lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions

If SAML required, don't accept login form post.

Browse source
This commit is contained in:
Alex Janes 2021-12-16 14:33:25 -05:00
parent 696943b04b
commit a6116a1b15
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/Http/Controllers/Auth/LoginController.php
View file

@ -75,6 +75,7 @@ class LoginController extends Controller
} }
//If the environment is set to ALWAYS require SAML, go straight to the SAML route. //If the environment is set to ALWAYS require SAML, go straight to the SAML route.
//We don't need to check other settings, as this should override those.
if((env("REQUIRE_SAML", false))) if((env("REQUIRE_SAML", false)))
{ {
return redirect()->route('saml.login'); return redirect()->route('saml.login');
@ -207,6 +208,12 @@ class LoginController extends Controller
*/ */
public function login(Request $request) public function login(Request $request)
{ {
//If the environment is set to ALWAYS require SAML, return access denied
if((env("REQUIRE_SAML", false)))
{
return view('errors.403');
}
if (Setting::getSettings()->login_common_disabled == '1') { if (Setting::getSettings()->login_common_disabled == '1') {
return view('errors.403'); return view('errors.403');
} }