
            return Helper::redirect()->to($fb->redirectURI($request));
        }

        try{

            $fb->getAccessToken($request);

        } catch(\Exception $e){

            GemError::log('Facebook Auth: '.$e->getMessage()."\n".$e->getTraceAsString());
            return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Facebook connect is not available right now."));

        }

        $userInfo = $fb->getUser();

        if(!isset($userInfo->email) || !isset($userInfo->id) || empty($userInfo->email) || empty($userInfo->id)) return Helper::redirect()->to(route('login'))->with("danger", e("You must grant permission to this application to use your profile information."));

        // Check if email is already taken
        if(DB::user()->whereRaw("(auth != 'facebook' OR auth IS NULL)")->where('email', $userInfo->email)->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("The email linked to your account has been already used. If you have used that, please login to your existing account otherwise please contact us."));
        }

        // Let's see if the user is registered
        if($user = DB::user()->where('auth', 'facebook')->whereAnyIs([['email' => $userInfo->email], ['auth_id'=> $userInfo->id]])->first()){

            // Check Auth Key: If empty generate one
            if(empty($user->auth_key)){
                $user->auth_key = Helper::Encode(Helper::rand(12));
                // Update database
                $user->save();
            }
            // Insert AuthID
            if(empty($user->auth_id) && $userInfo->id){
                // Update database
                $user->auth_id = $userInfo->id;
                $user->save();
            }

            // Check if banned
            if($user->banned){
                return Helper::redirect()->to(route('login'))->with("warning", e("You have been banned due to abuse. Please contact us for clarification."));
            }
            // Check if inactive
            if(!$user->active){
                return Helper::redirect()->to(route('login'))->with("danger", e("You haven't activated your account. Please check your email for the activation link. If you haven't received any emails from us, please contact us."));
            }

        }else{
            // Let's register the user
            $auth_key = Helper::Encode(Helper::rand(12));

            $user = DB::user()->create();

            $user->email = Helper::clean($userInfo->email,3,TRUE);

            if(isset($userInfo->name) && !empty($userInfo->name)){
                $user->username = Helper::slug($userInfo->name);

                if(DB::user()->where('username', $user->username)->first()){
                    $user->username = $user->username.rand(10,99);
                    if(DB::user()->where('username', $user->username)->first()){
                        $user->username = $user->username.rand(10,99);
                    }
                }
            }

            $user->password = Helper::Encode(Helper::rand(12));
            $user->name = clean($userInfo->name);
            $user->date = Helper::dtime();
            $user->auth = "facebook";
            $user->auth_id = $userInfo->id;
            $user->api = md5(Helper::rand(32).time());
            $user->auth_key = $auth_key;
            $user->uniquetoken = md5(Helper::rand(64).time());

            if($plan = DB::plans()->where('free', 1)->where('status', 1)->orderByDesc('id')->first()){
                $user->pro = '0';
                $user->planid = $plan->id;
            }

            $user->save();

            if(config('affiliate')->enabled && $request->cookie('urid')){

                if(is_numeric($request->cookie('urid'))){
                    $affuser = DB::user()->where('id', clean($request->cookie('urid')))->first();
                }else{
                    $affuser = DB::user()->where('username', clean($request->cookie('urid')))->first();
                }

                if($affuser){
                    $affiliate = DB::affiliates()->create();
                    $affiliate->refid = $affuser->id;
                    $affiliate->userid = $user->id;
                    $affiliate->amount = "0.00";
                    $affiliate->referred_on = Helper::dtime();
                    $affiliate->save();
                }
            }

            \Helpers\Emails::registered($user);

            // @group Plugin
            \Core\Plugin::dispatch('registered', $user);
        }

        // @group Plugin
        \Core\Plugin::dispatch('logged', $user);

        \Core\Auth::loginId($user->id);

