Miguel N
ab037a3474
This commit introduces a new feature where users can disable the collection and display of IP addresses. It's hardcoded in the .env config file for security reasons, and demo mode ignores this setting, because it already hides IPs by default.
98 lines
2.9 KiB
PHP
Executable File
98 lines
2.9 KiB
PHP
Executable File
<?php
|
|
|
|
/*
|
|
* Copyright © 2020 Miguel Nogueira
|
|
*
|
|
* This file is part of Raspberry Staff Manager.
|
|
*
|
|
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* Raspberry Staff Manager is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\User;
|
|
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Log;
|
|
use App\Facades\IP;
|
|
|
|
class LoginController extends Controller
|
|
{
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Login Controller
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This controller handles authenticating users for the application and
|
|
| redirecting them to your home screen. The controller uses a trait
|
|
| to conveniently provide its functionality to your applications.
|
|
|
|
|
*/
|
|
|
|
use AuthenticatesUsers {
|
|
attemptLogin as protected originalAttemptLogin;
|
|
}
|
|
|
|
/**
|
|
* Where to redirect users after login.
|
|
*
|
|
* @var string
|
|
*/
|
|
protected $redirectTo = '/dashboard';
|
|
|
|
/**
|
|
* Create a new controller instance.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function __construct()
|
|
{
|
|
$this->middleware('guest')->except('logout');
|
|
}
|
|
|
|
// We can't customise the error message, since that would imply overriding the login method, which is large.
|
|
// Also, the user should never know that they're banned.
|
|
public function attemptLogin(Request $request)
|
|
{
|
|
$user = User::where('email', $request->email)->first();
|
|
|
|
if ($user) {
|
|
$isBanned = $user->isBanned();
|
|
if ($isBanned) {
|
|
return false;
|
|
} else {
|
|
return $this->originalAttemptLogin($request);
|
|
}
|
|
}
|
|
|
|
return $this->originalAttemptLogin($request);
|
|
}
|
|
|
|
public function authenticated(Request $request, User $user)
|
|
{
|
|
if (IP::shouldCollect()) {
|
|
if ($user->originalIP !== $request->ip())
|
|
{
|
|
Log::alert('User IP address changed from last login. Updating.', [
|
|
'prev' => $user->originalIP,
|
|
'new' => $request->ip()
|
|
]);
|
|
$user->originalIP = $request->ip();
|
|
$user->save();
|
|
}
|
|
}
|
|
}
|
|
}
|