Add initial implementation of registration email restrictions

2024-09-19 15:11:40 +02:00 · 2017-03-24 22:57:31 -04:00 · 2017-03-24 22:57:31 -04:00 · 44f69c3910
commit 44f69c3910
parent b0b690839d
3 changed files with 28 additions and 0 deletions
--- a/app/Http/Controllers/SetupController.php
+++ b/app/Http/Controllers/SetupController.php
@ -112,6 +112,8 @@ class SetupController extends Controller {
        $st_index_redirect = $request->input('setting:index_redirect');
        $st_redirect_404 = $request->input('setting:redirect_404');
        $st_password_recov = $request->input('setting:password_recovery');
+        $st_specify_email = $request->input('setting:specify_email')
+        $st_allowed_email = $request->input('setting:allowed_email_domains')

        $st_base = $request->input('setting:base');
        $st_auto_api_key = $request->input('setting:auto_api_key');
@ -155,6 +157,8 @@ class SetupController extends Controller {
            'ST_INDEX_REDIRECT' => $st_index_redirect,
            'ST_REDIRECT_404' => $st_redirect_404,
            'ST_PASSWORD_RECOV' => $st_password_recov,
+            'ST_SPECIFY_EMAIL' => $st_specify_email,
+            'ST_ALLOWED_EMAIL' => $st_allowed_email,

            'MAIL_ENABLED' => $mail_enabled,
            'MAIL_HOST' => $mail_host,
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@ -67,6 +67,14 @@ class UserController extends Controller {
        $username = $request->input('username');
        $password = $request->input('password');
        $email = $request->input('email');
+        $email_domain = explode("@", $email)[1];
+        
+        if (env('ST_RESTRICT_EMAIL_DOMAIN')) {
+            if ($email_domain != env('ST_RESTRICT_EMAIL_DOMAIN_NAME')) {
+                // ... throw an error
+                return redirect(route('signup'))->with('error', 'Sorry, your email domain is not allowed to register. Try again.');
+            }
+        }

        $ip = $request->ip();

--- a/resources/views/setup.blade.php
+++ b/resources/views/setup.blade.php
@ -174,6 +174,22 @@ Setup
                <option value='no-verification'>Enabled, no email verification required</option>
            </select>

+            <p>
+                Specify Email Domain:
+                <button data-content="Specifying the email will allow you to limit who is able to register." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
+            </p>
+            <select name='setting:specify_email' class='form-control'>
+                <option value='false'>Specify email disabled</option>
+                <option value='true'>Specify email enabled</option>
+            </select>
+            <p class='text-muted'>
+                Please ensure if you choose to limit to a specific email domain that the domain is properly setup.
+            </p>
+            <p>
+                Email Domain:
+                <button data-content="Enter the domain of the emails you'd like to be able to register." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>
+            </p>
+            <input type='text' class='form-control' name='setting:allowed_email_domains' placeholder='gmail.com'>
            <p>
                Password Recovery:
                <button data-content="Password recovery allows users to reset their password through email." type="button" class="btn btn-xs btn-default setup-qmark" data-toggle="popover">?</button>