        $location = $request->country();
        \Helpers\Events::for('login')->user($user->id)->log(json_encode([
            'ip' => $request->ip(),
            'social' => 'facebook',
            'country' => $location['country'] ?? null,
            'city' => $location['city'] ?? null,
            'os' => $request->device(),
            'browser' => $request->browser()
        ]));

        if($location = $request->session('redirect')){
            return Helper::redirect()->to($location)->with('success', e('Welcome! You have been successfully logged in.'));
        }

        return Helper::redirect()->to(route('dashboard'))->with("success", e("Welcome! You have been successfully logged in."));

    }
    /**
     * Login with Twitter
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function loginWithTwitter(Request $request){
        if(!config("tw_connect") || empty(config("twitter_key")) || empty(config("twitter_secret"))) return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Twitter connect is not available right now."));

        // Check for error
        if($request->denied) return Helper::redirect()->to(route('login'))->with("danger", e("You must grant permission to this application to use your twitter account."));

        // Attempt to login
        if($request->oauth_verifier && $request->session('oauth_token') && $request->session('oauth_token_secret')){

            $twitteroauth = new \Abraham\TwitterOAuth\TwitterOAuth(config("twitter_key"), config("twitter_secret"), $request->session('oauth_token'), $request->session('oauth_token_secret'));

            $tw = $twitteroauth->oauth("oauth/access_token", ["oauth_verifier" => $request->oauth_verifier]);

            $twitteroauth = new \Abraham\TwitterOAuth\TwitterOAuth(config("twitter_key"), config("twitter_secret"), $tw['oauth_token'], $tw['oauth_token_secret']);

            $userInfo = $twitteroauth->get("account/verify_credentials", ['oauth_token' => $tw['oauth_token'], 'include_entities' => true, 'skip_status' => true, 'include_email' => true]);

            $userId = $userInfo && isset($userInfo->id) ? $userInfo->id : $tw['user_id'];

            if(!$userId) return Helper::redirect()->to(route('login'))->with("danger", e("And error occurred, please try again later."));

            if($userInfo && isset($userInfo->email) && DB::user()->whereRaw("(auth != 'twitter' OR auth IS NULL)")->where('email', $userInfo->email)->first()){
                return Helper::redirect()->to(route('login'))->with("danger", e("The email linked to your account has been already used. If you have used that, please login to your existing account otherwise please contact us."));
            }

            // Let's see if the user is registered
            if($user = DB::user()->where('auth', 'twitter')->where('auth_id', $userId)->first()){

                // Check Auth Key: If empty generate one
                if(empty($user->auth_key)){
                    $user->auth_key = Helper::Encode(Helper::rand(12));
                    // Update database
                    $user->save();
                }

                // Check if banned
                if($user->banned){
                    return Helper::redirect()->to(route('login'))->with("warning", e("You have been banned due to abuse. Please contact us for clarification."));
                }
                // Check if inactive
                if(!$user->active){
                    return Helper::redirect()->to(route('login'))->with("danger", e("You haven't activated your account. Please check your email for the activation link. If you haven't received any emails from us, please contact us."));
                }
            } else {
                // Let's register the user
                $auth_key = Helper::Encode(Helper::rand(12));

                $user = DB::user()->create();

                $user->email = $userInfo && isset($userInfo->email) ? $userInfo->email : '';
                $user->username = "";
                $user->password = Helper::Encode(Helper::rand(12));
                $user->date = Helper::dtime();
                $user->auth = "twitter";
                $user->auth_id = $userId;
                $user->api = md5(Helper::rand(32).time());
                $user->auth_key = $auth_key;
                $user->uniquetoken = md5(Helper::rand(64).time());

                if($plan = DB::plans()->where('free', 1)->where('status', 1)->orderByDesc('id')->first()){
                    $user->pro = '0';
                    $user->planid = $plan->id;
                }

                $user->save();            

                if(config('affiliate')->enabled && $request->cookie('urid')){

                    if(is_numeric($request->cookie('urid'))){
                        $affuser = DB::user()->where('id', clean($request->cookie('urid')))->first();
                    }else{
                        $affuser = DB::user()->where('username', clean($request->cookie('urid')))->first();
                    }

                    if($affuser){
                        $affiliate = DB::affiliates()->create();
                        $affiliate->refid = $affuser->id;
                        $affiliate->userid = $user->id;
                        $affiliate->amount = "0.00";
                        $affiliate->referred_on = Helper::dtime();
                        $affiliate->save();
                    }
                }

