From 968f4a3a8665611223da77bde5ea348b9f08101f Mon Sep 17 00:00:00 2001
From: Louis Jeckel <louis.jeckel@outlook.cm>
Date: Thu, 27 Aug 2020 18:22:55 +0200
Subject: [PATCH] verify email if logged in

---
 app/Http/Kernel.php                           |  4 ++-
 .../EnsureEmailIsVerifiedIfLoggedIn.php       | 31 +++++++++++++++++++
 app/Policies/PdfFilePolicy.php                |  6 ----
 routes/web.php                                |  3 +-
 4 files changed, 35 insertions(+), 9 deletions(-)
 create mode 100644 app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 655a771..d1e4066 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -3,6 +3,7 @@
 namespace App\Http;
 
 use App\Http\Middleware\EarlyAccessMiddleware;
+use App\Http\Middleware\EnsureEmailIsVerifiedIfLoggedIn;
 use App\Http\Middleware\LoginWithToken;
 use App\LoginToken;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
@@ -66,7 +67,8 @@ class Kernel extends HttpKernel
         'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
-        'early' => EarlyAccessMiddleware::class
+        'early' => EarlyAccessMiddleware::class,
+        'authed.verified' => EnsureEmailIsVerifiedIfLoggedIn::class,
     ];
 
     protected $middlewarePriority = [
diff --git a/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php b/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php
new file mode 100644
index 0000000..f3742a6
--- /dev/null
+++ b/app/Http/Middleware/EnsureEmailIsVerifiedIfLoggedIn.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Redirect;
+
+class EnsureEmailIsVerifiedIfLoggedIn
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  string|null  $redirectToRoute
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle($request, Closure $next, $redirectToRoute = null)
+    {
+        if ($request->user() !== null &&
+            ($request->user() instanceof MustVerifyEmail &&
+            ! $request->user()->hasVerifiedEmail())) {
+            return $request->expectsJson()
+                    ? abort(403, 'Your email address is not verified.')
+                    : Redirect::route($redirectToRoute ?: 'verification.notice');
+        }
+
+        return $next($request);
+    }
+}
diff --git a/app/Policies/PdfFilePolicy.php b/app/Policies/PdfFilePolicy.php
index 20a94c5..729719c 100644
--- a/app/Policies/PdfFilePolicy.php
+++ b/app/Policies/PdfFilePolicy.php
@@ -40,7 +40,6 @@ class PdfFilePolicy
      * @param \App\PdfFile $pdfFile
      * @return mixed
      * @throws AuthenticationException
-     * @todo Redirect with proper error message
      */
     public function view($user = null, PdfFile $pdfFile)
     {
@@ -56,11 +55,6 @@ class PdfFilePolicy
 
         return false;
 
-//        throw new AuthenticationException(
-//            'Unauthenticated.',
-//            ['web'],
-//            route('login', ['redirect_to' => request()->getUri()])
-//        );
 
     }
 
diff --git a/routes/web.php b/routes/web.php
index d3f3b99..81eddc9 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -43,10 +43,9 @@ Route::domain(env('CLIENT_DOMAIN_NAME'))->group(function() {
 
 
     /** Flowpaper viewer */
-    Route::middleware('login.token')
+    Route::middleware(['login.token', 'authed.verified'])
         ->get('/view/{file:slug}', 'FlowpaperController@view')
         ->name('flowpaper.view');
-//        ->middleware('verified');
 
 
     Route::get('edition/{file:slug}', 'FileController@show');
-- 
2.39.5