mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-24 21:24:13 -08:00
Logout user when their activated status is switched to off
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
parent
ab18ceb2f9
commit
bdabbbd4e9
|
@ -39,6 +39,7 @@ class Kernel extends HttpKernel
|
|||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\App\Http\Middleware\VerifyCsrfToken::class,
|
||||
\App\Http\Middleware\CheckLocale::class,
|
||||
\App\Http\Middleware\CheckUserIsActivated::class,
|
||||
\App\Http\Middleware\CheckForTwoFactor::class,
|
||||
\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
|
||||
\App\Http\Middleware\AssetCountForSidebar::class,
|
||||
|
|
|
@ -4,8 +4,9 @@ namespace App\Http\Middleware;
|
|||
|
||||
use Closure;
|
||||
use Illuminate\Contracts\Auth\Guard;
|
||||
use Auth;
|
||||
|
||||
class Authenticate
|
||||
class CheckUserIsActivated
|
||||
{
|
||||
/**
|
||||
* The Guard implementation.
|
||||
|
@ -34,14 +35,16 @@ class Authenticate
|
|||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if ($this->auth->guest()) {
|
||||
if ($request->ajax()) {
|
||||
return response('Unauthorized.', 401);
|
||||
} else {
|
||||
return redirect()->guest('login');
|
||||
}
|
||||
|
||||
// If there is a user AND the user is NOT activated, send them to the login page
|
||||
// This prevents people who still have active sessions logged in and their status gets toggled
|
||||
// to inactive (aka unable to login)
|
||||
if (($request->user()) && (!$request->user()->isActivated())) {
|
||||
Auth::logout();
|
||||
return redirect()->guest('login');
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
|
||||
}
|
||||
}
|
|
@ -3,7 +3,7 @@
|
|||
return array(
|
||||
|
||||
'account_already_exists' => 'An account with the this email already exists.',
|
||||
'account_not_found' => 'The username or password is incorrect.',
|
||||
'account_not_found' => 'The username or password is incorrect or this user is not approved to login.',
|
||||
'account_not_activated' => 'This user account is not activated.',
|
||||
'account_suspended' => 'This user account is suspended.',
|
||||
'account_banned' => 'This user account is banned.',
|
||||
|
|
Loading…
Reference in a new issue