Return false on LDAP authentication failure

stevebauman · stevebauman · commit d3a29edfa958 · 2017-11-17T09:19:53.000-05:00
diff --git a/src/Auth/DatabaseUserProvider.php b/src/Auth/DatabaseUserProvider.php
@@ -121,31 +121,33 @@ public function retrieveByCredentials(array $credentials)
      */
     public function validateCredentials(Authenticatable $model, array $credentials)
     {
-        // We'll check if we have an LDAP user, and then make sure
-        // they pass authentication before going further.
-        if (
-            $this->user instanceof User &&
-            Resolver::authenticate($this->user, $credentials)
-        ) {
-            Event::fire(new AuthenticatedWithCredentials($this->user, $model));
-
-            // Here we will perform authorization on the LDAP user. If all
-            // validation rules pass, we will allow the authentication
-            // attempt. Otherwise, it is automatically rejected.
-            if ($this->passesValidation($this->user, $model)) {
-                // Here we can now synchronize / set the users password since
-                // they have successfully passed authentication
-                // and our validation rules.
-                Bus::dispatch(new SyncPassword($model, $credentials));
-
-                $model->save();
-
-                Event::fire(new AuthenticationSuccessful($this->user));
-
-                return true;
+        if ($this->user instanceof User) {
+            // If an LDAP user was discovered, we can go
+            // ahead and try to authenticate them.
+            if (Resolver::authenticate($this->user, $credentials)) {
+                Event::fire(new AuthenticatedWithCredentials($this->user, $model));
+
+                // Here we will perform authorization on the LDAP user. If all
+                // validation rules pass, we will allow the authentication
+                // attempt. Otherwise, it is automatically rejected.
+                if ($this->passesValidation($this->user, $model)) {
+                    // Here we can now synchronize / set the users password since
+                    // they have successfully passed authentication
+                    // and our validation rules.
+                    Bus::dispatch(new SyncPassword($model, $credentials));
+
+                    $model->save();
+
+                    Event::fire(new AuthenticationSuccessful($this->user));
+
+                    return true;
+                }
+
+                Event::fire(new AuthenticationRejected($this->user));
             }
 
-            Event::fire(new AuthenticationRejected($this->user));
+            // LDAP Authentication failed.
+            return false;
         }
 
         if ($this->isFallingBack() && $model->exists) {
