diff --git a/app/Http/Controllers/Budget/EditController.php b/app/Http/Controllers/Budget/EditController.php index e72561074e..66cb21d983 100644 --- a/app/Http/Controllers/Budget/EditController.php +++ b/app/Http/Controllers/Budget/EditController.php @@ -40,10 +40,8 @@ use Illuminate\View\View; */ class EditController extends Controller { - /** @var AttachmentHelperInterface Helper for attachments. */ - private $attachments; - /** @var BudgetRepositoryInterface The budget repository */ - private $repository; + private AttachmentHelperInterface $attachments; + private BudgetRepositoryInterface $repository; /** * EditController constructor. diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 9b91bcd373..51e0dc48f9 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -178,13 +178,15 @@ class Kernel extends HttpKernel CreateFreshApiToken::class, ], + // full API authentication 'api' => [ AcceptHeaders::class, EnsureFrontendRequestsAreStateful::class, 'auth:api,sanctum', 'bindings', ], - 'apiY' => [ + // do only bindings, no auth + 'api_basic' => [ 'bindings', ], ]; diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php index 0a346826ea..743eb9b283 100644 --- a/app/Http/Middleware/Authenticate.php +++ b/app/Http/Middleware/Authenticate.php @@ -29,8 +29,8 @@ use FireflyIII\Exceptions\FireflyException; use FireflyIII\User; use Illuminate\Auth\AuthenticationException; use Illuminate\Contracts\Auth\Factory as Auth; -use Illuminate\Database\QueryException; use Illuminate\Http\Request; +use Log; /** * Class Authenticate @@ -87,13 +87,22 @@ class Authenticate */ protected function authenticate($request, array $guards) { + Log::debug(sprintf('Now in %s', __METHOD__)); if (0 === count($guards)) { - try { - // go for default guard: - if ($this->auth->check()) { - // do an extra check on user object. - /** @var User $user */ - $user = $this->auth->authenticate(); // @phpstan-ignore-line (thinks function returns void) + Log::debug('No guards present.'); + // go for default guard: + /** @noinspection PhpUndefinedMethodInspection */ + if ($this->auth->check()) { + Log::debug('Default guard says user is authenticated.'); + // do an extra check on user object. + /** @noinspection PhpUndefinedMethodInspection */ + /** @var User $user */ + $user = $this->auth->authenticate(); + if (null === $user) { + Log::warning('User is null, throw exception?'); + } + if (null !== $user) { + Log::debug(get_class($user)); if (1 === (int)$user->blocked) { $message = (string)trans('firefly.block_account_logout'); if ('email_changed' === $user->blocked_code) { @@ -105,20 +114,11 @@ class Authenticate throw new AuthenticationException('Blocked account.', $guards); } } - } catch (QueryException $e) { - throw new FireflyException( - sprintf( - 'It seems the database has not yet been initialized. Did you run the correct upgrade or installation commands? Error: %s', - $e->getMessage() - ), - 0, - $e - ); } return $this->auth->authenticate(); // @phpstan-ignore-line (thinks function returns void) } - + Log::debug('Guard array is not empty.'); foreach ($guards as $guard) { if ($this->auth->guard($guard)->check()) { diff --git a/app/Models/Account.php b/app/Models/Account.php index 4ae11fdcc6..8f94933839 100644 --- a/app/Models/Account.php +++ b/app/Models/Account.php @@ -27,6 +27,7 @@ use Carbon\Carbon; use Eloquent; use FireflyIII\User; use Illuminate\Database\Eloquent\Builder as EloquentBuilder; +use Illuminate\Database\Eloquent\Casts\Attribute; use Illuminate\Database\Eloquent\Collection; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Model; @@ -291,4 +292,16 @@ class Account extends Model { return $this->hasMany(Transaction::class); } + + /** + * Get the virtual balance + * + * @return Attribute + */ + protected function virtualBalance(): Attribute + { + return Attribute::make( + get: fn($value) => (string) $value, + ); + } } diff --git a/app/Models/AutoBudget.php b/app/Models/AutoBudget.php index aef874b847..c62ba4f2df 100644 --- a/app/Models/AutoBudget.php +++ b/app/Models/AutoBudget.php @@ -25,6 +25,7 @@ declare(strict_types=1); namespace FireflyIII\Models; use Eloquent; +use Illuminate\Database\Eloquent\Casts\Attribute; use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Relations\BelongsTo; use Illuminate\Database\Eloquent\SoftDeletes; @@ -86,4 +87,14 @@ class