Guest create page: name field autofocus

[bookstack] / app / Auth / Access / LoginService.php

diff --git a/app/Auth/Access/LoginService.php b/app/Auth/Access/LoginService.php
index b251e4cc3e3b3cd4348b8b1cea6568415b0344b0..c80943166983f950f372712a597cae7cb7031741 100644 (file)
--- a/app/Auth/Access/LoginService.php
+++ b/app/Auth/Access/LoginService.php
@@ -5,6 +5,7 @@ namespace BookStack\Auth\Access;
 use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\Mfa\MfaSession;
 use BookStack\Auth\User;
+use BookStack\Exceptions\LoginAttemptException;
 use BookStack\Exceptions\StoppedAuthenticationException;
 use BookStack\Facades\Activity;
 use BookStack\Facades\Theme;
@@ -13,7 +14,6 @@ use Exception;
 
 class LoginService
 {
-
     protected const LAST_LOGIN_ATTEMPTED_SESSION_KEY = 'auth-login-last-attempted';
 
     protected $mfaSession;
@@ -30,12 +30,14 @@ class LoginService
      * Will start a login of the given user but will prevent if there's
      * a reason to (MFA or Unconfirmed Email).
      * Returns a boolean to indicate the current login result.
+     *
      * @throws StoppedAuthenticationException
      */
     public function login(User $user, string $method, bool $remember = false): void
     {
         if ($this->awaitingEmailConfirmation($user) || $this->needsMfaVerification($user)) {
             $this->setLastLoginAttemptedForUser($user, $method, $remember);
+
             throw new StoppedAuthenticationException($user, $this);
         }
 
@@ -46,7 +48,7 @@ class LoginService
 
         // Authenticate on all session guards if a likely admin
         if ($user->can('users-manage') && $user->can('user-roles-manage')) {
-            $guards = ['standard', 'ldap', 'saml2'];
+            $guards = ['standard', 'ldap', 'saml2', 'oidc'];
             foreach ($guards as $guard) {
                 auth($guard)->login($user);
             }
@@ -55,6 +57,7 @@ class LoginService
 
     /**
      * Reattempt a system login after a previous stopped attempt.
+     *
      * @throws Exception
      */
     public function reattemptLoginFor(User $user)
@@ -75,12 +78,14 @@ class LoginService
     public function getLastLoginAttemptUser(): ?User
     {
         $id = $this->getLastLoginAttemptDetails()['user_id'];
+
         return User::query()->where('id', '=', $id)->first();
     }
 
     /**
      * Get the details of the last login attempt.
      * Checks upon a ttl of about 1 hour since that last attempted login.
+     *
      * @return array{user_id: ?string, method: ?string, remember: bool}
      */
     protected function getLastLoginAttemptDetails(): array
@@ -91,9 +96,10 @@ class LoginService
         }
 
         [$id, $method, $remember, $time] = explode(':', $value);
-        $hourAgo = time() - (60*60);
+        $hourAgo = time() - (60 * 60);
         if ($time < $hourAgo) {
             $this->clearLastLoginAttempted();
+
             return ['user_id' => null, 'method' => null];
         }
 
@@ -144,6 +150,7 @@ class LoginService
      * May interrupt the flow if extra authentication requirements are imposed.
      *
      * @throws StoppedAuthenticationException
+     * @throws LoginAttemptException
      */
     public function attempt(array $credentials, string $method, bool $remember = false): bool
     {
@@ -156,5 +163,4 @@ class LoginService
 
         return $result;
     }
-
-}
\ No newline at end of file
+}