mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2025-11-19 16:10:00 +00:00
First set of code for #461
This commit is contained in:
James Cole
@@ -62,7 +62,16 @@ class ConfigurationController extends Controller
|
||||
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
|
||||
$isDemoSite = FireflyConfig::get('is_demo_site', config('firefly.configuration.is_demo_site'))->data;
|
||||
|
||||
return view('admin.configuration.index', compact('subTitle', 'subTitleIcon', 'singleUserMode', 'mustConfirmAccount', 'isDemoSite'));
|
||||
// email settings:
|
||||
$sendErrorMessage = [
|
||||
'mail_for_lockout' => FireflyConfig::get('mail_for_lockout', config('firefly.configuration.mail_for_lockout'))->data,
|
||||
'mail_for_blocked_domain' => FireflyConfig::get('mail_for_blocked_domain', config('firefly.configuration.mail_for_blocked_domain'))->data,
|
||||
'mail_for_blocked_email' => FireflyConfig::get('mail_for_blocked_email', config('firefly.configuration.mail_for_blocked_email'))->data,
|
||||
'mail_for_bad_login' => FireflyConfig::get('mail_for_bad_login', config('firefly.configuration.mail_for_bad_login'))->data,
|
||||
'mail_for_blocked_login' => FireflyConfig::get('mail_for_blocked_login', config('firefly.configuration.mail_for_blocked_login'))->data,
|
||||
];
|
||||
|
||||
return view('admin.configuration.index', compact('subTitle', 'subTitleIcon', 'singleUserMode', 'mustConfirmAccount', 'isDemoSite', 'sendErrorMessage'));
|
||||
|
||||
}
|
||||
|
||||
@@ -81,6 +90,13 @@ class ConfigurationController extends Controller
|
||||
FireflyConfig::set('must_confirm_account', $data['must_confirm_account']);
|
||||
FireflyConfig::set('is_demo_site', $data['is_demo_site']);
|
||||
|
||||
// email settings
|
||||
FireflyConfig::set('mail_for_lockout', $data['mail_for_lockout']);
|
||||
FireflyConfig::set('mail_for_blocked_domain', $data['mail_for_blocked_domain']);
|
||||
FireflyConfig::set('mail_for_blocked_email', $data['mail_for_blocked_email']);
|
||||
FireflyConfig::set('mail_for_bad_login', $data['mail_for_bad_login']);
|
||||
FireflyConfig::set('mail_for_blocked_login', $data['mail_for_blocked_login']);
|
||||
|
||||
// flash message
|
||||
Session::flash('success', strval(trans('firefly.configuration_updated')));
|
||||
Preferences::mark();
|
||||
|
||||
@@ -14,15 +14,14 @@ namespace FireflyIII\Http\Controllers\Auth;
|
||||
|
||||
use Config;
|
||||
use FireflyConfig;
|
||||
use FireflyIII\Events\BlockedBadLogin;
|
||||
use FireflyIII\Events\BlockedUserLogin;
|
||||
use FireflyIII\Events\LockedOutUser;
|
||||
use FireflyIII\Http\Controllers\Controller;
|
||||
use FireflyIII\User;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Mail\Message;
|
||||
use Lang;
|
||||
use Log;
|
||||
use Mail;
|
||||
use Swift_TransportException;
|
||||
|
||||
/**
|
||||
* Class LoginController
|
||||
@@ -75,6 +74,8 @@ class LoginController extends Controller
|
||||
if ($lockedOut) {
|
||||
$this->fireLockoutEvent($request);
|
||||
|
||||
event(new LockedOutUser($request->get('email'), $request->ip()));
|
||||
|
||||
return $this->sendLockoutResponse($request);
|
||||
}
|
||||
|
||||
@@ -90,10 +91,13 @@ class LoginController extends Controller
|
||||
/** @var User $foundUser */
|
||||
$foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first();
|
||||
if (!is_null($foundUser)) {
|
||||
// if it exists, show message:
|
||||
// user exists, but is blocked:
|
||||
$code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked';
|
||||
$errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']]));
|
||||
$this->reportBlockedUserLoginAttempt($foundUser, $code, $request->ip());
|
||||
event(new BlockedUserLogin($foundUser, $request->ip()));
|
||||
}
|
||||
if (is_null($foundUser)) {
|
||||
event(new BlockedBadLogin($credentials['email'], $request->ip()));
|
||||
}
|
||||
|
||||
// If the login attempt was unsuccessful we will increment the number of attempts
|
||||
@@ -163,34 +167,4 @@ class LoginController extends Controller
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Send a message home about the blocked attempt to login.
|
||||
* Perhaps in a later stage, simply log these messages.
|
||||
*
|
||||
* @param User $user
|
||||
* @param string $code
|
||||
* @param string $ipAddress
|
||||
*/
|
||||
private function reportBlockedUserLoginAttempt(User $user, string $code, string $ipAddress)
|
||||
{
|
||||
|
||||
try {
|
||||
$email = env('SITE_OWNER', false);
|
||||
$fields = [
|
||||
'user_id' => $user->id,
|
||||
'user_address' => $user->email,
|
||||
'code' => $code,
|
||||
'ip' => $ipAddress,
|
||||
];
|
||||
|
||||
Mail::send(
|
||||
['emails.blocked-login-html', 'emails.blocked-login-text'], $fields, function (Message $message) use ($email, $user) {
|
||||
$message->to($email, $email)->subject('Blocked a login attempt from ' . trim($user->email) . '.');
|
||||
}
|
||||
);
|
||||
} catch (Swift_TransportException $e) {
|
||||
Log::error($e->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user