Refactored the code to first check for the permissions before sorting the book.

[bookstack] / app / Http / Middleware / Authenticate.php

diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
index 372f30bf64f545957cd3a8fb2a63e27416ec441f..c9b2726e8c4eca4f9148f7567a035433bf216879 100644 (file)
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@@ -4,8 +4,6 @@ namespace BookStack\Http\Middleware;
 
 use Closure;
 use Illuminate\Contracts\Auth\Guard;
-use BookStack\Exceptions\UserRegistrationException;
-use Setting;
 
 class Authenticate
 {
@@ -32,8 +30,11 @@ class Authenticate
      */
     public function handle($request, Closure $next)
     {
-        if ($this->auth->check() && setting('registration-confirmation') && !$this->auth->user()->email_confirmed) {
-            return redirect()->guest(baseUrl('/register/confirm/awaiting'));
+        if ($this->auth->check()) {
+            $requireConfirmation = (setting('registration-confirmation') || setting('registration-restrict'));
+            if ($requireConfirmation && !$this->auth->user()->email_confirmed) {
+                return redirect('/register/confirm/awaiting');
+            }
         }
 
         if ($this->auth->guest() && !setting('app-public')) {