Merge pull request #778 from datamweb/fix-allowMagicLinkLogins

fix: Magic Link Login can be used even if `$allowMagicLinkLogins` is false
codeigniter4 · Aug 12, 2023 · 636684a · 636684a
2 parents 58863d0 + eb53758
commit 636684a
Show file tree

Hide file tree

Showing 20 changed files with 78 additions and 0 deletions.
diff --git a/src/Controllers/MagicLinkController.php b/src/Controllers/MagicLinkController.php
@@ -50,6 +50,10 @@ public function __construct()
      */
     public function loginView()
     {
+        if (! setting('Auth.allowMagicLinkLogins')) {
+            return redirect()->route('login')->with('error', lang('Auth.magicLinkDisabled'));
+        }
+
         if (auth()->loggedIn()) {
             return redirect()->to(config('Auth')->loginRedirect());
         }
@@ -66,6 +70,10 @@ public function loginView()
      */
     public function loginAction()
     {
+        if (! setting('Auth.allowMagicLinkLogins')) {
+            return redirect()->route('login')->with('error', lang('Auth.magicLinkDisabled'));
+        }
+
         // Validate email format
         $rules = $this->getValidationRules();
         if (! $this->validateData($this->request->getPost(), $rules, [], config('Auth')->DBGroup)) {
@@ -135,6 +143,10 @@ protected function displayMessage(): string
      */
     public function verify(): RedirectResponse
     {
+        if (! setting('Auth.allowMagicLinkLogins')) {
+            return redirect()->route('login')->with('error', lang('Auth.magicLinkDisabled'));
+        }
+
         $token = $this->request->getGet('token');
 
         /** @var UserIdentityModel $identityModel */

diff --git a/src/Language/ar/Auth.php b/src/Language/ar/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'عذرا ، لقد انتهت صلاحية الرابط.',
     'checkYourEmail'     => 'تحقق من بريدك الالكتروني!',
     'magicLinkDetails'   => 'لقد أرسلنا لك بريدًا إلكترونيًا يحتوي على رابط تسجيل الدخول بالداخل. الرابط صالح فقط لمدة {0} دقيقة.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'لقد قمت بتسجيل الخروج بنجاح.',
     'backToLogin'        => 'العودة إلى نموذج تسجيل الدخول',
 

diff --git a/src/Language/bg/Auth.php b/src/Language/bg/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Съжаляваме, линкът е изтекъл.',
     'checkYourEmail'     => 'Проверете вашия имейл!',
     'magicLinkDetails'   => 'Току що ви изпратихме имейл с линк за вход. Линкът ще бъде валиден само {0} минути.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Успешно излязохте от системата.',
     'backToLogin'        => 'Обратно към входа',
 

diff --git a/src/Language/de/Auth.php b/src/Language/de/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Sorry, der Link ist abgelaufen.',
     'checkYourEmail'     => 'Prüfen Sie Ihre E-Mail!',
     'magicLinkDetails'   => 'Wir haben Ihnen gerade eine E-Mail mit einem Login-Link geschickt. Er ist nur für {0} Minuten gültig.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Sie haben sich erfolgreich abgemeldet.',
     'backToLogin'        => 'Zurück zur Anmeldung',
 

diff --git a/src/Language/en/Auth.php b/src/Language/en/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Sorry, link has expired.',
     'checkYourEmail'     => 'Check your email!',
     'magicLinkDetails'   => 'We just sent you an email with a Login link inside. It is only valid for {0} minutes.',
+    'magicLinkDisabled'  => 'Use of MagicLink is currently not allowed.',
     'successLogout'      => 'You have successfully logged out.',
     'backToLogin'        => 'Back to Login',
 

diff --git a/src/Language/es/Auth.php b/src/Language/es/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Lo siento, el enlace ha caducado.',
     'checkYourEmail'     => '¡Revisa tu correo electrónico!',
     'magicLinkDetails'   => 'Acabamos de enviarte un correo electrónico con un enlace de inicio de sesión. Solo es válido durante {0} minutos.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Has cerrado sesión correctamente.',
     'backToLogin'        => 'Volver al inicio de sesión',
 

