mirror of
https://github.com/coollabsio/coolify.git
synced 2026-03-11 08:55:47 +00:00
fix: OAuth-only enforcement and migration dates
- Fix migration dates from 2025 to 2026 - Add OAuth-only enforcement in Fortify authentication - Prevent OAuth-only users from resetting passwords - Prevent OAuth-only users from updating passwords
This commit is contained in:
parent
9832b210e2
commit
1ad047fb6b
5 changed files with 15 additions and 0 deletions
|
|
@ -17,6 +17,11 @@ class ResetUserPassword implements ResetsUserPasswords
|
|||
*/
|
||||
public function reset(User $user, array $input): void
|
||||
{
|
||||
// Prevent OAuth-only users from resetting passwords
|
||||
if ($user->oauth_only) {
|
||||
throw new \Exception('OAuth-only users cannot reset passwords.');
|
||||
}
|
||||
|
||||
Validator::make($input, [
|
||||
'password' => ['required', Password::defaults(), 'confirmed'],
|
||||
])->validate();
|
||||
|
|
|
|||
|
|
@ -17,6 +17,11 @@ class UpdateUserPassword implements UpdatesUserPasswords
|
|||
*/
|
||||
public function update(User $user, array $input): void
|
||||
{
|
||||
// Prevent OAuth-only users from updating passwords
|
||||
if ($user->oauth_only) {
|
||||
throw new \Exception('OAuth-only users cannot update passwords.');
|
||||
}
|
||||
|
||||
Validator::make($input, [
|
||||
'current_password' => ['required', 'string', 'current_password:web'],
|
||||
'password' => ['required', Password::defaults(), 'confirmed'],
|
||||
|
|
|
|||
|
|
@ -78,6 +78,11 @@ class FortifyServiceProvider extends ServiceProvider
|
|||
$user &&
|
||||
Hash::check($request->password, $user->password)
|
||||
) {
|
||||
// Prevent OAuth-only users from logging in with password
|
||||
if ($user->oauth_only) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$user->updated_at = now();
|
||||
$user->save();
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue