kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-25 06:51:08 +00:00
Code Issues Projects Releases Wiki Activity

First set of code for #461

Browse Source
This commit is contained in:
James Cole
2016-12-13 17:21:28 +01:00
parent 8a8279f97a
commit a9e57e1c34
14 changed files with 331 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
app/Events/BlockedBadLogin.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
/**
* BlockedBadLogin.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use Illuminate\Queue\SerializesModels;
/**
* Class LockedOutUser
*
* @package FireflyIII\Events
*/
class BlockedBadLogin extends Event
{
use SerializesModels;
public $email;
public $ipAddress;
/**
* Create a new event instance. This event is triggered when a user gets themselves locked out.
*
* @param string $email
* @param string $ipAddress
*/
public function __construct(string $email, string $ipAddress)
{
$this->email = $email;
$this->ipAddress = $ipAddress;
}
}

42
app/Events/BlockedUserLogin.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
/**
* BlockedUserLogin.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use FireflyIII\User;
use Illuminate\Queue\SerializesModels;
/**
* Class BlockedUserLogin
*
* @package FireflyIII\Events
*/
class BlockedUserLogin extends Event
{
use SerializesModels;
public $ipAddress;
public $user;
/**
* Create a new event instance. This event is triggered when a blocked user logs in.
*
* @param User $user
* @param string $ipAddress
*/
public function __construct(User $user, string $ipAddress)
{
$this->user = $user;
$this->ipAddress = $ipAddress;
}
}

41
app/Events/LockedOutUser.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
/**
* LockedOutUser.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use Illuminate\Queue\SerializesModels;
/**
* Class LockedOutUser
*
* @package FireflyIII\Events
*/
class LockedOutUser extends Event
{
use SerializesModels;
public $email;
public $ipAddress;
/**
* Create a new event instance. This event is triggered when a user gets themselves locked out.
*
* @param string $email
* @param string $ipAddress
*/
public function __construct(string $email, string $ipAddress)
{
$this->email = $email;
$this->ipAddress = $ipAddress;
}
}

106
app/Handlers/Events/UserEventHandler.php
View File

@@ -15,8 +15,11 @@ namespace FireflyIII\Handlers\Events;
use Exception; use Exception;
use FireflyConfig; use FireflyConfig;
use FireflyIII\Events\BlockedBadLogin;
use FireflyIII\Events\BlockedUserLogin;
use FireflyIII\Events\ConfirmedUser; use FireflyIII\Events\ConfirmedUser;
use FireflyIII\Events\DeletedUser; use FireflyIII\Events\DeletedUser;
use FireflyIII\Events\LockedOutUser;
use FireflyIII\Events\RegisteredUser; use FireflyIII\Events\RegisteredUser;
use FireflyIII\Events\RequestedNewPassword; use FireflyIII\Events\RequestedNewPassword;
use FireflyIII\Events\ResentConfirmation; use FireflyIII\Events\ResentConfirmation;
@@ -77,6 +80,109 @@ class UserEventHandler
return true; return true;
} }
/**
* @param BlockedBadLogin $event
*
* @return bool
*/
public function respondToBlockedBadLogin(BlockedBadLogin $event)
{
$email = $event->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_bad_login', config('firefly.configuration.mail_for_bad_login'));
Log::debug(sprintf('Now in respondToBlockedBadLogin for email address %s', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User %s tried to login with bad credentials.', $email));
return true;
}
// send email message:
try {
Mail::send(
['emails.blocked-bad-creds-html', 'emails.blocked-bad-creds-text'], ['email' => $email, 'ip' => $ipAddress], function (Message $message) use ($email) {
$message->to($email, $email)->subject('Blocked login attempt with bad credentials');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
return true;
}
/**
* @param BlockedUserLogin $event
*
* @return bool
*/
public function respondToBlockedUserLogin(BlockedUserLogin $event): bool
{
$user = $event->user;
$email = $user->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_blocked_login', config('firefly.configuration.mail_for_blocked_login'));
Log::debug(sprintf('Now in respondToBlockedUserLogin for email address %s', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User #%d (%s) has their accout blocked (blocked_code is "%s") but tried to login.', $user->id, $email, $user->blocked_code));
return true;
}
// send email message:
try {
Mail::send(
['emails.blocked-login-html', 'emails.blocked-login-text'],
[
'user_id' => $user->id,
'user_address' => $email,
'ip' => $ipAddress,
'code' => $user->blocked_code,
], function (Message $message) use ($email, $user) {
$message->to($email, $email)->subject('Blocked login attempt of blocked user');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
return true;
}
/**
* @param LockedOutUser $event
*
* @return bool
*/
public function respondToLockout(LockedOutUser $event): bool
{
$email = $event->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_lockout', config('firefly.configuration.mail_for_lockout'));
Log::debug(sprintf('Now in respondToLockout for email address %s', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User %s was locked out after too many invalid login attempts.', $email));
return true;
}
// send email message:
try {
Mail::send(
['emails.locked-out-html', 'emails.locked-out-text'], ['email' => $email, 'ip' => $ipAddress], function (Message $message) use ($email) {
$message->to($email, $email)->subject('User was locked out');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
return true;
}
/** /**
* @param DeletedUser $event * @param DeletedUser $event
* *