diff --git a/src/Language/fa/Auth.php b/src/Language/fa/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'متاسفانه, لینک منقضی شده است.',
     'checkYourEmail'     => 'ایمیلتان را بررسی کنید!',
     'magicLinkDetails'   => 'ما فقط یک لینک ورود به ایمیلتان ارسال کردیم. این لینک فقط برای {0} دقیقه معتبر خواهد بود.',
+    'magicLinkDisabled'  => 'امکان استفاده از لینک جادویی وجود ندارد.',
     'successLogout'      => 'با موفقیت خارج شدید.',
     'backToLogin'        => 'بازگشت به ورود به سیستم',
 

diff --git a/src/Language/fr/Auth.php b/src/Language/fr/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Désolé, le lien a expiré.',
     'checkYourEmail'     => 'Vérifier votre email !',
     'magicLinkDetails'   => 'Nous venons de vous envoyer un email contenant un lien de connexion. Il n\'est valable que {0} minutes.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Vous avez été déconnecté avec succès.',
     'backToLogin'        => 'Retour à la connexion',
 

diff --git a/src/Language/id/Auth.php b/src/Language/id/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Maaf, tautan sudah tidak berlaku.',
     'checkYourEmail'     => 'Periksa email Anda!',
     'magicLinkDetails'   => 'Kami baru saja mengirimi Anda email dengan tautan Masuk di dalamnya. Ini hanya berlaku selama {0} menit.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Anda telah berhasil keluar.',
     'backToLogin'        => 'Kembali ke masuk',
 

diff --git a/src/Language/it/Auth.php b/src/Language/it/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Spiacente, il link è scaduto.',
     'checkYourEmail'     => 'Controlla la tua email!',
     'magicLinkDetails'   => 'Ti abbiamo appena inviato una mail contenente un Login link. È valido solo per {0} minuti.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Hai effettuato il logout con successo.',
     'backToLogin'        => 'Torna al login',
 

diff --git a/src/Language/ja/Auth.php b/src/Language/ja/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => '申し訳ございません、リンクは切れています。', // 'Sorry, link has expired.'
     'checkYourEmail'     => 'メールをチェックしてください！', // 'Check your email!'
     'magicLinkDetails'   => 'ログインリンクが含まれたメールを送信しました。これは {0} 分間だけ有効です。', // 'We just sent you an email with a Login link inside. It is only valid for {0} minutes.'
+    'magicLinkDisabled'  => 'マジックリンクは使えません。', // 'Use of MagicLink is currently not allowed.'
     'successLogout'      => '正常にログアウトしました。', // 'You have successfully logged out.'
     'backToLogin'        => 'ログインに戻る', // 'Back to Login'
 

diff --git a/src/Language/lt/Auth.php b/src/Language/lt/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Deja, nuorodos galiojimas baigėsi.',
     'checkYourEmail'     => 'Patikrinkite savo el. paštą!',
     'magicLinkDetails'   => 'Mes ką tik išsiuntėme Jums el. laišką su prisijungimo nuoroda. Ji galios tiki {0} minučių(-es).',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Jūs sėkmingai atsijungėte.',
     'backToLogin'        => 'Grįžti į prisijungimą',
 

diff --git a/src/Language/pt-BR/Auth.php b/src/Language/pt-BR/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Desculpe, o link expirou.',
     'checkYourEmail'     => 'Verifique seu e-mail!',
     'magicLinkDetails'   => 'Acabamos de enviar um e-mail com um link de Login. Ele é válido apenas por {0} minutos.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Você saiu com sucesso.',
     'backToLogin'        => 'Voltar para o login',
 

diff --git a/src/Language/pt/Auth.php b/src/Language/pt/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Desculpe, o link expirou.',
     'checkYourEmail'     => 'Verifique o seu e-mail!',
     'magicLinkDetails'   => 'Acabamos de enviar um e-mail com um link de Login. Ele é válido apenas por {0} minutos.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Saiu com sucesso.',
     'backToLogin'        => 'Voltar ao login',
 

