verify email if logged in

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 655a771ec6d4efd3d78e83b37b7500ebe04a5c58..d1e406606d3ac307b3d63564d4c764768ae7e51c 100644 (file)
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -3,6 +3,7 @@
 namespace App\Http;
 
 use App\Http\Middleware\EarlyAccessMiddleware;
+use App\Http\Middleware\EnsureEmailIsVerifiedIfLoggedIn;
 use App\Http\Middleware\LoginWithToken;
 use App\LoginToken;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
@@ -66,7 +67,8 @@ class Kernel extends HttpKernel
         'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
-        'early' => EarlyAccessMiddleware::class
+        'early' => EarlyAccessMiddleware::class,
+        'authed.verified' => EnsureEmailIsVerifiedIfLoggedIn::class,
     ];
 
     protected $middlewarePriority = [

diff --git a/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php b/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php
new file mode 100644 (file)
index 0000000..f3742a6
--- /dev/null
+++ b/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Redirect;
+
+class EnsureEmailIsVerifiedIfLoggedIn
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  string|null  $redirectToRoute
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle($request, Closure $next, $redirectToRoute = null)
+    {
+        if ($request->user() !== null &&
+            ($request->user() instanceof MustVerifyEmail &&
+            ! $request->user()->hasVerifiedEmail())) {
+            return $request->expectsJson()
+                    ? abort(403, 'Your email address is not verified.')
+                    : Redirect::route($redirectToRoute ?: 'verification.notice');
+        }
+
+        return $next($request);
+    }
+}

diff --git a/app/Policies/PdfFilePolicy.php b/app/Policies/PdfFilePolicy.php
index 20a94c54ddb405197de28271dd624175bba457bb..729719c3781ca741a3c2f00857980d558dd84e14 100644 (file)
--- a/app/Policies/PdfFilePolicy.php
+++ b/app/Policies/PdfFilePolicy.php
@@ -40,7 +40,6 @@ class PdfFilePolicy
      * @param \App\PdfFile $pdfFile
      * @return mixed
      * @throws AuthenticationException
-     * @todo Redirect with proper error message
      */
     public function view($user = null, PdfFile $pdfFile)
     {
@@ -56,11 +55,6 @@ class PdfFilePolicy
 
         return false;
 
-//        throw new AuthenticationException(
-//            'Unauthenticated.',
-//            ['web'],
-//            route('login', ['redirect_to' => request()->getUri()])
-//        );
 
     }
 

diff --git a/routes/web.php b/routes/web.php
index d3f3b9945a8befb3a76bf6e7d9b2c273c9cb37b3..81eddc9b068be5bca0d99ab33910d2df53ba4247 100644 (file)
--- a/routes/web.php
+++ b/routes/web.php
@@ -43,10 +43,9 @@ Route::domain(env('CLIENT_DOMAIN_NAME'))->group(function() {
 
 
     /** Flowpaper viewer */
-    Route::middleware('login.token')
+    Route::middleware(['login.token', 'authed.verified'])
         ->get('/view/{file:slug}', 'FlowpaperController@view')
         ->name('flowpaper.view');
-//        ->middleware('verified');
 
 
     Route::get('edition/{file:slug}', 'FileController@show');