                \Helpers\Emails::registered($user);
                // @group Plugin
                \Core\Plugin::dispatch('registered', $user);
            }

            // @group Plugin
            \Core\Plugin::dispatch('logged', $user);
            
            $location = $request->country();
            \Helpers\Events::for('login')->user($user->id)->log(json_encode([
                'ip' => $request->ip(),
                'social' => 'x',
                'country' => $location['country'] ?? null,
                'city' => $location['city'] ?? null,
                'os' => $request->device(),
                'browser' => $request->browser()
            ]));

            \Core\Auth::loginId($user->id);

            if($location = $request->session('redirect')){
                return Helper::redirect()->to($location)->with('success', e('Welcome! You have been successfully logged in.'));
            }

            return Helper::redirect()->to(route('dashboard'))->with("success", e("Welcome! You have been successfully logged in."));
        }

        // The TwitterOAuth instance
        $twitteroauth = new \Abraham\TwitterOAuth\TwitterOAuth(config("twitter_key"), config("twitter_secret"), $request->session('oauth_token'));

        try{

            $request_token = $twitteroauth->oauth("oauth/request_token", ["oauth_callback" => route('login.twitter')]);

        } catch(\Exception $e){

            GemError::log('Twitter Auth: '.$e->getMessage()."\n".$e->getTraceAsString());
            return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Twitter connect is not available right now."));
        }

        // Saving them into the session
        $request->session('oauth_token', $request_token['oauth_token']);
        $request->session('oauth_token_secret', $request_token['oauth_token_secret']);

        // If everything goes well..
        if($twitteroauth->getLastHttpCode() == 200){
            // Let's generate the URL and redirect
            $url = $twitteroauth->url("oauth/authorize", ["oauth_token" => $request_token['oauth_token']]);
            return Helper::redirect()->to($url);

        } else {
            return Helper::redirect()->to(route('login'))->with('danger', e('An error has occurred! Please make sure that you have set up this application as instructed.'));
        }
    }
    /**
     * Login with Google
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.0
     * @param \Core\Request $request
     * @return void
     */
    public function loginWithGoogle(Request $request){

        if(!config("gl_connect") || empty(config("google_cid")) || empty(config("google_cs"))) return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Google connect is not available right now."));

        $google = new \Helpers\GoogleAuth(config("google_cid"), config("google_cs"), route('login.google'));

        if(!$request->code){
            return Helper::redirect()->to($google->redirectURI($request));
        }

        try{

            $google->getAccessToken($request);

        } catch(\Exception $e){

            GemError::log('Google Auth: '.$e->getMessage()."\n".$e->getTraceAsString());
            return Helper::redirect()->to(route('login'))->with("danger", e("Sorry, Google connect is not available right now."));

        }

        $userInfo = $google->getUser();

        if(!isset($userInfo->id) || !isset($userInfo->email) || !$userInfo->id) return Helper::redirect()->to(route('login'))->with("danger", e("You must grant permission to this application to use your Google account."));

        if(isset($userInfo->email) && DB::user()->whereRaw("(auth != 'google' OR auth IS NULL)")->where('email', $userInfo->email)->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("The email linked to your account has been already used. If you have used that, please login to your existing account otherwise please contact us."));
        }

        // Let's see if the user is registered
        if($user = DB::user()->where('auth', 'google')->where('auth_id', $userInfo->id)->first()){

            // Check Auth Key: If empty generate one
            if(empty($user->auth_key)){
                $user->auth_key = Helper::Encode(Helper::rand(12));
                // Update database
                $user->save();
            }

            // Check if banned
            if($user->banned){
                return Helper::redirect()->to(route('login'))->with("warning", e("You have been banned due to abuse. Please contact us for clarification."));
            }
            // Check if inactive
            if(!$user->active){
                return Helper::redirect()->to(route('login'))->with("danger", e("You haven't activated your account. Please check your email for the activation link. If you haven't received any emails from us, please contact us."));
            }
        } else {
            // Let's register the user
            $auth_key = Helper::Encode(Helper::rand(12));

