/**
* Checks if the user is authorized to login to administration section.
*
* @param AuthorizeEvent $event
* @throws AuthException
*/
public function onAuthorize(AuthorizeEvent $event)
{
if (strpos(App::request()->get('redirect'), App::url('@system', [], true)) === 0 && !$event->getUser()->hasAccess('system: access admin area')) {
throw new AuthException(__('You do not have access to the administration area of this site.'));
}
}
/**
* Blocks users that are either not activated or blocked.
*
* @param AuthorizeEvent $event
* @throws AuthException
*/
public function onAuthorize(AuthorizeEvent $event)
{
if ($event->getUser()->isBlocked()) {
throw new AuthException($event->getUser()->login ? __('Your account is blocked.') : __('Your account has not been activated.'));
}
}