From 8604ed99ecc192cb70fa99f446c0c8f3fdd5206a Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Mon, 30 Mar 2015 12:43:55 +1030
Subject: [PATCH] Don't allow guests into the admin area

---
 .../Admin/Middleware/LoginWithCookieAndCheckAdmin.php | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/framework/core/src/Admin/Middleware/LoginWithCookieAndCheckAdmin.php b/framework/core/src/Admin/Middleware/LoginWithCookieAndCheckAdmin.php
index ab9338ab4..279ed4d8c 100644
--- a/framework/core/src/Admin/Middleware/LoginWithCookieAndCheckAdmin.php
+++ b/framework/core/src/Admin/Middleware/LoginWithCookieAndCheckAdmin.php
@@ -16,12 +16,11 @@ class LoginWithCookieAndCheckAdmin
     public function handle($request, Closure $next)
     {
         if (($token = $request->cookie('flarum_remember')) &&
-            ($accessToken = AccessToken::where('id', $token)->first())) {
-            $user = $accessToken->user;
-            if (! $user->isAdmin()) {
-                die('ur not an admin');
-            }
-            $this->actor->setUser($user);
+            ($accessToken = AccessToken::where('id', $token)->first()) &&
+            $accessToken->user->isAdmin()) {
+            $this->actor->setUser($accessToken->user);
+        } else {
+            die('ur not an admin');
         }
 
         return $next($request);