Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
@peter-mw
peter-mw committed Oct 22, 2021
1 parent 60f4219 commit 3c1d402
Show file tree
Hide file tree
Showing 3 changed files with 100 additions and 12 deletions.
42 changes: 31 additions & 11 deletions src/MicroweberPackages/User/Http/Controllers/UserLoginController.php
View file
Expand Up @@ -68,27 +68,40 @@ public function login(LoginRequest $request)
mw()->lang_helper->set_current_lang($requestLang);
\Cookie::queue('lang', $requestLang, 86400 * 30);
}

$is_logged_out = false;
if (Auth::check()) {
$user = Auth::user();
if ($user and isset($user->is_active) and intval($user->is_active) == 0) {
// logout user if its set inactive in database
Auth::logout();
$is_logged_out = true;
}

// This will be used for whmcs login redirect
if (isset($redirectParams['http_redirect'])) {
if (intval(Auth::user()->is_admin) == 1 && (isset($redirectParams['where_to']) && $redirectParams['where_to'] == 'admin_content')) {
if (!$is_logged_out and intval($user->is_admin) == 1 && (isset($redirectParams['where_to']) && $redirectParams['where_to'] == 'admin_content')) {
return redirect(admin_url());
} else {
return redirect(site_url());
}
}

$message = [];
if (Auth::user()->is_admin == 1) {
//"message": "SQLSTATE[HY000] [1045] Access denied for user 'forge'@'localhost' (using password: NO) (SQL: select exists(select * from `oauth_personal_access_clients`) as `exists`)",
// $message['token'] = auth()->user()->createToken('authToken');
// if (!$is_logged_out and Auth::user()->is_admin == 1) {
// //"message": "SQLSTATE[HY000] [1045] Access denied for user 'forge'@'localhost' (using password: NO) (SQL: select exists(select * from `oauth_personal_access_clients`) as `exists`)",
// // $message['token'] = auth()->user()->createToken('authToken');
// }

if(!$is_logged_out){
$message['data'] = [];
$message['error'] = 'Your account is disabled';
return response()->json($message, 200);
} else {
$message['data'] = auth()->user();
$message['success'] = 'You are logged in';
return response()->json($message, 200);
}

$message['data'] = auth()->user();
$message['success'] = 'You are logged in';
return response()->json($message, 200);
}

if (!isset($request['email']) and isset($request['username'])) {
Expand All @@ -114,10 +127,12 @@ public function login(LoginRequest $request)
$login = Auth::attempt($loginData,$remember = true);
if ($login) {

$isApprovalRequired = Option::getValue('registration_approval_required', 'users');
$isVerfiedEmailRequired = Option::getValue('register_email_verify', 'users');

$userData = auth()->user();

if (Auth::user()->is_admin == 0) {
$isVerfiedEmailRequired = Option::getValue('register_email_verify', 'users');

if ($isVerfiedEmailRequired) {

Expand All @@ -129,9 +144,7 @@ public function login(LoginRequest $request)
}
}

$isApprovalRequired = Option::getValue('registration_approval_required', 'users');
if ($isApprovalRequired) {

if (!$userData->is_active) {
$message = [];
$message['error'] = 'Your account is awaiting approval';
Expand All @@ -147,6 +160,13 @@ public function login(LoginRequest $request)
// // $userData->token = auth()->user()->createToken('authToken');
// }

if ($userData and !$userData->is_active) {
$message = [];
$message['error'] = 'Your account is disabled';
Auth::logout();
return response()->json($message, 200);
}


$response['success'] = _e('You are logged in', 1);
app()->user_manager->login_set_success_attempt($request);
Expand Down
7 changes: 7 additions & 0 deletions src/MicroweberPackages/User/UserManager.php
View file
Expand Up @@ -442,6 +442,13 @@ public function is_logged()
}

if (Auth::check()) {
$user =Auth::user();
if ($user and isset($user->is_active) and intval($user->is_active) == 0) {
// logout user if its set inactive in database
$this->logout();
return false;
}

return true;
} else {
return false;
Expand Down
63 changes: 62 additions & 1 deletion src/MicroweberPackages/User/tests/UserLoginControllerTest.php
View file
Expand Up @@ -2,7 +2,9 @@

namespace MicroweberPackages\User\tests;

use Illuminate\Support\Facades\Auth;
use MicroweberPackages\Core\tests\TestCase;
use MicroweberPackages\User\Models\User;
use MicroweberPackages\Utils\Mail\MailSender;


Expand Down Expand Up @@ -169,5 +171,64 @@ public function testUserLoginRequiresCaptcha()

}

public function testUserIsLoggedAfterChangeOfIsActive()
{
$this->_enableUserRegistration();
$this->_disableCaptcha();
$this->_disableEmailVerify();
$this->_disableLoginCaptcha();


$email = 'testusexXr_' . uniqid() . '@aa.bb';
$password = 'pass__' . uniqid();

$user = $this->_registerUserWithEmail($email, $password);

$response = $this->json(
'POST',
route('api.user.login'),
[
'username' => $email,
'password' => $password,
'where_to' => 'home',
]
);

$userData = $response->getData(true);

$this->assertArrayHasKey("redirect", $userData);
$this->assertArrayHasKey("success", $userData);

$is_logged = is_logged();
$this->assertTrue($is_logged);
$loginData = [
'username' => $email,
'password' => $password,
'where_to' => 'home'
];

$user = User::find($userData['data']['id']);
$user->is_active = 0;
$user->save();

$response = $this->json(
'POST',
route('api.user.login'),
$loginData
);
$userData = $response->getData(true);
$this->assertEquals($userData['error'], "Your account is disabled");

Auth::logout();
$response = $this->json(
'POST',
route('api.user.login'),
$loginData
);
$userData = $response->getData(true);

$this->assertEquals($userData['error'], "Your account is disabled");
}


}
}

0 comments on commit 3c1d402

Please sign in to comment.