chore: Add PR's requested changes.

matiasperrone-exo · matiasperrone-exo · commit ca7db9e74b40 · 2026-05-20T15:48:32.000Z
- Add block to UserController@postLogin to avoid concurrency attacks
diff --git a/routes/web.php b/routes/web.php
@@ -49,7 +49,7 @@
             Route::group(array('prefix' => 'verification'), function () {
                 Route::post('resend', ['middleware' => ['csrf'], 'uses' => 'UserController@resendVerificationEmail']);
             });
-            Route::post('', ['middleware' => 'csrf', 'uses' => 'UserController@postLogin']);
+            Route::post('', ['middleware' => 'csrf', 'uses' => 'UserController@postLogin'])->block();
             Route::get('cancel', "UserController@cancelLogin");
             Route::group(array('prefix' => '{provider}'), function () {
                 Route::get('', 'SocialLoginController@redirect')->name("social_login");
