Logout in-active users and dont respond to resets or logins
This commit is contained in:
parent
e45f366b76
commit
68dc704ca0
@ -4,6 +4,8 @@ namespace App\Http\Controllers\Auth;
|
|||||||
|
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Support\Facades\Password;
|
||||||
|
|
||||||
class ForgotPasswordController extends Controller
|
class ForgotPasswordController extends Controller
|
||||||
{
|
{
|
||||||
@ -19,4 +21,24 @@ class ForgotPasswordController extends Controller
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
use SendsPasswordResetEmails;
|
use SendsPasswordResetEmails;
|
||||||
|
|
||||||
|
public function sendResetLinkEmail(Request $request)
|
||||||
|
{
|
||||||
|
$this->validateEmail($request);
|
||||||
|
|
||||||
|
// If the account is not active, or doesnt exist, we'll send a fake "sent" message.
|
||||||
|
if (! ($x=$this->broker()->getUser($this->credentials($request))) || (! $x->active))
|
||||||
|
return $this->sendResetLinkResponse($request, Password::RESET_LINK_SENT);
|
||||||
|
|
||||||
|
// We will send the password reset link to this user. Once we have attempted
|
||||||
|
// to send the link, we will examine the response then see the message we
|
||||||
|
// need to show to the user. Finally, we'll send out a proper response.
|
||||||
|
$response = $this->broker()->sendResetLink(
|
||||||
|
$this->credentials($request)
|
||||||
|
);
|
||||||
|
|
||||||
|
return $response == Password::RESET_LINK_SENT
|
||||||
|
? $this->sendResetLinkResponse($request, $response)
|
||||||
|
: $this->sendResetLinkFailedResponse($request, $response);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -4,7 +4,10 @@ namespace App\Http\Controllers\Auth;
|
|||||||
|
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use App\Providers\RouteServiceProvider;
|
use App\Providers\RouteServiceProvider;
|
||||||
|
use Carbon\Carbon;
|
||||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
|
||||||
class LoginController extends Controller
|
class LoginController extends Controller
|
||||||
{
|
{
|
||||||
@ -38,6 +41,25 @@ class LoginController extends Controller
|
|||||||
$this->middleware('guest')->except('logout');
|
$this->middleware('guest')->except('logout');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function login(Request $request)
|
||||||
|
{
|
||||||
|
$this->validateLogin($request);
|
||||||
|
|
||||||
|
if (Auth::attempt(array_merge($this->credentials($request),['active'=>TRUE]))) {
|
||||||
|
$request->session()->regenerate();
|
||||||
|
|
||||||
|
return $this->sendLoginResponse($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->sendFailedLoginResponse($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function authenticated(Request $request, $user)
|
||||||
|
{
|
||||||
|
$user->last_on = Carbon::now();
|
||||||
|
$user->save();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Show our themed login page
|
* Show our themed login page
|
||||||
*/
|
*/
|
||||||
|
@ -51,6 +51,7 @@ class Kernel extends HttpKernel
|
|||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $routeMiddleware = [
|
protected $routeMiddleware = [
|
||||||
|
'activeuser' => \App\Http\Middleware\ActiveUser::class,
|
||||||
'auth' => \App\Http\Middleware\Authenticate::class,
|
'auth' => \App\Http\Middleware\Authenticate::class,
|
||||||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||||
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
|
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||||
|
27
app/Http/Middleware/ActiveUser.php
Normal file
27
app/Http/Middleware/ActiveUser.php
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use Closure;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
|
||||||
|
class ActiveUser
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Handle an incoming request.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @param \Closure $next
