Logg out inactive users, and redirected them to the login page

src/Http/Controllers/Configuration/UserController.php

@@ -153,7 +153,20 @@ public function editUserAccountStatus(int $user_id)
     {
         $user = User::findOrFail($user_id);
 
-        $user->active = $user->active == false ? true : false;
+        if ($user->active == true){
+            $user->active = false;
+            event('security.log', [
+                'deactivated account for user ' . $user->name,
+                'userstatus',
+            ]);
+        } else {
+            $user->active = true;
+            event('security.log', [
+                'reactivated account for user ' . $user->name,
+                'userstatus',
+            ]);
+        }
+
         $user->save();
 
         return redirect()->back()

src/Http/Middleware/UserActive.php

@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * This file is part of SeAT
+ *
+ * Copyright (C) 2015 to present Leon Jacobs
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+namespace Seat\Web\Http\Middleware;
+
+use Closure;
+
+class UserActive
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     *
+     * @throws \Seat\Services\Exceptions\SettingException
+     */
+    public function handle($request, Closure $next)
+    {
+
+        if (! auth()->user()->isActive())
+            return redirect()->guest('auth/logout')
+                ->with('error', 'Account is administratively disabled.');
+
+        return $next($request);
+    }
+}

src/Http/routes.php

@@ -46,7 +46,7 @@
     // All routes from here require *at least* that the
     // user is authenticated. We also run the localization
     // related logic here for translation support.
-    Route::group(['middleware' => ['auth', 'locale']], function () {
+    Route::group(['middleware' => ['auth', 'locale', 'user.active']], function () {
 
         // The home route does not need any prefixes
         // and or namespacing modifications, so we will

src/Models/User.php

@@ -261,4 +261,14 @@ public function isAdmin(): bool
     {
         return $this->admin === true;
     }
+
+    /**
+     * Return whether the user is active or not.
+     *
+     * @return bool
+     */
+    public function isActive(): bool
+    {
+        return $this->active === true;
+    }
 }

src/WebServiceProvider.php

@@ -59,6 +59,7 @@
 use Seat\Web\Http\Middleware\Locale;
 use Seat\Web\Http\Middleware\RegistrationAllowed;
 use Seat\Web\Http\Middleware\Requirements;
+use Seat\Web\Http\Middleware\UserActive;
 use Seat\Web\Models\Squads\SquadMember;
 use Seat\Web\Models\Squads\SquadRole;
 use Seat\Web\Observers\CharacterAffiliationObserver;
@@ -275,6 +276,10 @@ private function add_middleware(Router $router)
         // Registration Middleware checks of the app is
         // allowing new user registration to occur.
         $router->aliasMiddleware('registration.status', RegistrationAllowed::class);
+
+        // UserActive Middleware checks if the user is active
+        // and redirects them to the login page if not.
+        $router->aliasMiddleware('user.active', UserActive::class);
     }
 
     /**