From 895d5f2ebed6310df1ebe9d5eec0b7369e92afa3 Mon Sep 17 00:00:00 2001 From: Vincent Bitter Date: Fri, 15 Nov 2019 21:29:15 +0100 Subject: [PATCH 1/2] Check if variables are empty since they always exist --- app/Providers/AppServiceProvider.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index f364c2fb..42808288 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -72,7 +72,8 @@ class AppServiceProvider extends ServiceProvider explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); } if(!\Auth::check()) { - if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) + && !empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { $credentials = ['username' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']]; if (\Auth::attempt($credentials, true)) { From c43fc929f7b8c1463159dc00d4c52edc1961e2a7 Mon Sep 17 00:00:00 2001 From: Vincent Bitter Date: Fri, 15 Nov 2019 21:30:10 +0100 Subject: [PATCH 2/2] Do not try to login if user was not found --- app/Providers/AppServiceProvider.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 42808288..b0c9d64c 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -85,8 +85,10 @@ class AppServiceProvider extends ServiceProvider } elseif(isset($_SERVER['REMOTE_USER']) && !empty($_SERVER['REMOTE_USER'])) { $user = User::where('username', $_SERVER['REMOTE_USER'])->first(); - \Auth::login($user, true); - session(['current_user' => $user]); + if ($user) { + \Auth::login($user, true); + session(['current_user' => $user]); + } } }