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function handle(Request $request, Closure $next)
|
||||||
|
{
|
||||||
|
if (Auth::user()->exists && ! Auth::user()->active) {
|
||||||
|
Auth::logout();
|
||||||
|
abort(403,'Your account is not active');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
}
|
@ -40,4 +40,6 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
protected $casts = [
|
protected $casts = [
|
||||||
'email_verified_at' => 'datetime',
|
'email_verified_at' => 'datetime',
|
||||||
];
|
];
|
||||||
|
|
||||||
|
protected $dates = ['last_on'];
|
||||||
}
|
}
|
||||||
|
@ -87,7 +87,7 @@
|
|||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-12">
|
<div class="col-12">
|
||||||
<a href="{{ url('ftn/system') }}" class="btn btn-danger">Cancel</a>
|
<a href="{{ url('user/list') }}" class="btn btn-danger">Cancel</a>
|
||||||
@can('admin',$o)
|
@can('admin',$o)
|
||||||
<button type="submit" name="submit" class="btn btn-success mr-0 float-end">@if ($o->exists)Save @else Add @endif</button>
|
<button type="submit" name="submit" class="btn btn-success mr-0 float-end">@if ($o->exists)Save @else Add @endif</button>
|
||||||
@endcan
|
@endcan
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
@section('content')
|
@section('content')
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-8">
|
<div class="col-9">
|
||||||
<p>Current Users:</p>
|
<p>Current Users:</p>
|
||||||
<table class="table monotable">
|
<table class="table monotable">
|
||||||
<thead>
|
<thead>
|
||||||
@ -13,6 +13,7 @@
|
|||||||
<th>ID</th>
|
<th>ID</th>
|
||||||
<th>Email</th>
|
<th>Email</th>
|
||||||
<th>Name</th>
|
<th>Name</th>
|
||||||
|
<th>Active</th>
|
||||||
<th>Verified</th>
|
<th>Verified</th>
|
||||||
<th>Last On</th>
|
<th>Last On</th>
|
||||||
</tr>
|
</tr>
|
||||||
@ -21,7 +22,7 @@
|
|||||||
<tbody>
|
<tbody>
|
||||||
@can('admin',(new \App\Models\User))
|
@can('admin',(new \App\Models\User))
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan="5"><a href="{{ url('user/addedit') }}">Add New User</a></td>
|
<td colspan="6"><a href="{{ url('user/addedit') }}">Add New User</a></td>
|
||||||
</tr>
|
</tr>
|
||||||
@endcan
|
@endcan
|
||||||
@foreach (\App\Models\User::orderBy('email')->cursor() as $oo)
|
@foreach (\App\Models\User::orderBy('email')->cursor() as $oo)
|
||||||
@ -29,8 +30,9 @@
|
|||||||
<td><a href="{{ url('user/addedit',[$oo->id]) }}">{{ $oo->id }}</a></td>
|
<td><a href="{{ url('user/addedit',[$oo->id]) }}">{{ $oo->id }}</a></td>
|
||||||
<td>{{ $oo->email }}</td>
|
<td>{{ $oo->email }}</td>
|
||||||
<td>{{ $oo->name }}</td>
|
<td>{{ $oo->name }}</td>
|
||||||
|
<td>{{ $oo->active ? 'YES' : 'NO' }}</td>
|
||||||
<td>{{ $oo->email_verified_at ? $oo->email_verified_at->format('Y-m-d') : '-' }}</td>
|
<td>{{ $oo->email_verified_at ? $oo->email_verified_at->format('Y-m-d') : '-' }}</td>
|
||||||
<td>{{-- $oo->last_on --}}TBA</td>
|
<td>{{ $oo->last_on ? $oo->last_on->toDateTimeString() : 'Unknown' }}</td>
|
||||||
</tr>
|
</tr>
|
||||||
@endforeach
|
@endforeach
|
||||||
</tbody>
|
</tbody>
|
||||||
|
@ -30,7 +30,7 @@ Route::get('logout',[LoginController::class,'logout']);
|
|||||||
Route::redirect('/','about');
|
Route::redirect('/','about');
|
||||||
Route::view('about','about');
|
Route::view('about','about');
|
||||||
|
|
||||||
Route::middleware(['verified'])->group(function () {
|
Route::middleware(['verified','activeuser'])->group(function () {
|
||||||
Route::get('ftn/domain',[DomainController::class,'home']);
|
Route::get('ftn/domain',[DomainController::class,'home']);
|
||||||
Route::match(['get','post'],'ftn/domain/addedit/{o?}',[DomainController::class,'add_edit'])
|
Route::match(['get','post'],'ftn/domain/addedit/{o?}',[DomainController::class,'add_edit'])
|
||||||
->where('o','[0-9]+');
|
->where('o','[0-9]+');
|
||||||
|
Loading…
Reference in New Issue
Block a user