Add phone login support and member import functionality

Features: - Support login via phone number or email (LoginRequest) - Add members:import-roster command for Excel roster import - Merge survey emails with roster data Code Quality (Phase 1-4): - Add database locking for balance calculation - Add self-approval checks for finance workflow - Create service layer (FinanceDocumentApprovalService, PaymentVerificationService) - Add HasAccountingEntries and HasApprovalWorkflow traits - Create FormRequest classes for validation - Add status-badge component - Define authorization gates in AuthServiceProvider - Add accounting config file Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 03:08:06 +08:00
parent ed7169b64e
commit 42099759e8
66 changed files with 3492 additions and 3803 deletions
--- a/app/Http/Requests/Auth/LoginRequest.php
+++ b/app/Http/Requests/Auth/LoginRequest.php
@@ -2,6 +2,7 @@

 namespace App\Http\Requests\Auth;

+use App\Models\User;
 use Illuminate\Auth\Events\Lockout;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Facades\Auth;
@@ -27,13 +28,15 @@ class LoginRequest extends FormRequest
    public function rules(): array
    {
        return [
-            'email' => ['required', 'string', 'email'],
+            // Accept email or phone number
+            'email' => ['required', 'string'],
            'password' => ['required', 'string'],
        ];
    }

    /**
     * Attempt to authenticate the request's credentials.
+     * Supports login via email or phone number.
     *
     * @throws \Illuminate\Validation\ValidationException
     */
@@ -41,7 +44,14 @@ class LoginRequest extends FormRequest
    {
        $this->ensureIsNotRateLimited();

-        if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) {
+        $loginInput = $this->input('email');
+        $password = $this->input('password');
+        $remember = $this->boolean('remember');
+
+        // Determine if input is email or phone
+        $credentials = $this->resolveCredentials($loginInput, $password);
+
+        if (! Auth::attempt($credentials, $remember)) {
            RateLimiter::hit($this->throttleKey());

            throw ValidationException::withMessages([
@@ -52,6 +62,41 @@ class LoginRequest extends FormRequest
        RateLimiter::clear($this->throttleKey());
    }

+    /**
+     * Resolve login credentials based on input type (email or phone).
+     */
+    protected function resolveCredentials(string $loginInput, string $password): array
+    {
+        // Check if input looks like an email
+        if (filter_var($loginInput, FILTER_VALIDATE_EMAIL)) {
+            return [
+                'email' => $loginInput,
+                'password' => $password,
+            ];
+        }
+
+        // Normalize phone number (remove dashes, spaces)
+        $phone = preg_replace('/[^0-9]/', '', $loginInput);
+
+        // Try to find user by phone number in member record
+        $user = User::whereHas('member', function ($query) use ($phone) {
+            $query->where('phone', 'like', "%{$phone}%");
+        })->first();
+
+        if ($user) {
+            return [
+                'email' => $user->email,
+                'password' => $password,
+            ];
+        }
+
+        // Fallback: treat as email (will fail auth but proper error message)
+        return [
+            'email' => $loginInput,
+            'password' => $password,
+        ];
+    }
+
    /**
     * Ensure the login request is not rate limited.
     *