diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 15dc202..968381f 100755 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -76,6 +76,14 @@ class LoginController extends Controller $isLocked = $service->isLocked($user); if ($isBanned || $isLocked) { + + Log::alert('Restricted user attempting to login.', [ + 'ip' => $request->ip(), + 'email' => $user->email, + 'isBanned' => $isBanned, + 'isLocked' => $isLocked + ]); + return false; } else { return $this->originalAttemptLogin($request); diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 7f7bbb7..074af33 100755 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -28,6 +28,7 @@ use App\Facades\Options; use App\Facades\IP; use Illuminate\Foundation\Auth\RegistersUsers; use Illuminate\Support\Facades\Hash; +use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Validator; class RegisterController extends Controller @@ -68,6 +69,10 @@ class RegisterController extends Controller foreach ($users as $user) { if ($user && $user->isBanned()) { + Log::alert('Suspended user attempting to use registration form', [ + 'ip' => \request()->ip(), + 'email' => $user->email + ]); abort(403, 'You do not have permission to access this page.'); } }