            $user = DB::user()->create();

            $user->email = isset($userInfo->email) ? $userInfo->email : '';
            $user->name = isset($userInfo->name) ? $userInfo->name : '';

            if(isset($userInfo->name) && !empty($userInfo->name)){
                $user->username = Helper::slug($userInfo->name);

                if(DB::user()->where('username', $user->username)->first()){
                    $user->username = $user->username.rand(10,99);
                    if(DB::user()->where('username', $user->username)->first()){
                        $user->username = $user->username.rand(10,99);
                    }
                }
            }

            $user->password = Helper::Encode(Helper::rand(12));
            $user->date = Helper::dtime();
            $user->auth = "google";
            $user->auth_id = $userInfo->id;
            $user->api = md5(Helper::rand(32).time());
            $user->auth_key = $auth_key;
            $user->uniquetoken = md5(Helper::rand(64).time());
            
            if($plan = DB::plans()->where('free', 1)->where('status', 1)->orderByDesc('id')->first()){
                $user->pro = '0';
                $user->planid = $plan->id;
            }

            $user->save();

            if(config('affiliate')->enabled && $request->cookie('urid')){

                if(is_numeric($request->cookie('urid'))){
                    $affuser = DB::user()->where('id', clean($request->cookie('urid')))->first();
                }else{
                    $affuser = DB::user()->where('username', clean($request->cookie('urid')))->first();
                }

                if($affuser){
                    $affiliate = DB::affiliates()->create();
                    $affiliate->refid = $affuser->id;
                    $affiliate->userid = $user->id;
                    $affiliate->amount = "0.00";
                    $affiliate->referred_on = Helper::dtime();
                    $affiliate->save();
                }
            }

            \Helpers\Emails::registered($user);
            // @group Plugin
            \Core\Plugin::dispatch('registered', $user);
        }
        // @group Plugin
        \Core\Plugin::dispatch('logged', $user);

        $location = $request->country();
        \Helpers\Events::for('login')->user($user->id)->log(json_encode([
            'ip' => $request->ip(),
            'social' => 'google',
            'country' => $location['country'] ?? null,
            'city' => $location['city'] ?? null,
            'os' => $request->device(),
            'browser' => $request->browser()
        ]));

        \Core\Auth::loginId($user->id);

        if($location = $request->session('redirect')){
            return Helper::redirect()->to($location)->with('success', e('Welcome! You have been successfully logged in.'));
        }

        return Helper::redirect()->to(route('dashboard'))->with("success", e("Welcome! You have been successfully logged in."));
    }
    /**
     * SSO Login
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.4.1
     * @param [type] $token
     * @return void
     */
    public function sso($token){

        $data = explode('-', clean($token));

        if(!isset($data[1])) return Helper::redirect()->to(route('login'))->with("danger", e("Token has expired, please login manually."));

        $unique = $data[0];

        $expiry = $data[1];

        if($expiry != md5(AuthToken.": Expires on".strtotime(date('Y-m-d H')))){
            return Helper::redirect()->to(route('login'))->with("danger", e("Token has expired, please login manually"));
        }

        if(!$user = DB::user()->where('uniquetoken', $unique)->first()){
            return Helper::redirect()->to(route('login'))->with("danger", e("Token has expired, please login manually"));
        }

        if(empty($user->auth_key)){
            $newAuthKey = Helper::Encode($user->email.$user->id.uniqid().rand(0, 99999));
            $user->auth_key = $newAuthKey;
        }

        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->save();

        $request = request();
        
        $location = $request->country();
        \Helpers\Events::for('login')->user($user->id)->log(json_encode([
            'ip' => $request->ip(),
            'social' => 'sso',
            'country' => $location['country'] ?? null,
            'city' => $location['city'] ?? null,
            'os' => $request->device(),
            'browser' => $request->browser()
        ]));

