DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-01-12 22:37:28 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

If SAML required, don't accept login form post.

Browse source
This commit is contained in:
Alex Janes 2021-12-16 14:33:25 -05:00
parent 696943b04b
commit a6116a1b15
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/Http/Controllers/Auth/LoginController.php
View file

@ -75,6 +75,7 @@ class LoginController extends Controller
}
//If the environment is set to ALWAYS require SAML, go straight to the SAML route.
//We don't need to check other settings, as this should override those.
if((env("REQUIRE_SAML", false)))
{
return redirect()->route('saml.login');
@ -207,6 +208,12 @@ class LoginController extends Controller
*/
public function login(Request $request)
{
//If the environment is set to ALWAYS require SAML, return access denied
if((env("REQUIRE_SAML", false)))
{
return view('errors.403');
}
if (Setting::getSettings()->login_common_disabled == '1') {
return view('errors.403');
}