Made email confirmations work with LDAP auth

The email_confirmed user field now actually indicates if an email is confirmed rather than defaulting to true if not checked. This ensures toggleing the 'Require email confirmation' setting actually makes all currently unconfirmed users confirm thier emails.
2024-10-01 01:36:00 -04:00 · 2016-04-03 12:16:54 +01:00 · 2016-04-03 12:16:54 +01:00 · 2bb8c3d914
commit 2bb8c3d914
parent 4caa61fe96
4 changed files with 4 additions and 9 deletions
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@ -194,14 +194,11 @@ class AuthController extends Controller
        }

        if (setting('registration-confirmation') || setting('registration-restrict')) {
-            $newUser->email_confirmed = false;
            $newUser->save();
            $this->emailConfirmationService->sendConfirmation($newUser);
            return redirect('/register/confirm');
        }

-        $newUser->email_confirmed = true;
-
        auth()->login($newUser);
        session()->flash('success', 'Thanks for signing up! You are now registered and signed in.');
        return redirect($this->redirectPath());
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@ -11,14 +11,12 @@ class Authenticate
 {
    /**
     * The Guard implementation.
-     *
     * @var Guard
     */
    protected $auth;

    /**
     * Create a new filter instance.
-     *
     * @param  Guard $auth
     */
    public function __construct(Guard $auth)
@ -28,14 +26,13 @@ class Authenticate

    /**
     * Handle an incoming request.
-     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
-        if(auth()->check() && auth()->user()->email_confirmed == false) {
+        if ($this->auth->check() && setting('registration-confirmation') && !$this->auth->user()->email_confirmed) {
            return redirect()->guest('/register/confirm/awaiting');
        }

--- a/app/Providers/LdapUserProvider.php
+++ b/app/Providers/LdapUserProvider.php
@ -115,7 +115,7 @@ class LdapUserProvider implements UserProvider
        $model->name = $userDetails['name'];
        $model->external_auth_id = $userDetails['uid'];
        $model->email = $userDetails['email'];
-        $model->email_confirmed = true;
+        $model->email_confirmed = false;
        return $model;
    }

--- a/app/Repos/UserRepo.php
+++ b/app/Repos/UserRepo.php
@ -106,7 +106,8 @@ class UserRepo
        return $this->user->forceCreate([
            'name'     => $data['name'],
            'email'    => $data['email'],
-            'password' => bcrypt($data['password'])
+            'password' => bcrypt($data['password']),
+            'email_confirmed' => false
        ]);
    }