Replaced env() with config() to check environment variables

Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
snipe · Dec 16, 2021 · 6898119 · 6898119
1 parent a6116a1
commit 6898119
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
@@ -76,7 +76,7 @@ public function showLoginForm(Request $request)
 
  //If the environment is set to ALWAYS require SAML, go straight to the SAML route.
  //We don't need to check other settings, as this should override those.
- if((env("REQUIRE_SAML", false)))
+ if(config('REQUIRE_SAML'))
  {
  return redirect()->route('saml.login');
  }
@@ -209,7 +209,7 @@ private function loginViaRemoteUser(Request $request)
  public function login(Request $request)
  {
  //If the environment is set to ALWAYS require SAML, return access denied
- if((env("REQUIRE_SAML", false)))
+ if(config('REQUIRE_SAML'))
  {
  return view('errors.403');
  }

diff --git a/config/app.php b/config/app.php
@@ -255,9 +255,11 @@
  | Require SAML Login
  |--------------------------------------------------------------------------
  |
- | Disable the ability to login via form login, and require all logins to
- | process via SAML login. (If you are not using SAML, this option should
- | be left alone.)
+ | Disable the ability to login via form login, and disables the 'nosaml'
+ | workaround. It requires all logins to process via SAML login.
+ | (This is for high security setups. If your SAML configuration is not
+ | working, this option should be set to false. This option is not needed
+ | to successfully configure SAML authentication.)
  |
  */