Merge pull request #869 from sammyskills/fix-inactive-redirect

datamweb · web-flow · commit defdd11a8042 · 2023-10-03T20:21:47.000+03:30
fix: redirect inactive account to auth action page
diff --git a/src/Filters/SessionAuth.php b/src/Filters/SessionAuth.php
@@ -61,10 +61,12 @@ public function before(RequestInterface $request, $arguments = null)
             }
 
             if ($user !== null && ! $user->isActivated()) {
-                $authenticator->logout();
-
-                return redirect()->route('login')
-                    ->with('error', lang('Auth.activationBlocked'));
+                // If an action has been defined for register, start it up.
+                $hasAction = $authenticator->startUpAction('register', $user);
+                if ($hasAction) {
+                    return redirect()->route('auth-action-show')
+                        ->with('error', lang('Auth.activationBlocked'));
+                }
             }
 
             return;
diff --git a/tests/Authentication/Filters/AbstractFilterTestCase.php b/tests/Authentication/Filters/AbstractFilterTestCase.php
@@ -69,6 +69,7 @@ static function ($routes): void {
             echo 'Open';
         });
         $routes->get('login', 'AuthController::login', ['as' => 'login']);
+        $routes->get('auth/a/show', 'AuthActionController::show', ['as' => 'auth-action-show']);
         $routes->get('protected-user-route', static function (): void {
             echo 'Protected';
         }, ['filter' => $this->alias . ':users-read']);
diff --git a/tests/Authentication/Filters/SessionFilterTest.php b/tests/Authentication/Filters/SessionFilterTest.php
@@ -58,7 +58,7 @@ public function testRecordActiveDate(): void
         $this->assertGreaterThan(auth('session')->user()->updated_at, auth('session')->user()->last_active);
     }
 
-    public function testBlocksInactiveUsers(): void
+    public function testBlocksInactiveUsersAndRedirectsToAuthAction(): void
     {
         $user = fake(UserModel::class, ['active' => false]);
 
@@ -77,7 +77,7 @@ public function testBlocksInactiveUsers(): void
         $result = $this->actingAs($user)
             ->get('protected-route');
 
-        $result->assertRedirectTo('/login');
+        $result->assertRedirectTo('/auth/a/show');
         // User should be logged out
         $this->assertNull(auth('session')->id());
 

Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ public function testRecordActiveDate(): void`
`58`	`58`	`$this->assertGreaterThan(auth('session')->user()->updated_at, auth('session')->user()->last_active);`
`59`	`59`	`}`
`60`	`60`
`61`		`- public function testBlocksInactiveUsers(): void`
	`61`	`+ public function testBlocksInactiveUsersAndRedirectsToAuthAction(): void`
`62`	`62`	`{`
`63`	`63`	`$user = fake(UserModel::class, ['active' => false]);`
`64`	`64`
`@@ -77,7 +77,7 @@ public function testBlocksInactiveUsers(): void`
`77`	`77`	`$result = $this->actingAs($user)`
`78`	`78`	`->get('protected-route');`
`79`	`79`
`80`		`- $result->assertRedirectTo('/login');`
	`80`	`+ $result->assertRedirectTo('/auth/a/show');`
`81`	`81`	`// User should be logged out`
`82`	`82`	`$this->assertNull(auth('session')->id());`
`83`	`83`