Skip to content

Commit ff1ee2d

Browse files
ssddanbrownssddanbrown
committed
Updated flow to ensure /register/confirm route is used where needed
Was accidentally skipped during previous updates. Will now be used on saml, ldap & standard registration where required. Uses session to know if the email was just sent and, if so, show the confirmation route.
1 parent c029741 commit ff1ee2d

File tree

5 files changed

+18
-2
lines changed

5 files changed

+18
-2
lines changed

app/Auth/Access/RegistrationService.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,7 @@ public function registerUser(array $userData, ?SocialAccount $socialAccount = nu
7474

7575
try {
7676
$this->emailConfirmationService->sendConfirmation($newUser);
77+
session()->flash('sent-email-confirmation', true);
7778
} catch (Exception $e) {
7879
$message = trans('auth.email_confirm_send_error');
7980
throw new UserRegistrationException($message, '/register/confirm');

app/Http/Middleware/Authenticate.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,10 @@ protected function emailConfirmationErrorResponse(Request $request)
4444
], 401);
4545
}
4646

47+
if (session()->get('sent-email-confirmation') === true) {
48+
return redirect('/register/confirm');
49+
}
50+
4751
return redirect('/register/confirm/awaiting');
4852
}
4953
}

tests/Auth/AuthTest.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -170,6 +170,11 @@ public function test_restricted_registration()
170170
->seePageIs('/register/confirm')
171171
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
172172

173+
$this->visit('/')
174+
->seePageIs('/register/confirm/awaiting');
175+
176+
auth()->logout();
177+
173178
$this->visit('/')->seePageIs('/login')
174179
->type($user->email, '#email')
175180
->type($user->password, '#password')
@@ -202,6 +207,10 @@ public function test_restricted_registration_with_confirmation_disabled()
202207
->seePageIs('/register/confirm')
203208
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
204209

210+
$this->visit('/')
211+
->seePageIs('/register/confirm/awaiting');
212+
213+
auth()->logout();
205214
$this->visit('/')->seePageIs('/login')
206215
->type($user->email, '#email')
207216
->type($user->password, '#password')

tests/Auth/LdapTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -620,7 +620,7 @@ public function test_login_with_email_confirmation_required_maps_groups_but_show
620620
]
621621
]]);
622622

623-
$this->mockUserLogin()->seePageIs('/register/confirm/awaiting');
623+
$this->mockUserLogin()->seePageIs('/register/confirm');
624624
$this->seeInDatabase('users', [
625625
'email' => $user->email,
626626
'email_confirmed' => false,

tests/Auth/Saml2Test.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -304,7 +304,9 @@ public function test_group_sync_functions_when_email_confirmation_required()
304304

305305
$this->withPost(['SAMLResponse' => $this->acsPostData], function () use ($memberRole, $adminRole) {
306306
$acsPost = $this->followingRedirects()->post('/saml2/acs');
307-
$acsPost->assertSee('Your email address has not yet been confirmed');
307+
308+
$this->assertEquals('http://localhost/register/confirm', url()->current());
309+
$acsPost->assertSee('Please check your email and click the confirmation button to access BookStack.');
308310
$user = User::query()->where('external_auth_id', '=', 'user')->first();
309311

310312
$userRoleIds = $user->roles()->pluck('id');

0 commit comments

Comments
 (0)