Replaced env() with config() to check environment variables

Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00 · 2021-12-16 16:56:39 -05:00 · 6898119891
commit 6898119891
parent a6116a1b15
2 changed files with 7 additions and 5 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -76,7 +76,7 @@ class LoginController extends Controller

        //If the environment is set to ALWAYS require SAML, go straight to the SAML route.
        //We don't need to check other settings, as this should override those.
-        if((env("REQUIRE_SAML", false)))
+        if(config('REQUIRE_SAML'))
        {
            return redirect()->route('saml.login');
        }
@ -209,7 +209,7 @@ class LoginController extends Controller
    public function login(Request $request)
    {
        //If the environment is set to ALWAYS require SAML, return access denied
-        if((env("REQUIRE_SAML", false)))
+        if(config('REQUIRE_SAML'))
        {
            return view('errors.403');
        }
--- a/config/app.php
+++ b/config/app.php
@ -255,9 +255,11 @@ return [
    | Require SAML Login
    |--------------------------------------------------------------------------
    |
-    | Disable the ability to login via form login, and require all logins to
-    | process via SAML login. (If you are not using SAML, this option should
-    | be left alone.)
+    | Disable the ability to login via form login, and disables the 'nosaml'
+    | workaround. It requires all logins to process via SAML login.
+    | (This is for high security setups. If your SAML configuration is not
+    | working, this option should be set to false. This option is not needed
+    | to successfully configure SAML authentication.)
    |
    */