add filters for login and registration

2020-04-06 11:13:56 +08:00 · 2020-04-06 11:13:56 +08:00 · 0f45600e21
commit 0f45600e21
parent 04703cc7e5
2 changed files with 42 additions and 1 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@ -10,6 +10,7 @@ use App\Models\User;
 use App\Rules;
 use Auth;
 use Blessing\Filter;
+use Blessing\Rejection;
 use Cache;
 use Carbon\Carbon;
 use Illuminate\Contracts\Events\Dispatcher;
@ -47,9 +48,14 @@ class AuthController extends Controller
            'identification' => 'required',
            'password' => 'required|min:6|max:32',
        ]);
-
        $identification = $request->input('identification');
        $password = $request->input('password');
+
+        $can = $filter->apply('can_login', null, [$identification, $password]);
+        if ($can instanceof Rejection) {
+            return json($can->getReason(), 1);
+        }
+
        // Guess type of identification
        $authType = filter_var($identification, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';

@ -140,6 +146,11 @@ class AuthController extends Controller
            return json(trans('auth.register.close'), 7);
        }

+        $can = $filter->apply('can_register', null);
+        if ($can instanceof Rejection) {
+            return json($can->getReason(), 1);
+        }
+
        $rule = option('register_with_player_name') ?
            ['player_name' => [
                'required',
--- a/tests/HttpTest/ControllersTest/AuthControllerTest.php
+++ b/tests/HttpTest/ControllersTest/AuthControllerTest.php
@ -8,6 +8,7 @@ use App\Models\Player;
 use App\Models\User;
 use App\Rules\Captcha;
 use App\Services\Facades\Option;
+use Blessing\Rejection;
 use Cache;
 use Event;
 use Illuminate\Foundation\Testing\DatabaseTransactions;
@ -191,6 +192,25 @@ class AuthControllerTest extends TestCase
            ]
        );
        $this->assertAuthenticated();
+        auth()->logout();
+
+        // rejected by filter
+        $filter->add('can_login', function () {
+            return new Rejection('banned');
+        });
+        $this->postJson('/auth/login', [
+            'identification' => $player->name,
+            'password' => '12345678',
+        ])->assertJson(['code' => 1, 'message' => 'banned']);
+        $filter->assertApplied(
+            'can_login',
+            function ($can, $identification, $password) use ($player) {
+                $this->assertEquals($player->name, $identification);
+                $this->assertEquals('12345678', $password);
+
+                return true;
+            }
+        );
    }

    public function testLogout()
@ -472,6 +492,16 @@ class AuthControllerTest extends TestCase
            ]
        )->assertJson(['code' => 0]);
        $this->assertNotNull(Player::where('player', 'name'));
+        auth()->logout();
+
+        // rejected by filter
+        $filter = Filter::fake();
+        $filter->add('can_register', function () {
+            return new Rejection('disabled');
+        });
+        $this->postJson('/auth/register', [])
+            ->dump()
+            ->assertJson(['code' => 1, 'message' => 'disabled']);
    }

    public function testForgot()