        \Core\Auth::loginId($user->id);

        return Helper::redirect()->to(route('dashboard'))->with("success", e("Welcome! You have been successfully logged in."));
    }
    /**
     * Return to old session
     *
     * @author GemPixel <https://gempixel.com>
     * @version 6.4
     * @return void
     */
    public function return(Request $request){

        if(!$id = \Helpers\App::loggedAs()){
            stop(404);
        }

        if(!$user = DB::user()->where('id', $id)->where('admin', 1)->first()){
            stop(404);
        }

        $request->unset('logged_as');

        \Core\Auth::logout();

        \Core\Auth::loginId($user->id);

        return Helper::redirect()->to(route('admin'))->with("success", e("Welcome! You have been successfully logged in."));
    }
    /**
     * Send Verification Email
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.0.3
     * @return void
     */
    public function verifyEmail(Request $request){

        if(!config('user_activate')) stop(404);

        if(!$request->email) return Helper::redirect()->back()->with('danger', e('An unexpected error occurred. Please try again.'));

        if(!$request->token || !Helper::validateNonce($request->token, 'verifyemail')) return Helper::redirect()->back()->with('danger', e('An unexpected error occurred. Please try again.'));

        if(!$user = User::where('email', clean($request->email))->first()) return Helper::redirect()->back()->with('danger', e('An unexpected error occurred. Please try again.'));

        if($user->active) return Helper::redirect()->back()->with('danger', e('Your email has been successfully verified.'));

        \Helpers\Emails::renewEmail($user);

        return Helper::redirect()->to(route('login'))->with('success', e("An email has been sent to activate your account. Please check your spam folder if you didn't receive it."));
    }
    /**
     * Send Verification Email
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.0.3
     * @return void
     */
    public function unsubscribe(Request $request){

        $email = clean(base64_decode($request->token));

        if(!$user = User::where('email', $email)->first()) return Helper::redirect()->back()->with('danger', e('An unexpected error occurred. Please try again.'));

        $user->newsletter = '0';
        $user->save();

        return Helper::redirect()->to(route('login'))->with('success', e("You have been successfully unsubscribed from newsletters."));
    }

    /**
     * Recover 2FA
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.2
     * @param  Core\Request $request
     * @return void
     */
    public function login2FARecover(Request $request){

        if(!$request->validate($request->email, 'email')) return Helper::redirect()->back()->with('danger', e('Please enter a valid email.'));

        if(!$request->secret || strlen($request->secret) < 6) return Helper::redirect()->back()->with('danger', e('Please enter a valid secret key.'));

        if(!$user = User::where('email', clean($request->email))->first()) return Helper::redirect()->back()->with('danger', e('An unexpected error occurred. Please try again.'));

        if(!$user->secret2fa) return Helper::redirect()->back()->with('danger', e('2FA is not active on this account.'));

        if($user->secret2fa !== $request->secret) return Helper::redirect()->back()->with('danger', e('Please enter a valid secret key.'));

        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->save();

        \Helpers\Emails::reset2FA($user);

        return Helper::redirect()->to(route('login'))->with('success', e("An email has been sent to reset 2FA on your account. Please check your spam folder if you didn't receive it."));
    }
    /**
     * Reset 2FA token and disable
     *
     * @author GemPixel <https://gempixel.com>
     * @version 7.2.2
     * @param string $token
     * @return void
     */
    public function reset2FA(Request $request, string $token){

        if(!$request->token) return Helper::redirect()->to(route('login.2fa'))->with("danger", e("Token has expired, please request another link."));

        if(!$user = DB::user()->where('uniquetoken', clean($token))->first()){
            return Helper::redirect()->to(route('login.2fa'))->with("danger", e("Token has expired, please request another link."));
        }

        if($request->token != md5('2FA.Reset.'.AuthToken.'.'.$user->id)) return Helper::redirect()->to(route('login.2fa'))->with("danger", e("Token has expired, please request another link."));

        $user->secret2FA = null;
        $user->uniquetoken = md5(Helper::rand(64).time());
        $user->save();

        return Helper::redirect()->to(route('login'))->with('success', e("2FA has been disabled. You may now login without 2FA."));
    }
}