coolify/app/Http/Controllers/OauthController.php
Heyang Gong 9832b210e2 feat: OAuth independent registration (#8042)
- Add oauth_registration_enabled setting to allow OAuth users to register
  even when general registration is disabled
- Add oauth_only setting to restrict users to OAuth-only authentication
- Add oauth_only field to users table to mark OAuth-only users
- Update OauthController to respect new settings
- Add UI controls in Advanced settings for admin configuration

Closes #8042
2026-03-10 08:16:02 +08:00

45 lines
1.4 KiB
PHP

<?php
namespace App\Http\Controllers;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpKernel\Exception\HttpException;
class OauthController extends Controller
{
public function redirect(string $provider)
{
$socialite_provider = get_socialite_provider($provider);
return $socialite_provider->redirect();
}
public function callback(string $provider)
{
try {
$oauthUser = get_socialite_provider($provider)->user();
$user = User::whereEmail($oauthUser->email)->first();
if (! $user) {
$settings = instanceSettings();
// Allow OAuth registration if either general registration OR OAuth-specific registration is enabled
if (! $settings->is_registration_enabled && ! $settings->oauth_registration_enabled) {
abort(403, 'Registration is disabled');
}
$user = User::create([
'name' => $oauthUser->name,
'email' => $oauthUser->email,
'oauth_only' => $settings->oauth_only,
]);
}
Auth::login($user);
return redirect('/');
} catch (\Exception $e) {
$errorCode = $e instanceof HttpException ? 'auth.failed' : 'auth.failed.callback';
return redirect()->route('login')->withErrors([__($errorCode)]);
}
}
}