close #676 Fixed: Unique link not working.

app/Http/Controllers/Customers/Invoices.php

@@ -184,7 +184,9 @@ protected function getLogo()
 
     public function link(Invoice $invoice, Request $request)
     {
-        session(['company_id' => $invoice->company_id]);
+        if (empty($invoice)) {
+            redirect()->route('login');
+        }
 
         $paid = 0;
 

app/Http/Kernel.php

@@ -73,6 +73,11 @@ class Kernel extends HttpKernel
             'company.settings',
             'company.currencies',
         ],
+
+        'signed' => [
+            'signed-url',
+            'signed-url.company',
+        ]
     ];
 
     /**
@@ -100,5 +105,6 @@ class Kernel extends HttpKernel
         'company.currencies' => \App\Http\Middleware\LoadCurrencies::class,
         'dateformat' => \App\Http\Middleware\DateFormat::class,
         'money' => \App\Http\Middleware\Money::class,
+        'signed-url.company' => \App\Http\Middleware\SignedUrlCompany::class,
     ];
 }

app/Http/Middleware/SignedUrlCompany.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class SignedUrlCompany
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $company_id = $request->get('company_id');
+
+        if (empty($company_id)) {
+            return $next($request);
+        }
+
+        // Set company id
+        session(['company_id' => $company_id]);
+
+        // Set the company settings
+        setting()->setExtraColumns(['company_id' => $company_id]);
+        setting()->load(true);
+
+        return $next($request);
+    }
+}

app/Overrides/Akaunting/SignedUrl.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace Akaunting\SignedUrl;
+
+use Spatie\UrlSigner\MD5UrlSigner;
+
+class SignedUrl extends MD5UrlSigner
+{
+
+    /**
+     * The key that is used to generate secure signatures.
+     *
+     * @var string
+     */
+    protected $signatureKey;
+
+    /**
+     * The URL's query parameter name for the expiration.
+     *
+     * @var string
+     */
+    protected $expiresParameter;
+
+    /**
+     * The URL's query parameter name for the signature.
+     *
+     * @var string
+     */
+    protected $signatureParameter;
+
+    public function __construct()
+    {
+        $this->signatureKey = config('signed-url.signatureKey');
+        $this->expiresParameter = config('signed-url.parameters.expires');
+        $this->signatureParameter = config('signed-url.parameters.signature');
+    }
+
+    /**
+     * Get a secure URL to a controller action.
+     *
+     * @param string             $url
+     * @param \DateTime|int|null $expiration Defaults to the config value
+     *
+     * @return string
+     */
+    public function sign($url, $expiration = null)
+    {
+        $url .= '?company_id=' . session('company_id');
+
+        $expiration = $expiration ? $expiration : config('signed-url.default_expiration_time_in_days');
+
+        return parent::sign($url, $expiration);
+    }
+}

routes/web.php

@@ -237,7 +237,7 @@
         });
     });
 
-    Route::group(['middleware' => 'signed-url'], function () {
+    Route::group(['middleware' => 'signed'], function () {
         Route::group(['prefix' => 'links'], function () {
             Route::get('invoices/{invoice}', 'Customers\Invoices@link');
             Route::get('invoices/{invoice}/print', 'Customers\Invoices@printInvoice');