From cddeb2436f9ee8965300e1d1334ddb17cd473be9 Mon Sep 17 00:00:00 2001 From: warcooft Date: Sun, 6 Oct 2024 19:34:31 +0700 Subject: [PATCH 1/3] fix Prevent Duplicate Entry Errors --- src/Controllers/OAuthController.php | 20 ++++++++++++-------- src/Language/en/ShieldOAuthLang.php | 1 + src/Language/fa/ShieldOAuthLang.php | 1 + src/Language/fr/ShieldOAuthLang.php | 1 + src/Language/id/ShieldOAuthLang.php | 1 + 5 files changed, 16 insertions(+), 8 deletions(-) diff --git a/src/Controllers/OAuthController.php b/src/Controllers/OAuthController.php index da3aa49..fad930c 100644 --- a/src/Controllers/OAuthController.php +++ b/src/Controllers/OAuthController.php @@ -91,6 +91,10 @@ public function callBack(): RedirectResponse $updateFields = $oauthClass->getColumnsName('syncingUserInfo', $userInfo); $userid = $this->syncingUserInfo($find, $updateFields); + + if ($this->userExist->isBanned()) { + return redirect()->to(config('Auth')->logoutRedirect())->with('error', $this->userExist->getBanMessage() ?? lang('Auth.bannedUser')); + } } else { // Check config setting first to see if it can register automatically or not if (setting('ShieldOAuthConfig.oauthConfigs')[$oauthName]['allow_register'] === false) { @@ -102,19 +106,19 @@ public function callBack(): RedirectResponse // new user $entitiesUser = new User($oauthClass->getColumnsName('newUser', $userInfo)); - $users->save($entitiesUser); - $userid = $users->getInsertID(); + try { + $userid = $users->insert($entitiesUser); + } catch (\Throwable $th) { + //If the insert fails due to a duplicate key entry, see the log message for audit. + return redirect()->to(config('Auth')->logoutRedirect())->with('error', lang('ShieldOAuthLang.Callback.account_disabled')); + } + // To get the complete user object with ID, we need to get from the database - $user = $users->findById($userid); - $users->save($user); + $user = $users->find($userid); // Add to default group $users->addToDefaultGroup($user); } - if ($this->userExist && $this->userExist->isBanned()) { - return redirect()->to(config('Auth')->logoutRedirect())->with('error', $this->userExist->getBanMessage() ?? lang('Auth.bannedUser')); - } - auth()->loginById($userid); $this->recordLoginAttempt($oauthName, $userInfo->email); diff --git a/src/Language/en/ShieldOAuthLang.php b/src/Language/en/ShieldOAuthLang.php index 50ec242..196dfef 100644 --- a/src/Language/en/ShieldOAuthLang.php +++ b/src/Language/en/ShieldOAuthLang.php @@ -20,6 +20,7 @@ 'anti_forgery' => 'Your request has been detected as fake. we are sorry!', 'account_not_found' => 'There is no account registered with the email "{0}".', 'access_denied' => 'Authentication cancelled! You declined {0} permissions.', + 'account_disabled' => 'This account is no longer active. Please contact administrator for assistance.', ], // ShieldOAuthButton in views diff --git a/src/Language/fa/ShieldOAuthLang.php b/src/Language/fa/ShieldOAuthLang.php index bf86863..73b7540 100644 --- a/src/Language/fa/ShieldOAuthLang.php +++ b/src/Language/fa/ShieldOAuthLang.php @@ -20,6 +20,7 @@ 'anti_forgery' => 'متاسفانه، تلاش شما ، یک درخواست جعلی تشخیص داده شد.', 'account_not_found' => 'هیچ حسابی با ایمیل "{0}" ثبت نشده است.', 'access_denied' => 'تأیید اعتبار لغو شد! شما دسترسی‌های {0} را رد کردید.', + 'account_disabled' => '(To be translated) This account is no longer active. Please contact administrator for assistance.', ], // ShieldOAuthButton in views diff --git a/src/Language/fr/ShieldOAuthLang.php b/src/Language/fr/ShieldOAuthLang.php index 80eb7e4..6e8195c 100644 --- a/src/Language/fr/ShieldOAuthLang.php +++ b/src/Language/fr/ShieldOAuthLang.php @@ -20,6 +20,7 @@ 'anti_forgery' => 'Votre demande a été détectée comme erronée. Nous sommes désolés!', 'account_not_found' => 'Il n\'y a pas de compte enregistré avec l\'email "{0}".', 'access_denied' => 'Authentification annulée ! Vous avez refusé les autorisations {0}.', + 'account_disabled' => '(To be translated) This account is no longer active. Please contact administrator for assistance.', ], // ShieldOAuthButton in views diff --git a/src/Language/id/ShieldOAuthLang.php b/src/Language/id/ShieldOAuthLang.php index b3c6071..e6f4a84 100644 --- a/src/Language/id/ShieldOAuthLang.php +++ b/src/Language/id/ShieldOAuthLang.php @@ -20,6 +20,7 @@ 'anti_forgery' => 'Maaf, permintaan Anda terdeteksi tidak valid!', 'account_not_found' => 'Tidak ada akun yang terdaftar dengan email "{0}".', 'access_denied' => 'Autentikasi dibatalkan! Anda menolak izin {0}.', + 'account_disabled' => 'Akun ini sudah tidak aktif. Silakan hubungi administrator untuk mendapatkan bantuan.', ], // ShieldOAuthButton in views From 1b88775d471f2c1bc5d5a088110ea72753061473 Mon Sep 17 00:00:00 2001 From: warcooft Date: Sun, 6 Oct 2024 19:47:14 +0700 Subject: [PATCH 2/3] respect coding standards, rector --- src/Controllers/OAuthController.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Controllers/OAuthController.php b/src/Controllers/OAuthController.php index fad930c..6652d8b 100644 --- a/src/Controllers/OAuthController.php +++ b/src/Controllers/OAuthController.php @@ -13,6 +13,7 @@ namespace Datamweb\ShieldOAuth\Controllers; +use Throwable; use App\Controllers\BaseController; use CodeIgniter\HTTP\RedirectResponse; use CodeIgniter\Shield\Entities\User; @@ -108,8 +109,8 @@ public function callBack(): RedirectResponse try { $userid = $users->insert($entitiesUser); - } catch (\Throwable $th) { - //If the insert fails due to a duplicate key entry, see the log message for audit. + } catch (Throwable $th) { + // If the insert fails due to a duplicate key entry, see the log message for audit. return redirect()->to(config('Auth')->logoutRedirect())->with('error', lang('ShieldOAuthLang.Callback.account_disabled')); } From 584c6164d74506ed6b6ea76ef1380989fe5cc827 Mon Sep 17 00:00:00 2001 From: warcooft Date: Sun, 6 Oct 2024 19:48:46 +0700 Subject: [PATCH 3/3] respect coding standards, rector --- src/Controllers/OAuthController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controllers/OAuthController.php b/src/Controllers/OAuthController.php index 6652d8b..b005c4c 100644 --- a/src/Controllers/OAuthController.php +++ b/src/Controllers/OAuthController.php @@ -13,12 +13,12 @@ namespace Datamweb\ShieldOAuth\Controllers; -use Throwable; use App\Controllers\BaseController; use CodeIgniter\HTTP\RedirectResponse; use CodeIgniter\Shield\Entities\User; use CodeIgniter\Shield\Models\LoginModel; use Datamweb\ShieldOAuth\Libraries\Basic\ControllersInterface; +use Throwable; class OAuthController extends BaseController implements ControllersInterface {