From 0f45600e21621989eeec620e7ced9416439034e2 Mon Sep 17 00:00:00 2001
From: Pig Fang <g-plane@hotmail.com>
Date: Mon, 6 Apr 2020 11:13:56 +0800
Subject: [PATCH] add filters for login and registration

---
 app/Http/Controllers/AuthController.php       | 13 +++++++-
 .../ControllersTest/AuthControllerTest.php    | 30 +++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index 3c1143bd..71109aaa 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -10,6 +10,7 @@ use App\Models\User;
 use App\Rules;
 use Auth;
 use Blessing\Filter;
+use Blessing\Rejection;
 use Cache;
 use Carbon\Carbon;
 use Illuminate\Contracts\Events\Dispatcher;
@@ -47,9 +48,14 @@ class AuthController extends Controller
             'identification' => 'required',
             'password' => 'required|min:6|max:32',
         ]);
-
         $identification = $request->input('identification');
         $password = $request->input('password');
+
+        $can = $filter->apply('can_login', null, [$identification, $password]);
+        if ($can instanceof Rejection) {
+            return json($can->getReason(), 1);
+        }
+
         // Guess type of identification
         $authType = filter_var($identification, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
 
@@ -140,6 +146,11 @@ class AuthController extends Controller
             return json(trans('auth.register.close'), 7);
         }
 
+        $can = $filter->apply('can_register', null);
+        if ($can instanceof Rejection) {
+            return json($can->getReason(), 1);
+        }
+
         $rule = option('register_with_player_name') ?
             ['player_name' => [
                 'required',
diff --git a/tests/HttpTest/ControllersTest/AuthControllerTest.php b/tests/HttpTest/ControllersTest/AuthControllerTest.php
index a78fdfcf..d966b107 100644
--- a/tests/HttpTest/ControllersTest/AuthControllerTest.php
+++ b/tests/HttpTest/ControllersTest/AuthControllerTest.php
@@ -8,6 +8,7 @@ use App\Models\Player;
 use App\Models\User;
 use App\Rules\Captcha;
 use App\Services\Facades\Option;
+use Blessing\Rejection;
 use Cache;
 use Event;
 use Illuminate\Foundation\Testing\DatabaseTransactions;
@@ -191,6 +192,25 @@ class AuthControllerTest extends TestCase
             ]
         );
         $this->assertAuthenticated();
+        auth()->logout();
+
+        // rejected by filter
+        $filter->add('can_login', function () {
+            return new Rejection('banned');
+        });
+        $this->postJson('/auth/login', [
+            'identification' => $player->name,
+            'password' => '12345678',
+        ])->assertJson(['code' => 1, 'message' => 'banned']);
+        $filter->assertApplied(
+            'can_login',
+            function ($can, $identification, $password) use ($player) {
+                $this->assertEquals($player->name, $identification);
+                $this->assertEquals('12345678', $password);
+
+                return true;
+            }
+        );
     }
 
     public function testLogout()
@@ -472,6 +492,16 @@ class AuthControllerTest extends TestCase
             ]
         )->assertJson(['code' => 0]);
         $this->assertNotNull(Player::where('player', 'name'));
+        auth()->logout();
+
+        // rejected by filter
+        $filter = Filter::fake();
+        $filter->add('can_register', function () {
+            return new Rejection('disabled');
+        });
+        $this->postJson('/auth/register', [])
+            ->dump()
+            ->assertJson(['code' => 1, 'message' => 'disabled']);
     }
 
     public function testForgot()