improved force verify, added login recaptcha

+ removed store when paypal isn't set-up correctly

app/Http/Controllers/Auth/LoginController.php

@@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use App\Providers\RouteServiceProvider;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
+use Illuminate\Http\Request;
 
 class LoginController extends Controller
 {
@@ -37,4 +38,34 @@ class LoginController extends Controller
     {
         $this->middleware('guest')->except('logout');
     }
+
+    public function login(Request $request)
+    {
+        $request->validate([
+            $this->username()      => 'required|string',
+            'password'             => 'required|string',
+            'g-recaptcha-response' => ['required','recaptcha'],
+        ]);
+
+        // If the class is using the ThrottlesLogins trait, we can automatically throttle
+        // the login attempts for this application. We'll key this by the username and
+        // the IP address of the client making these requests into this application.
+        if (method_exists($this, 'hasTooManyLoginAttempts') &&
+            $this->hasTooManyLoginAttempts($request)) {
+            $this->fireLockoutEvent($request);
+
+            return $this->sendLockoutResponse($request);
+        }
+
+        if ($this->attemptLogin($request)) {
+            return $this->sendLoginResponse($request);
+        }
+
+        // If the login attempt was unsuccessful we will increment the number of attempts
+        // to login and redirect the user back to the login form. Of course, when this
+        // user surpasses their maximum number of attempts they will get locked out.
+        $this->incrementLoginAttempts($request);
+
+        return $this->sendFailedLoginResponse($request);
+    }
 }

app/Http/Controllers/ProfileController.php

@@ -20,7 +20,8 @@ class ProfileController extends Controller
         return view('profile.index')->with([
             'user' => Auth::user(),
             'credits_reward_after_verify_discord' => Configuration::getValueByKey('CREDITS_REWARD_AFTER_VERIFY_DISCORD'),
-            'discord_verify_command' => Configuration::getValueByKey('DISCORD_VERIFY_COMMAND')
+            'force_email_verification' => Configuration::getValueByKey('FORCE_EMAIL_VERIFICATION'),
+            'force_discord_verification' => Configuration::getValueByKey('FORCE_DISCORD_VERIFICATION'),
         ]);
     }
 

resources/views/auth/login.blade.php

@@ -54,6 +54,15 @@
                         @enderror
                     </div>
 
+                    <div class="input-group mb-3">
+                        {!! htmlFormSnippet() !!}
+                        @error('g-recaptcha-response')
+                        <span class="text-danger" role="alert">
+                                <small><strong>{{ $message }}</strong></small>
+                            </span>
+                        @enderror
+                    </div>
+
                     <div class="row">
                         <div class="col-8">
                             <div class="icheck-primary">

resources/views/layouts/main.blade.php

@@ -96,7 +96,8 @@
                             Log back in
                         </a>
                     @endif
-                    <a class="dropdown-item" data-toggle="modal" data-target="#redeemVoucherModal" href="javascript:void(0)">
+                    <a class="dropdown-item" data-toggle="modal" data-target="#redeemVoucherModal"
+                       href="javascript:void(0)">
                         <i class="fas fa-money-check-alt fa-sm fa-fw mr-2 text-gray-400"></i>
                         Redeem code
                     </a>
@@ -150,13 +151,15 @@
                         </a>
                     </li>
 
-                    <li class="nav-item">
-                        <a href="{{route('store.index')}}"
-                           class="nav-link @if(Request::routeIs('store.*') || Request::routeIs('checkout')) active @endif">
-                            <i class="nav-icon fa fa-coins"></i>
-                            <p>Store</p>
-                        </a>
-                    </li>
+                    @if(env('PAYPAL_SECRET') && env('PAYPAL_CLIENT_ID') || env('APP_ENV', 'local') == 'local')
+                        <li class="nav-item">
+                            <a href="{{route('store.index')}}"
+                               class="nav-link @if(Request::routeIs('store.*') || Request::routeIs('checkout')) active @endif">
+                                <i class="nav-icon fa fa-coins"></i>
+                                <p>Store</p>
+                            </a>
+                        </li>
+                    @endif
 
                     @if(Auth::user()->role == 'admin')
                         <li class="nav-header">Admin</li>
@@ -290,7 +293,7 @@
     <div class="content-wrapper">
 
         @if(!Auth::user()->hasVerifiedEmail())
-            @if(Auth::user()->created_at->diffInHours(now(), false) > 2)
+            @if(Auth::user()->created_at->diffInHours(now(), false) > 1)
                 <div class="alert alert-warning p-2 m-2">
                     <h5><i class="icon fas fa-exclamation-circle"></i> Warning!</h5>
                     You have not yet verified your email address <a class="text-primary"

resources/views/profile/index.blade.php

@@ -25,7 +25,33 @@
         <div class="container-fluid">
 
             <div class="row">
-                <div class="col-lg-4">
+                <div class="col-lg-12 px-0">
+                    @if(!Auth::user()->hasVerifiedEmail() && strtolower($force_email_verification) == 'true')
+                        <div class="alert alert-warning p-2 m-2">
+                            <h5><i class="icon fas fa-exclamation-circle"></i>Required Email verification!</h5>
+                            You have not yet verified your email address
+                            <a class="text-primary" href="{{route('verification.send')}}">Click here to resend
+                                verification email</a> <br>
+                            Please contact support If you didn't receive your verification email.
+                        </div>
+                    @endif
+
+                    @if(is_null(Auth::user()->discordUser) && strtolower($force_discord_verification) == 'true')
+                        @if(!empty(env('DISCORD_CLIENT_ID')) && !empty(env('DISCORD_CLIENT_SECRET')))
+                            <div class="alert alert-warning p-2 m-2">
+                                <h5><i class="icon fas fa-exclamation-circle"></i>Required Discord verification!</h5>
+                                You have not yet verified your discord account
+                                <a class="text-primary" href="{{route('auth.redirect')}}">Login with discord</a> <br>
+                                Please contact support If you face any issues.
+                            </div>
+                        @else
+                            <div class="alert alert-danger p-2 m-2">
+                                <h5><i class="icon fas fa-exclamation-circle"></i>Required Discord verification!</h5>
+                                Due to system settings you are required to verify your discord account! <br>
+                                It looks like this hasn't been set-up correctly! Please contact support.
+                            </div>
+                        @endif
+                    @endif
 
                 </div>
             </div>
@@ -50,7 +76,14 @@
                                 <div class="col d-flex flex-column flex-sm-row justify-content-between mb-3">
                                     <div class="text-center text-sm-left mb-2 mb-sm-0"><h4
                                             class="pt-sm-2 pb-1 mb-0 text-nowrap">{{$user->name}}</h4>
-                                        <p class="mb-0">{{$user->email}}</p>
+                                        <p class="mb-0">{{$user->email}}
+                                            @if($user->hasVerifiedEmail())
+                                                <i data-toggle="popover" data-trigger="hover" data-content="Verified" class="text-success fas fa-check-circle"></i>
+                                            @else
+                                                <i data-toggle="popover" data-trigger="hover" data-content="Not verified" class="text-danger fas fa-exclamation-circle"></i>
+                                            @endif
+
+                                        </p>
                                         <div class="mt-1">
                                             <span class="badge badge-primary"><i class="fa fa-coins mr-2"></i>{{$user->Credits()}}</span>
                                         </div>