colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated flow to ensure /register/confirm route is used where needed 

Was accidentally skipped during previous updates. Will now be used on
saml, ldap & standard registration where required.
Uses session to know if the email was just sent and, if so, show the
confirmation route.
This commit is contained in:
Dan Brown 2020-09-05 17:26:48 +01:00
parent c029741a17
commit ff1ee2d71f
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
5 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Auth/Access/RegistrationService.php
View File

@ -74,6 +74,7 @@ class RegistrationService
try { try {
$this->emailConfirmationService->sendConfirmation($newUser); $this->emailConfirmationService->sendConfirmation($newUser);
session()->flash('sent-email-confirmation', true);
} catch (Exception $e) { } catch (Exception $e) {
$message = trans('auth.email_confirm_send_error'); $message = trans('auth.email_confirm_send_error');
throw new UserRegistrationException($message, '/register/confirm'); throw new UserRegistrationException($message, '/register/confirm');

4
app/Http/Middleware/Authenticate.php
View File

@ -44,6 +44,10 @@ class Authenticate
], 401); ], 401);
} }
if (session()->get('sent-email-confirmation') === true) {
return redirect('/register/confirm');
}
return redirect('/register/confirm/awaiting'); return redirect('/register/confirm/awaiting');
} }
} }

9
tests/Auth/AuthTest.php
View File

@ -170,6 +170,11 @@ class AuthTest extends BrowserKitTest
->seePageIs('/register/confirm') ->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/')
->seePageIs('/register/confirm/awaiting');
auth()->logout();
$this->visit('/')->seePageIs('/login') $this->visit('/')->seePageIs('/login')
->type($user->email, '#email') ->type($user->email, '#email')
->type($user->password, '#password') ->type($user->password, '#password')
@ -202,6 +207,10 @@ class AuthTest extends BrowserKitTest
->seePageIs('/register/confirm') ->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/')
->seePageIs('/register/confirm/awaiting');
auth()->logout();
$this->visit('/')->seePageIs('/login') $this->visit('/')->seePageIs('/login')
->type($user->email, '#email') ->type($user->email, '#email')
->type($user->password, '#password') ->type($user->password, '#password')

2
tests/Auth/LdapTest.php
View File

@ -620,7 +620,7 @@ class LdapTest extends BrowserKitTest
] ]
]]); ]]);
$this->mockUserLogin()->seePageIs('/register/confirm/awaiting'); $this->mockUserLogin()->seePageIs('/register/confirm');
$this->seeInDatabase('users', [ $this->seeInDatabase('users', [
'email' => $user->email, 'email' => $user->email,
'email_confirmed' => false, 'email_confirmed' => false,

4
tests/Auth/Saml2Test.php
View File

@ -304,7 +304,9 @@ class Saml2Test extends TestCase
$this->withPost(['SAMLResponse' => $this->acsPostData], function () use ($memberRole, $adminRole) { $this->withPost(['SAMLResponse' => $this->acsPostData], function () use ($memberRole, $adminRole) {
$acsPost = $this->followingRedirects()->post('/saml2/acs'); $acsPost = $this->followingRedirects()->post('/saml2/acs');
$acsPost->assertSee('Your email address has not yet been confirmed');
$this->assertEquals('http://localhost/register/confirm', url()->current());
$acsPost->assertSee('Please check your email and click the confirmation button to access BookStack.');
$user = User::query()->where('external_auth_id', '=', 'user')->first(); $user = User::query()->where('external_auth_id', '=', 'user')->first();
$userRoleIds = $user->roles()->pluck('id'); $userRoleIds = $user->roles()->pluck('id');