AutoBudget extends Model { return $this->belongsTo(TransactionCurrency::class); } + + /** + * @return Attribute + */ + protected function amount(): Attribute + { + return Attribute::make( + get: fn($value) => (string) $value, + ); + } } diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php index e72bf5eb69..c281dfb409 100644 --- a/app/Providers/RouteServiceProvider.php +++ b/app/Providers/RouteServiceProvider.php @@ -59,7 +59,7 @@ class RouteServiceProvider extends ServiceProvider ->group(base_path('routes/api.php')); Route::prefix('api/v1/cron') - ->middleware('apiY') + ->middleware('api_basic') ->namespace($this->namespace) ->group(base_path('routes/api-noauth.php')); diff --git a/app/Support/Authentication/RemoteUserGuard.php b/app/Support/Authentication/RemoteUserGuard.php index 46e63875a0..636bb0d6dd 100644 --- a/app/Support/Authentication/RemoteUserGuard.php +++ b/app/Support/Authentication/RemoteUserGuard.php @@ -30,6 +30,7 @@ use Illuminate\Contracts\Auth\Authenticatable; use Illuminate\Contracts\Auth\Guard; use Illuminate\Contracts\Auth\UserProvider; use Illuminate\Contracts\Foundation\Application; +use Illuminate\Http\Request; use Log; /** @@ -49,26 +50,40 @@ class RemoteUserGuard implements Guard */ public function __construct(UserProvider $provider, Application $app) { + /** @var Request $request */ + $request = $app->get('request'); + Log::debug(sprintf('Created RemoteUserGuard for "%s"', $request?->getRequestUri())); $this->application = $app; $this->provider = $provider; $this->user = null; } + /** + * @return bool + */ + public function viaRemember(): bool + { + Log::debug(sprintf('Now at %s', __METHOD__)); + return false; + } + /** * */ public function authenticate(): void { Log::debug(sprintf('Now at %s', __METHOD__)); - if (!is_null($this->user)) { - Log::debug('User is found.'); + if (null !== $this->user) { + Log::debug(sprintf('%s is found: #%d, "%s".', get_class($this->user), $this->user->id, $this->user->email)); return; } // Get the user identifier from $_SERVER or apache filtered headers $header = config('auth.guard_header', 'REMOTE_USER'); - $userID = request()->server($header) ?? apache_request_headers()[$header] ?? null; - + $userID = request()->server($header) ?? null; + if (function_exists('apache_request_headers')) { + $userID = request()->server($header) ?? apache_request_headers()[$header] ?? null; + } if (null === $userID) { Log::error(sprintf('No user in header "%s".', $header)); throw new FireflyException('The guard header was unexpectedly empty. See the logs.'); @@ -102,6 +117,8 @@ class RemoteUserGuard implements Guard */ public function guest(): bool { + Log::debug(sprintf('Now at %s', __METHOD__)); + $this->authenticate(); return !$this->check(); } @@ -110,6 +127,8 @@ class RemoteUserGuard implements Guard */ public function check(): bool { + Log::debug(sprintf('Now at %s', __METHOD__)); + $this->authenticate(); return !is_null($this->user()); } @@ -118,6 +137,8 @@ class RemoteUserGuard implements Guard */ public function user(): ?User { + Log::debug(sprintf('Now at %s', __METHOD__)); + $this->authenticate(); return $this->user; } @@ -126,7 +147,8 @@ class RemoteUserGuard implements Guard */ public function hasUser(): bool { - throw new FireflyException(sprintf('%s is not implemented', __METHOD__)); + Log::debug(sprintf('Now at %s', __METHOD__)); + // TODO: Implement hasUser() method. } /** @@ -134,6 +156,7 @@ class RemoteUserGuard implements Guard */ public function id(): ?User { + Log::debug(sprintf('Now at %s', __METHOD__)); return $this->user; } @@ -142,6 +165,7 @@ class RemoteUserGuard implements Guard */ public function setUser(Authenticatable $user) { + Log::debug(sprintf('Now at %s', __METHOD__)); $this->user = $user; } @@ -150,6 +174,7 @@ class RemoteUserGuard implements Guard */ public function validate(array $credentials = []) { + Log::debug(sprintf('Now at %s', __METHOD__)); throw new FireflyException('Did not implement RemoteUserGuard::validate()'); } } diff --git a/config/passport.php b/config/passport.php index b4b8f17603..55e2030517 100644 --- a/config/passport.php +++ b/config/passport.php @@ -15,7 +15,7 @@ return [ | */ - 'guard' => 'web', + 'guard' => envNonEmpty('AUTHENTICATION_GUARD', 'web'), /* |--------------------------------------------------------------------------