extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-01-22 22:30:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply Demo restrictions on more routes

Browse Source
This commit is contained in:
Bubka 2022-03-28 13:48:29 +02:00
parent cdfda1591b
commit a786efc6e8
4 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Kernel.php
View File

@ -71,7 +71,7 @@ class Kernel extends HttpKernel
'auth' => \App\Http\Middleware\Authenticate::class,
'guest' => \App\Http\Middleware\RejectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'AvoidResetPassword' => \App\Http\Middleware\AvoidPasswordResetInDemo::class,
'disableInDemoMode' => \App\Http\Middleware\DisableInDemoMode::class,
];
/**

4
app/Http/Middleware/AvoidPasswordResetInDemo.php → app/Http/Middleware/DisableInDemoMode.php
View File

@ -6,7 +6,7 @@
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Log;
class AvoidPasswordResetInDemo
class DisableInDemoMode
{
/**
* Handle an incoming request.
@ -21,7 +21,7 @@ public function handle($request, Closure $next)
if( config('2fauth.config.isDemoApp') ) {
Log::notice('Cannot request a password reset in Demo mode');
return response()->json(['message' => __('auth.forms.no_reset_password_in_demo')], Response::HTTP_UNAUTHORIZED);
return response()->json(['message' => __('auth.forms.disabled_in_demo')], Response::HTTP_UNAUTHORIZED);
}
return $next($request);

2
resources/lang/en/auth.php
View File

@ -82,7 +82,7 @@
'forgot_your_password' => 'Forgot your password?',
'request_password_reset' => 'Reset it',
'reset_password' => 'Reset password',
'no_reset_password_in_demo' => 'No reset in Demo mode',
'disabled_in_demo' => 'Feature disabled in Demo mode',
'new_password' => 'New password',
'current_password' => [
'label' => 'Current password',

6
routes/web.php
View File

@ -16,9 +16,9 @@
/**
* Routes that only work for unauthenticated user (return an error otherwise)
*/
Route::group(['middleware' => 'guest'], function () {
Route::group(['middleware' => ['guest', 'disableInDemoMode']], function () {
Route::post('user', 'Auth\RegisterController@register')->name('user.register');
Route::post('user/password/lost', 'Auth\ForgotPasswordController@sendResetLinkEmail')->middleware('AvoidResetPassword')->name('user.password.lost');;
Route::post('user/password/lost', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('user.password.lost');;
Route::post('user/password/reset', 'Auth\ResetPasswordController@reset')->name('user.password.reset');
Route::post('webauthn/login/options', [WebAuthnLoginController::class, 'options'])->name('webauthn.login.options');
Route::post('webauthn/lost', [WebAuthnDeviceLostController::class, 'sendRecoveryEmail'])->name('webauthn.lost');
@ -40,7 +40,7 @@
*/
Route::group(['middleware' => 'behind-auth'], function () {
Route::put('user', 'Auth\UserController@update')->name('user.update');
Route::patch('user/password', 'Auth\PasswordController@update')->name('user.password.update');
Route::patch('user/password', 'Auth\PasswordController@update')->name('user.password.update')->middleware('disableInDemoMode');
Route::get('user/logout', 'Auth\LoginController@logout')->name('user.logout');
Route::delete('user', 'Auth\UserController@delete')->name('user.delete')->middleware('disableInDemoMode');