diff --git a/src/Language/sk/Auth.php b/src/Language/sk/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Ľutujeme, platnosť odkazu vypršala.',
     'checkYourEmail'     => 'Skontrolujte e-mail',
     'magicLinkDetails'   => 'Práve sme vám poslali e-mail s odkazom na prihlásenie. Platí iba {0} minút.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Úspešne ste sa odhlásili.',
     'backToLogin'        => 'Späť na prihlásenie',
 

diff --git a/src/Language/sr/Auth.php b/src/Language/sr/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Žao nam je, link je istekao.',
     'checkYourEmail'     => 'Proverite Vaš email!',
     'magicLinkDetails'   => 'Upravo smo Vam poslali pristupni link. Pristupni link će biti validan još samo {0} minuta.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Uspešno ste se odjavili sa sistema.',
     'backToLogin'        => 'Nazad na prijavljivanje',
 

diff --git a/src/Language/sv-SE/Auth.php b/src/Language/sv-SE/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Tyvärr, länken har gått ut.',
     'checkYourEmail'     => 'Kontrollera din epost!',
     'magicLinkDetails'   => 'En login-länk har skickats med epost. Den gäller bara i {0} minuter.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Du har loggats ut.',
     'backToLogin'        => 'Tillbaka till inloggning',
 

diff --git a/src/Language/tr/Auth.php b/src/Language/tr/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Üzgünüm, bağlantının süresi doldu.',
     'checkYourEmail'     => 'E-postanı kontrol et!',
     'magicLinkDetails'   => 'Az önce size içinde bir Giriş bağlantısı olan bir e-posta gönderdik. Bağlantı {0} dakika için geçerlidir.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Başarıyla çıkış yaptınız.',
     'backToLogin'        => 'Girişe Geri Dön',
 

diff --git a/src/Language/uk/Auth.php b/src/Language/uk/Auth.php
@@ -51,6 +51,7 @@
     'magicLinkExpired'   => 'Вибачте, термін дії посилання закінчився.',
     'checkYourEmail'     => 'Перевірте свою електронну пошту!',
     'magicLinkDetails'   => 'Ми щойно надіслали вам електронний лист із посиланням для входу. Він дійсний лише протягом {0} хвилин.',
+    'magicLinkDisabled'  => '(To be translated) Use of MagicLink is currently not allowed.',
     'successLogout'      => 'Ви успішно вийшли.',
     'backToLogin'        => 'Повернутися до входу',
 

diff --git a/tests/Controllers/MagicLinkTest.php b/tests/Controllers/MagicLinkTest.php
@@ -120,4 +120,52 @@ public function testBackToLoginLinkOnPage(): void
         $result = $this->get('/login/magic-link');
         $this->assertStringContainsString(lang('Auth.backToLogin'), $result->getBody());
     }
+
+    public function testMagicLinkRedirectsIfNotAllowed(): void
+    {
+        $config                       = config('Auth');
+        $config->allowMagicLinkLogins = false;
+        Factories::injectMock('config', 'Auth', $config);
+
+        $result = $this->withSession()->get('/login/magic-link');
+
+        $result->assertStatus(302);
+        $result->assertRedirect();
+        $result->assertSessionHas(
+            'error',
+            lang('Auth.magicLinkDisabled'),
+        );
+    }
+
+    public function testMagicLinkActionRedirectsIfNotAllowed(): void
+    {
+        $config                       = config('Auth');
+        $config->allowMagicLinkLogins = false;
+        Factories::injectMock('config', 'Auth', $config);
+
+        $result = $this->withSession()->post('/login/magic-link');
+
+        $result->assertStatus(302);
+        $result->assertRedirect();
+        $result->assertSessionHas(
+            'error',
+            lang('Auth.magicLinkDisabled'),
+        );
+    }
+
+    public function testMagicLinkVerifyRedirectsIfNotAllowed(): void
+    {
+        $config                       = config('Auth');
+        $config->allowMagicLinkLogins = false;
+        Factories::injectMock('config', 'Auth', $config);
+
+        $result = $this->withSession()->get('/login/verify-magic-link');
+
+        $result->assertStatus(302);
+        $result->assertRedirect();
+        $result->assertSessionHas(
+            'error',
+            lang('Auth.magicLinkDisabled'),
+        );
+    }
 }