Don't allow login if user is pending or rejected; some refactoring of the registration code

This commit is contained in:
Nabeel Shahzad
2017-12-22 13:38:24 -06:00
parent 161623c85e
commit 1ebf2bd09c
8 changed files with 119 additions and 16 deletions

View File

@@ -2,8 +2,13 @@
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use App\Http\Controllers\Controller;
use App\Models\Enums\PilotState;
class LoginController extends Controller
{
@@ -20,4 +25,32 @@ class LoginController extends Controller
{
return $this->view('auth/login');
}
protected function sendLoginResponse(Request $request)
{
$request->session()->regenerate();
$this->clearLoginAttempts($request);
$user = Auth::user();
// TODO: How to handle ON_LEAVE?
if($user->state !== PilotState::ACTIVE) {
// Log them out
$this->guard()->logout();
$request->session()->invalidate();
// Redirect to one of the error pages
if($user->state === PilotState::PENDING) {
return $this->view('auth.pending');
}
elseif ($user->state === PilotState::REJECTED) {
return $this->view('auth.rejected');
}
}
return $this->authenticated($request, $this->guard()->user())
?: redirect()->intended($this->redirectPath());
}
}