Logout in-active users and dont respond to resets or logins
This commit is contained in:
Deon George
@@ -4,6 +4,8 @@ namespace App\Http\Controllers\Auth;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Password;
|
||||
|
||||
class ForgotPasswordController extends Controller
|
||||
{
|
||||
@@ -19,4 +21,24 @@ class ForgotPasswordController extends Controller
|
||||
*/
|
||||
|
||||
use SendsPasswordResetEmails;
|
||||
|
||||
public function sendResetLinkEmail(Request $request)
|
||||
{
|
||||
$this->validateEmail($request);
|
||||
|
||||
// If the account is not active, or doesnt exist, we'll send a fake "sent" message.
|
||||
if (! ($x=$this->broker()->getUser($this->credentials($request))) || (! $x->active))
|
||||
return $this->sendResetLinkResponse($request, Password::RESET_LINK_SENT);
|
||||
|
||||
// We will send the password reset link to this user. Once we have attempted
|
||||
// to send the link, we will examine the response then see the message we
|
||||
// need to show to the user. Finally, we'll send out a proper response.
|
||||
$response = $this->broker()->sendResetLink(
|
||||
$this->credentials($request)
|
||||
);
|
||||
|
||||
return $response == Password::RESET_LINK_SENT
|
||||
? $this->sendResetLinkResponse($request, $response)
|
||||
: $this->sendResetLinkFailedResponse($request, $response);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,7 +4,10 @@ namespace App\Http\Controllers\Auth;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Providers\RouteServiceProvider;
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class LoginController extends Controller
|
||||
{
|
||||
@@ -38,6 +41,25 @@ class LoginController extends Controller
|
||||
$this->middleware('guest')->except('logout');
|
||||
}
|
||||
|
||||
public function login(Request $request)
|
||||
{
|
||||
$this->validateLogin($request);
|
||||
|
||||
if (Auth::attempt(array_merge($this->credentials($request),['active'=>TRUE]))) {
|
||||
$request->session()->regenerate();
|
||||
|
||||
return $this->sendLoginResponse($request);
|
||||
}
|
||||
|
||||
return $this->sendFailedLoginResponse($request);
|
||||
}
|
||||
|
||||
protected function authenticated(Request $request, $user)
|
||||
{
|
||||
$user->last_on = Carbon::now();
|
||||
$user->save();
|
||||
}
|
||||
|
||||
/**
|
||||
* Show our themed login page
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user