Open
Conversation
partydragen
reviewed
Jun 9, 2025
| return; | ||
| } | ||
|
|
||
| Redirect::to(URL::build('/maintenance')); |
Member
There was a problem hiding this comment.
Should not send users to maintenance page thats just annoying, And alot of users like just to refresh site to see if maintenance is complete
Also makes uses lose any details they might have in the URL
partydragen
reviewed
Jun 9, 2025
| public array $exemptRoutes = [ | ||
| '/user/connections', | ||
| '/oauth', | ||
| '/user/settings', |
Member
There was a problem hiding this comment.
User should only be able to view /user/settings IF they are viewing enable_tfa
| return; | ||
| } | ||
|
|
||
| // Skip if AJAX request, such as Alert or PM checks |
Member
There was a problem hiding this comment.
Was well also to prevent the code from refreshing when user switch to next step as that refreshing the site
partydragen
requested changes
Jun 9, 2025
| { | ||
| public array $exemptRoutes = [ | ||
| '/logout', | ||
| '/user/settings' // Allow access to settings to enable TFA |
Member
There was a problem hiding this comment.
Same here, ONLY allow enable_tfa section,
Now user details is exposed can can be modifyed and can even disable 2fa without using 2fa to login
Member
|
Able to make modules add/modify exemptRoutes? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduces middleware system. I've implemented it in a few areas which are loaded globally and on the frontend which do redirects based on user/site state (maintenance mode, force TFA, etc). This helps us remove some global procedural code as we try to get to a cleaner internal state.