X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/773be963bade9ecdb79daf3f2f4bfddbf7922cee..refs/pull/3177/head:/app/Auth/Access/LoginService.php

diff --git a/app/Auth/Access/LoginService.php b/app/Auth/Access/LoginService.php
index b251e4cc3..f41570417 100644
--- a/app/Auth/Access/LoginService.php
+++ b/app/Auth/Access/LoginService.php
@@ -13,7 +13,6 @@ use Exception;
 
 class LoginService
 {
-
     protected const LAST_LOGIN_ATTEMPTED_SESSION_KEY = 'auth-login-last-attempted';
 
     protected $mfaSession;
@@ -30,12 +29,14 @@ class LoginService
      * Will start a login of the given user but will prevent if there's
      * a reason to (MFA or Unconfirmed Email).
      * Returns a boolean to indicate the current login result.
+     *
      * @throws StoppedAuthenticationException
      */
     public function login(User $user, string $method, bool $remember = false): void
     {
         if ($this->awaitingEmailConfirmation($user) || $this->needsMfaVerification($user)) {
             $this->setLastLoginAttemptedForUser($user, $method, $remember);
+
             throw new StoppedAuthenticationException($user, $this);
         }
 
@@ -46,7 +47,7 @@ class LoginService
 
         // Authenticate on all session guards if a likely admin
         if ($user->can('users-manage') && $user->can('user-roles-manage')) {
-            $guards = ['standard', 'ldap', 'saml2'];
+            $guards = ['standard', 'ldap', 'saml2', 'oidc'];
             foreach ($guards as $guard) {
                 auth($guard)->login($user);
             }
@@ -55,6 +56,7 @@ class LoginService
 
     /**
      * Reattempt a system login after a previous stopped attempt.
+     *
      * @throws Exception
      */
     public function reattemptLoginFor(User $user)
@@ -75,12 +77,14 @@ class LoginService
     public function getLastLoginAttemptUser(): ?User
     {
         $id = $this->getLastLoginAttemptDetails()['user_id'];
+
         return User::query()->where('id', '=', $id)->first();
     }
 
     /**
      * Get the details of the last login attempt.
      * Checks upon a ttl of about 1 hour since that last attempted login.
+     *
      * @return array{user_id: ?string, method: ?string, remember: bool}
      */
     protected function getLastLoginAttemptDetails(): array
@@ -91,9 +95,10 @@ class LoginService
         }
 
         [$id, $method, $remember, $time] = explode(':', $value);
-        $hourAgo = time() - (60*60);
+        $hourAgo = time() - (60 * 60);
         if ($time < $hourAgo) {
             $this->clearLastLoginAttempted();
+
             return ['user_id' => null, 'method' => null];
         }
 
@@ -156,5 +161,4 @@ class LoginService
 
         return $result;
     }
-
-}
\ No newline at end of file
+}