diff --git a/app/Actions/Fortify/ResetUserPassword.php b/app/Actions/Fortify/ResetUserPassword.php index 158996c90..cc28b3036 100644 --- a/app/Actions/Fortify/ResetUserPassword.php +++ b/app/Actions/Fortify/ResetUserPassword.php @@ -17,6 +17,11 @@ class ResetUserPassword implements ResetsUserPasswords */ public function reset(User $user, array $input): void { + // Prevent OAuth-only users from resetting passwords + if ($user->oauth_only) { + throw new \Exception('OAuth-only users cannot reset passwords.'); + } + Validator::make($input, [ 'password' => ['required', Password::defaults(), 'confirmed'], ])->validate(); diff --git a/app/Actions/Fortify/UpdateUserPassword.php b/app/Actions/Fortify/UpdateUserPassword.php index 0c51ec56d..2b3f90207 100644 --- a/app/Actions/Fortify/UpdateUserPassword.php +++ b/app/Actions/Fortify/UpdateUserPassword.php @@ -17,6 +17,11 @@ class UpdateUserPassword implements UpdatesUserPasswords */ public function update(User $user, array $input): void { + // Prevent OAuth-only users from updating passwords + if ($user->oauth_only) { + throw new \Exception('OAuth-only users cannot update passwords.'); + } + Validator::make($input, [ 'current_password' => ['required', 'string', 'current_password:web'], 'password' => ['required', Password::defaults(), 'confirmed'], diff --git a/app/Providers/FortifyServiceProvider.php b/app/Providers/FortifyServiceProvider.php index 85f38b967..c062fbee3 100644 --- a/app/Providers/FortifyServiceProvider.php +++ b/app/Providers/FortifyServiceProvider.php @@ -78,6 +78,11 @@ class FortifyServiceProvider extends ServiceProvider $user && Hash::check($request->password, $user->password) ) { + // Prevent OAuth-only users from logging in with password + if ($user->oauth_only) { + return null; + } + $user->updated_at = now(); $user->save(); diff --git a/database/migrations/2025_03_10_080000_add_oauth_registration_settings.php b/database/migrations/2026_03_10_080000_add_oauth_registration_settings.php similarity index 100% rename from database/migrations/2025_03_10_080000_add_oauth_registration_settings.php rename to database/migrations/2026_03_10_080000_add_oauth_registration_settings.php diff --git a/database/migrations/2025_03_10_080001_add_oauth_only_to_users.php b/database/migrations/2026_03_10_080001_add_oauth_only_to_users.php similarity index 100% rename from database/migrations/2025_03_10_080001_add_oauth_only_to_users.php rename to database/migrations/2026_03_10_080001_add_oauth_only_to_users.php