4b0c4e621a
Also changed up how base URL setting was being done by manipulating incoming request URLs instead of altering then on generation.
50 lines
1.1 KiB
PHP
50 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace BookStack\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Contracts\Auth\Guard;
|
|
|
|
class Authenticate
|
|
{
|
|
/**
|
|
* The Guard implementation.
|
|
* @var Guard
|
|
*/
|
|
protected $auth;
|
|
|
|
/**
|
|
* Create a new filter instance.
|
|
* @param Guard $auth
|
|
*/
|
|
public function __construct(Guard $auth)
|
|
{
|
|
$this->auth = $auth;
|
|
}
|
|
|
|
/**
|
|
* Handle an incoming request.
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure $next
|
|
* @return mixed
|
|
*/
|
|
public function handle($request, Closure $next)
|
|
{
|
|
if ($this->auth->check()) {
|
|
$requireConfirmation = (setting('registration-confirmation') || setting('registration-restrict'));
|
|
if ($requireConfirmation && !$this->auth->user()->email_confirmed) {
|
|
return redirect('/register/confirm/awaiting');
|
|
}
|
|
}
|
|
|
|
if (!hasAppAccess()) {
|
|
if ($request->ajax()) {
|
|
return response('Unauthorized.', 401);
|
|
} else {
|
|
return redirect()->guest(url('/login'));
|
|
}
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|