1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-29 23:22:34 +01:00

Made social account detach a POST request

Closes #2808
This commit is contained in:
Dan Brown 2021-06-14 22:37:58 +01:00
parent 94bf5b8fbb
commit 7d951b842c
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 8 additions and 5 deletions

View File

@ -74,8 +74,11 @@
<div role="presentation">@icon('auth/'. $driver, ['style' => 'width: 56px;height: 56px;'])</div>
<div>
@if($user->hasSocialAccount($driver))
<a href="{{ url("/login/service/{$driver}/detach") }}" aria-label="{{ trans('settings.users_social_disconnect') }} - {{ $driver }}"
class="button small outline">{{ trans('settings.users_social_disconnect') }}</a>
<form action="{{ url("/login/service/{$driver}/detach") }}" method="POST">
{{ csrf_field() }}
<button aria-label="{{ trans('settings.users_social_disconnect') }} - {{ $driver }}"
class="button small outline">{{ trans('settings.users_social_disconnect') }}</button>
</form>
@else
<a href="{{ url("/login/service/{$driver}") }}" aria-label="{{ trans('settings.users_social_connect') }} - {{ $driver }}"
class="button small outline">{{ trans('settings.users_social_connect') }}</a>

View File

@ -226,7 +226,7 @@ Route::group(['middleware' => 'auth'], function () {
Route::get('/login/service/{socialDriver}', 'Auth\SocialController@login');
Route::get('/login/service/{socialDriver}/callback', 'Auth\SocialController@callback');
Route::group(['middleware' => 'auth'], function () {
Route::get('/login/service/{socialDriver}/detach', 'Auth\SocialController@detach');
Route::post('/login/service/{socialDriver}/detach', 'Auth\SocialController@detach');
});
Route::get('/register/service/{socialDriver}', 'Auth\SocialController@register');

View File

@ -99,9 +99,9 @@ class SocialAuthTest extends TestCase
]);
$resp = $this->actingAs($editor)->get($editor->getEditUrl());
$resp->assertElementContains('a[href$="/login/service/github/detach"]', 'Disconnect Account');
$resp->assertElementContains('form[action$="/login/service/github/detach"]', 'Disconnect Account');
$resp = $this->get('/login/service/github/detach');
$resp = $this->post('/login/service/github/detach');
$resp->assertRedirect($editor->getEditUrl());
$resp = $this->followRedirects($resp);
$resp->assertSee('Github account was successfully disconnected from your profile.');