yindo/UNIT3D
1
0
Fork 0
mirror of https://github.com/BillyOutlast/UNIT3D.git synced 2026-02-04 03:01:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d88d956065f80fe8265cc3f769b825f65373d0bc
UNIT3D/app/Http/Middleware/CheckIfBanned.php
Roardom 0492a9d704 fix: provide banned rss feed when user banned 
We can't log them out (which the code would do instead) because rss doesn't have cookies. Provides a similar solution as what's done with the api.
2025-07-23 01:08:52 +00:00

74 lines
2.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
/**
* NOTICE OF LICENSE.
*
* UNIT3D Community Edition is open-sourced software licensed under the GNU Affero General Public License v3.0
* The details is bundled with this project in the file LICENSE.txt.
*
* @project UNIT3D Community Edition
*
* @author HDVinnie <hdinnovations@protonmail.com>
* @license https://www.gnu.org/licenses/agpl-3.0.en.html/ GNU Affero General Public License v3.0
*/
namespace App\Http\Middleware;
use App\Models\Group;
use Closure;
use Exception;
class CheckIfBanned
{
/**
* Handle an incoming request.
*
* @throws Exception
*/
public function handle(\Illuminate\Http\Request $request, Closure $next, ?string $guard = null): mixed
{
$user = $request->user();
// Redis returns ints as numeric strings!
$bannedGroupId = (int) cache()->rememberForever('group:banned:id', fn () => Group::where('slug', '=', 'banned')->soleValue('id'));
if ($user && $user->group_id === $bannedGroupId) {
if ($request->is('api/*')) {
return response()->json([
'message' => __('auth.banned'),
]);
}
if ($request->is('rss/*')) {
$message = __('auth.banned');
$now = now()->toRssString();
$url = config('app.url');
return response(
<<<XML
<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title>{$message}</title>
<link>{$url}</link>
<description>{$message}</description>
<pubDate>{$now}</pubDate>
</channel>
</rss>
XML,
403
)->header('Content-Type', 'text/xml');
}
auth()->logout();
$request->session()->flush();
return to_route('login')
->withErrors(__('auth.banned'));
}
return $next($request);
}
}
Reference in New Issue View Git Blame Copy Permalink