protect routes

app/Http/Controllers/AccountController.php

@@ -86,7 +86,7 @@ class AccountController extends BaseController
 
         }
 
-        if ($request->has('hash') && config('ninja.cloudflare.turnstile.secret')) { //@todo once all platforms are implemented, we disable access to the rest of this route without a success response.
+        if ($request->has('hash') && config('ninja.cloudflare.turnstile.secret')) { 
             
             if (Secure::decrypt($request->input('hash')) !== $request->input('email')) {
                 return response()->json(['message' => 'Invalid Signup Payload'], 400);

app/Http/Controllers/ConnectedAccountController.php

@@ -111,7 +111,7 @@ class ConnectedAccountController extends BaseController
             nlog("microsoft");
             nlog($email);
 
-            if (auth()->user()->email != $email && MultiDB::checkUserEmailExists($email)) {
+            if (strtolower(auth()->user()->email) != strtolower($email) && MultiDB::checkUserEmailExists(strtolower($email))) {
                 return response()->json(['message' => ctrans('texts.email_already_register')], 400);
             }
 

app/Http/Requests/Account/CreateAccountRequest.php

@@ -62,7 +62,7 @@ class CreateAccountRequest extends Request
     public function prepareForValidation()
     {
 
-        nlog(array_merge(['signup' => 'true', 'ipaddy' => request()->ip()], $this->all()));
+        nlog(array_merge(['signup' => 'true', 'ipaddy' => request()->ip(), 'headers' => request()->headers->all()], $this->all()));
 
         $input = $this->all();
 

routes/api.php

@@ -514,3 +514,7 @@ Route::get('/health', function () {
         'message' => 'API is healthy',
     ]);
 })->middleware('throttle:20,1');
+
+Route::get('/api/v1/signup/protect', function () {
+    return response()->json(['status' => 'ok']);
+})->middleware('throttle:10,1');