From bdabbbd4e98e88ee01e728ceb4fd512661fbd38d Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 29 Mar 2022 13:44:53 +0100 Subject: [PATCH] Logout user when their activated status is switched to off Signed-off-by: snipe --- app/Http/Kernel.php | 1 + ...uthenticate.php => CheckUserIsActivated.php} | 17 ++++++++++------- resources/lang/en/auth/message.php | 2 +- 3 files changed, 12 insertions(+), 8 deletions(-) rename app/Http/Middleware/{Authenticate.php => CheckUserIsActivated.php} (60%) diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index f94d390d7622..ea635de505a0 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -39,6 +39,7 @@ class Kernel extends HttpKernel \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \App\Http\Middleware\VerifyCsrfToken::class, \App\Http\Middleware\CheckLocale::class, + \App\Http\Middleware\CheckUserIsActivated::class, \App\Http\Middleware\CheckForTwoFactor::class, \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class, \App\Http\Middleware\AssetCountForSidebar::class, diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/CheckUserIsActivated.php similarity index 60% rename from app/Http/Middleware/Authenticate.php rename to app/Http/Middleware/CheckUserIsActivated.php index 2ac322ff2902..9872e99541da 100644 --- a/app/Http/Middleware/Authenticate.php +++ b/app/Http/Middleware/CheckUserIsActivated.php @@ -4,8 +4,9 @@ use Closure; use Illuminate\Contracts\Auth\Guard; +use Auth; -class Authenticate +class CheckUserIsActivated { /** * The Guard implementation. @@ -34,14 +35,16 @@ public function __construct(Guard $auth) */ public function handle($request, Closure $next) { - if ($this->auth->guest()) { - if ($request->ajax()) { - return response('Unauthorized.', 401); - } else { - return redirect()->guest('login'); - } + + // If there is a user AND the user is NOT activated, send them to the login page + // This prevents people who still have active sessions logged in and their status gets toggled + // to inactive (aka unable to login) + if (($request->user()) && (!$request->user()->isActivated())) { + Auth::logout(); + return redirect()->guest('login'); } return $next($request); + } } diff --git a/resources/lang/en/auth/message.php b/resources/lang/en/auth/message.php index f086d8c04c31..507dfad15a1b 100644 --- a/resources/lang/en/auth/message.php +++ b/resources/lang/en/auth/message.php @@ -3,7 +3,7 @@ return array( 'account_already_exists' => 'An account with the this email already exists.', - 'account_not_found' => 'The username or password is incorrect.', + 'account_not_found' => 'The username or password is incorrect or this user is not approved to login.', 'account_not_activated' => 'This user account is not activated.', 'account_suspended' => 'This user account is suspended.', 'account_banned' => 'This user account is banned.',