Allow whitelisted users to be an array

Author: ivanvermeyen

config/stagefront.php

@@ -56,7 +56,7 @@
 
     /**
      * When using the database, you can limit access to specific users.
-     * Enter a string of comma separated logins, or null to allow all users.
+     * Enter aan array or string of comma separated logins, or null to allow all users.
      * For example: 'john@doe.io,jane@doe.io'
      *
      * Default: null
@@ -96,4 +96,5 @@
      * Default: []
      */
     'ignore_urls' => [],
+
 ];

src/Authenticators/DatabaseAuthenticator.php

@@ -77,12 +77,15 @@ protected function loginIsAllowed($login)
      */
     protected function getWhitelist()
     {
-        $whitelist = config('stagefront.database_whitelist', '');
-        $logins = explode(',', $whitelist) ?: [];
+        $whitelist = config('stagefront.database_whitelist', []);
+
+        if ( ! is_array($whitelist)) {
+            $whitelist = explode(',', $whitelist) ?: [];
+        }
 
         $logins = array_map(function ($login) {
             return trim($login);
-        }, $logins);
+        }, $whitelist);
 
         return array_filter($logins);
     }

tests/StageFrontTest.php

@@ -139,7 +139,7 @@ public function the_users_in_the_database_can_be_used_for_logging_in()
     }
 
     /** @test */
-    public function you_can_limit_which_database_users_have_access()
+    public function you_can_limit_which_database_users_have_access_using_a_comma_separated_string()
     {
         $this->loadLaravelMigrations(['--database' => 'testing']);
 
@@ -183,6 +183,51 @@ public function you_can_limit_which_database_users_have_access()
         ])->assertRedirect($this->url)->assertSessionHasErrors('password');
     }
 
+    /** @test */
+    public function you_can_limit_which_database_users_have_access_using_an_array()
+    {
+        $this->loadLaravelMigrations(['--database' => 'testing']);
+
+        User::create([
+            'name' => 'John Doe',
+            'email' => 'john@doe.io',
+            'password' => bcrypt('str0ng p4ssw0rd'),
+        ]);
+        User::create([
+            'name' => 'Jane Doe',
+            'email' => 'jane@doe.io',
+            'password' => bcrypt('str0ng p4ssw0rd'),
+        ]);
+        User::create([
+            'name' => 'Mr. Smith',
+            'email' => 'mr@smith.io',
+            'password' => bcrypt('str0ng p4ssw0rd'),
+        ]);
+
+        config()->set('stagefront.database', true);
+        config()->set('stagefront.database_whitelist', ['john@doe.io', ' jane@doe.io ']);
+        config()->set('stagefront.database_table', 'users');
+        config()->set('stagefront.database_login_field', 'email');
+        config()->set('stagefront.database_password_field', 'password');
+
+        $this->enableStageFront();
+
+        $this->setIntendedUrl('/page')->submitForm([
+            'login' => 'john@doe.io',
+            'password' => 'str0ng p4ssw0rd',
+        ])->assertRedirect('/page');
+
+        $this->setIntendedUrl('/page')->submitForm([
+            'login' => 'jane@doe.io',
+            'password' => 'str0ng p4ssw0rd',
+        ])->assertRedirect('/page');
+
+        $this->setIntendedUrl('/page')->submitForm([
+            'login' => 'mr@smith.io',
+            'password' => 'str0ng p4ssw0rd',
+        ])->assertRedirect($this->url)->assertSessionHasErrors('password');
+    }
+
     /** @test */
     public function urls_can_be_ignored_so_access_is_not_denied_by_stagefront()
     {