From c18e7e54b7b9fd8a6805c67ddf8fd9abc19211f3 Mon Sep 17 00:00:00 2001
From: Leonid Nikitin <i@kor-elf.net>
Date: Thu, 6 Jul 2023 19:52:39 +0600
Subject: [PATCH] Modified the Middleware Kernel to use a new method for
 request throttling that uses Redis and created a new middleware to ensure
 that user email is verified.

These changes allow for more efficient request throttling by utilizing Redis. The new EnsureUserIsVerified middleware improves security by validating that a user's email has been verified or if the user is active before granting access, returning a 403 error if the user fails these checks.
---
 app/Http/Kernel.php                          |  4 +-
 app/Http/Middleware/EnsureUserIsVerified.php | 43 ++++++++++++++++++++
 2 files changed, 45 insertions(+), 2 deletions(-)
 create mode 100644 app/Http/Middleware/EnsureUserIsVerified.php

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index c34cdcf..2173a97 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -61,7 +61,7 @@ class Kernel extends HttpKernel
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
         'signed' => \App\Http\Middleware\ValidateSignature::class,
-        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequestsWithRedis::class,
+        'verified' => \App\Http\Middleware\EnsureUserIsVerified::class,
     ];
 }
diff --git a/app/Http/Middleware/EnsureUserIsVerified.php b/app/Http/Middleware/EnsureUserIsVerified.php
new file mode 100644
index 0000000..1f81865
--- /dev/null
+++ b/app/Http/Middleware/EnsureUserIsVerified.php
@@ -0,0 +1,43 @@
+<?php declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\URL;
+
+final class EnsureUserIsVerified
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  string|null  $redirectToRoute
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse|null
+     */
+    public function handle($request, Closure $next, $redirectToRoute = null)
+    {
+        if (! $request->user()) {
+            return $request->expectsJson()
+                ? abort(403)
+                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
+        }
+
+
+        if ($request->user() instanceof MustVerifyEmail && ! $request->user()->hasVerifiedEmail()) {
+            return $request->expectsJson()
+                ? abort(403, 'Your email address is not verified.')
+                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
+        }
+
+        if ($request->user()->is_active === false) {
+            return $request->expectsJson()
+                ? abort(403, 'User disabled.')
+                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
+        }
+
+        return $next($request);
+    }
+}