athenahr/app/Http/Controllers/Auth/DiscordController.php

<?php

/*
 * Copyright © 2020 Miguel Nogueira
 *
 *   This file is part of Raspberry Staff Manager.
 *
 *     Raspberry Staff Manager is free software: you can redistribute it and/or modify
 *     it under the terms of the GNU General Public License as published by
 *     the Free Software Foundation, either version 3 of the License, or
 *     (at your option) any later version.
 *
 *     Raspberry Staff Manager is distributed in the hope that it will be useful,
 *     but WITHOUT ANY WARRANTY; without even the implied warranty of
 *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *     GNU General Public License for more details.
 *
 *     You should have received a copy of the GNU General Public License
 *     along with Raspberry Staff Manager.  If not, see <https://www.gnu.org/licenses/>.
 */

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\User;
use GuzzleHttp\Exception\ClientException;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use Laravel\Socialite\Facades\Socialite;
use Laravel\Socialite\Two\InvalidStateException;

class DiscordController extends Controller
{
    public function discordRedirect()
    {
        return Socialite::driver('discord')
            ->scopes(['email', 'guilds.join', 'guilds.members.read', 'guilds'])
            ->redirect();
    }

    public function discordCallback(Request $request)
    {
        if($request->has('error'))
        {
            abort(401, __("Access Denied: To sign in with your Discord account or apply for positions requiring it, please ensure you authorize our application (:applicationName). We request permissions to manage your account, maintain it, and handle your permissions within our community servers. Feel free to read our Privacy Policy if you have any concerns.", ['applicationName' => config('app.name')]));
        }

        try {
            $discordUser = Socialite::driver('discord')->user();
        } catch (InvalidStateException $stateException) {
            Log::warning('Invalid state for social authentication: ', [
                'message' => $stateException->getMessage(),
                'ua' => request()->userAgent(),
                'ip' => request()->ip(),
            ]);

            return redirect(route('discordRedirect'));

        }

        $appUser = User::where('email', $discordUser->getEmail())->first();

        if ($appUser) {
            $appUser->discord_token = $discordUser->token;
            $appUser->discord_refresh_token = $discordUser->refreshToken;
            $appUser->discord_user_id = $discordUser->getId();
            $appUser->discord_pfp = $discordUser->getAvatar();
            $appUser->save();

            Auth::login($appUser, true);
        } else {
            $oAuthUser = User::create([
                'uuid' => null,
                'name' => $discordUser->getName(),
                'email' => $discordUser->getEmail(),
                'email_verified_at' => now(), // verify the account since it came from a trusted provider
                'username' => $discordUser->getNickname(),
                'currentIp' => \request()->ip(),
                'registrationIp' => request()->ip(),
                'discord_user_id' => $discordUser->getId(),
                'discord_pfp' => $discordUser->getAvatar(),
                'discord_token' => $discordUser->token,
                'discord_refresh_token' => $discordUser->refreshToken,
            ]);

            $oAuthUser->assignRole('user');

            Auth::login($oAuthUser, true);
        }

        if (session()->has('discordApplicationRedirectedSlug')) {
            return redirect(route('renderApplicationForm', ['vacancySlug' => session()->pull('discordApplicationRedirectedSlug')]));
        }

        return redirect()
            ->route('dashboard');
    }
}