ff1ee2d71f
Was accidentally skipped during previous updates. Will now be used on saml, ldap & standard registration where required. Uses session to know if the email was just sent and, if so, show the confirmation route.
53 lines
1.3 KiB
PHP
53 lines
1.3 KiB
PHP
<?php
|
|
|
|
namespace BookStack\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
|
|
class Authenticate
|
|
{
|
|
use ChecksForEmailConfirmation;
|
|
|
|
/**
|
|
* Handle an incoming request.
|
|
*/
|
|
public function handle(Request $request, Closure $next)
|
|
{
|
|
if ($this->awaitingEmailConfirmation()) {
|
|
return $this->emailConfirmationErrorResponse($request);
|
|
}
|
|
|
|
if (!hasAppAccess()) {
|
|
if ($request->ajax()) {
|
|
return response('Unauthorized.', 401);
|
|
} else {
|
|
return redirect()->guest(url('/login'));
|
|
}
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
|
|
/**
|
|
* Provide an error response for when the current user's email is not confirmed
|
|
* in a system which requires it.
|
|
*/
|
|
protected function emailConfirmationErrorResponse(Request $request)
|
|
{
|
|
if ($request->wantsJson()) {
|
|
return response()->json([
|
|
'error' => [
|
|
'code' => 401,
|
|
'message' => trans('errors.email_confirmation_awaiting')
|
|
]
|
|
], 401);
|
|
}
|
|
|
|
if (session()->get('sent-email-confirmation') === true) {
|
|
return redirect('/register/confirm');
|
|
}
|
|
|
|
return redirect('/register/confirm/awaiting');
|
|
}
|
|
}
|