Logout user when their activated status is switched to off

Signed-off-by: snipe <snipe@snipe.net>
snipe · Mar 29, 2022 · bdabbbd · bdabbbd
1 parent ab18ceb
commit bdabbbd
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 8 deletions.
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -39,6 +39,7 @@ class Kernel extends HttpKernel
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \App\Http\Middleware\VerifyCsrfToken::class,
             \App\Http\Middleware\CheckLocale::class,
+            \App\Http\Middleware\CheckUserIsActivated::class,
             \App\Http\Middleware\CheckForTwoFactor::class,
             \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
             \App\Http\Middleware\AssetCountForSidebar::class,

diff --git a/app/Http/Middleware/Authenticate.php → app/Http/Middleware/CheckUserIsActivated.php b/app/Http/Middleware/Authenticate.php → app/Http/Middleware/CheckUserIsActivated.php
@@ -4,8 +4,9 @@
 
 use Closure;
 use Illuminate\Contracts\Auth\Guard;
+use Auth;
 
-class Authenticate
+class CheckUserIsActivated
 {
     /**
      * The Guard implementation.
@@ -34,14 +35,16 @@ public function __construct(Guard $auth)
      */
     public function handle($request, Closure $next)
     {
-        if ($this->auth->guest()) {
-            if ($request->ajax()) {
-                return response('Unauthorized.', 401);
-            } else {
-                return redirect()->guest('login');
-            }
+
+        // If there is a user AND the user is NOT activated, send them to the login page
+        // This prevents people who still have active sessions logged in and their status gets toggled
+        // to inactive (aka unable to login)
+        if (($request->user()) && (!$request->user()->isActivated())) {
+            Auth::logout();
+            return redirect()->guest('login');
         }
 
         return $next($request);
+
     }
 }
diff --git a/resources/lang/en/auth/message.php b/resources/lang/en/auth/message.php
@@ -3,7 +3,7 @@
 return array(
 
     'account_already_exists' => 'An account with the this email already exists.',
-    'account_not_found'      => 'The username or password is incorrect.',
+    'account_not_found'      => 'The username or password is incorrect or this user is not approved to login.',
     'account_not_activated'  => 'This user account is not activated.',
     'account_suspended'      => 'This user account is suspended.',
     'account_banned'         => 'This user account is banned.',