X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/66c56e9d02efe5ee6c77fcb41ba82176c65f5475..refs/pull/166/head:/app/Http/Controllers/Auth/AuthController.php

diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php
index fda0ee668..2cbc047ce 100644
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@@ -1,7 +1,6 @@
-<?php
-
-namespace BookStack\Http\Controllers\Auth;
+<?php namespace BookStack\Http\Controllers\Auth;
 
+use BookStack\Exceptions\AuthException;
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Http\Request;
 use BookStack\Exceptions\SocialSignInException;
@@ -34,7 +33,6 @@ class AuthController extends Controller
     protected $redirectAfterLogout = '/login';
     protected $username = 'email';
 
-
     protected $socialAuthService;
     protected $emailConfirmationService;
     protected $userRepo;
@@ -51,6 +49,8 @@ class AuthController extends Controller
         $this->socialAuthService = $socialAuthService;
         $this->emailConfirmationService = $emailConfirmationService;
         $this->userRepo = $userRepo;
+        $this->redirectPath = baseUrl('/');
+        $this->redirectAfterLogout = baseUrl('/login');
         $this->username = config('auth.method') === 'standard' ? 'email' : 'username';
         parent::__construct();
     }
@@ -115,6 +115,7 @@ class AuthController extends Controller
      * @param Request $request
      * @param Authenticatable $user
      * @return \Illuminate\Http\RedirectResponse
+     * @throws AuthException
      */
     protected function authenticated(Request $request, Authenticatable $user)
     {
@@ -132,6 +133,13 @@ class AuthController extends Controller
         }
 
         if (!$user->exists) {
+
+            // Check for users with same email already
+            $alreadyUser = $user->newQuery()->where('email', '=', $user->email)->count() > 0;
+            if ($alreadyUser) {
+                throw new AuthException('A user with the email ' . $user->email . ' already exists but with different credentials.');
+            }
+
             $user->save();
             $this->userRepo->attachDefaultRole($user);
             auth()->login($user);
@@ -184,14 +192,11 @@ class AuthController extends Controller
         }
 
         if (setting('registration-confirmation') || setting('registration-restrict')) {
-            $newUser->email_confirmed = false;
             $newUser->save();
             $this->emailConfirmationService->sendConfirmation($newUser);
             return redirect('/register/confirm');
         }
 
-        $newUser->email_confirmed = true;
-
         auth()->login($newUser);
         session()->flash('success', 'Thanks for signing up! You are now registered and signed in.');
         return redirect($this->redirectPath());