18
app/Http/Controllers/Admin/ConfigurationController.php
View File

@@ -62,7 +62,16 @@ class ConfigurationController extends Controller
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data; $mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
$isDemoSite = FireflyConfig::get('is_demo_site', config('firefly.configuration.is_demo_site'))->data; $isDemoSite = FireflyConfig::get('is_demo_site', config('firefly.configuration.is_demo_site'))->data;
return view('admin.configuration.index', compact('subTitle', 'subTitleIcon', 'singleUserMode', 'mustConfirmAccount', 'isDemoSite')); // email settings:
$sendErrorMessage = [
'mail_for_lockout' => FireflyConfig::get('mail_for_lockout', config('firefly.configuration.mail_for_lockout'))->data,
'mail_for_blocked_domain' => FireflyConfig::get('mail_for_blocked_domain', config('firefly.configuration.mail_for_blocked_domain'))->data,
'mail_for_blocked_email' => FireflyConfig::get('mail_for_blocked_email', config('firefly.configuration.mail_for_blocked_email'))->data,
'mail_for_bad_login' => FireflyConfig::get('mail_for_bad_login', config('firefly.configuration.mail_for_bad_login'))->data,
'mail_for_blocked_login' => FireflyConfig::get('mail_for_blocked_login', config('firefly.configuration.mail_for_blocked_login'))->data,
];
return view('admin.configuration.index', compact('subTitle', 'subTitleIcon', 'singleUserMode', 'mustConfirmAccount', 'isDemoSite', 'sendErrorMessage'));
} }
@@ -81,6 +90,13 @@ class ConfigurationController extends Controller
FireflyConfig::set('must_confirm_account', $data['must_confirm_account']); FireflyConfig::set('must_confirm_account', $data['must_confirm_account']);
FireflyConfig::set('is_demo_site', $data['is_demo_site']); FireflyConfig::set('is_demo_site', $data['is_demo_site']);
// email settings
FireflyConfig::set('mail_for_lockout', $data['mail_for_lockout']);
FireflyConfig::set('mail_for_blocked_domain', $data['mail_for_blocked_domain']);
FireflyConfig::set('mail_for_blocked_email', $data['mail_for_blocked_email']);
FireflyConfig::set('mail_for_bad_login', $data['mail_for_bad_login']);
FireflyConfig::set('mail_for_blocked_login', $data['mail_for_blocked_login']);
// flash message // flash message
Session::flash('success', strval(trans('firefly.configuration_updated'))); Session::flash('success', strval(trans('firefly.configuration_updated')));
Preferences::mark(); Preferences::mark();

46
app/Http/Controllers/Auth/LoginController.php
View File

@@ -14,15 +14,14 @@ namespace FireflyIII\Http\Controllers\Auth;
use Config; use Config;
use FireflyConfig; use FireflyConfig;
use FireflyIII\Events\BlockedBadLogin;
use FireflyIII\Events\BlockedUserLogin;
use FireflyIII\Events\LockedOutUser;
use FireflyIII\Http\Controllers\Controller; use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User; use FireflyIII\User;
use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Mail\Message;
use Lang; use Lang;
use Log;
use Mail;
use Swift_TransportException;
/** /**
* Class LoginController * Class LoginController
@@ -75,6 +74,8 @@ class LoginController extends Controller
if ($lockedOut) { if ($lockedOut) {
$this->fireLockoutEvent($request); $this->fireLockoutEvent($request);
event(new LockedOutUser($request->get('email'), $request->ip()));
return $this->sendLockoutResponse($request); return $this->sendLockoutResponse($request);
} }
@@ -90,10 +91,13 @@ class LoginController extends Controller
/** @var User $foundUser */ /** @var User $foundUser */
$foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first(); $foundUser = User::where('email', $credentials['email'])->where('blocked', 1)->first();
if (!is_null($foundUser)) { if (!is_null($foundUser)) {
// if it exists, show message: // user exists, but is blocked:
$code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked'; $code = strlen(strval($foundUser->blocked_code)) > 0 ? $foundUser->blocked_code : 'general_blocked';
$errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']])); $errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']]));
$this->reportBlockedUserLoginAttempt($foundUser, $code, $request->ip()); event(new BlockedUserLogin($foundUser, $request->ip()));
}
if (is_null($foundUser)) {
event(new BlockedBadLogin($credentials['email'], $request->ip()));
} }
// If the login attempt was unsuccessful we will increment the number of attempts // If the login attempt was unsuccessful we will increment the number of attempts
@@ -163,34 +167,4 @@ class LoginController extends Controller
] ]
); );
} }
/**
* Send a message home about the blocked attempt to login.
* Perhaps in a later stage, simply log these messages.
*
* @param User $user
* @param string $code
* @param string $ipAddress
*/
private function reportBlockedUserLoginAttempt(User $user, string $code, string $ipAddress)
{
try {
$email = env('SITE_OWNER', false);
$fields = [
'user_id' => $user->id,
'user_address' => $user->email,
'code' => $code,
'ip' => $ipAddress,
];
Mail::send(
['emails.blocked-login-html', 'emails.blocked-login-text'], $fields, function (Message $message) use ($email, $user) {
$message->to($email, $email)->subject('Blocked a login attempt from ' . trim($user->email) . '.');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
}
} }

10
app/Http/Requests/ConfigurationRequest.php
View File

@@ -39,6 +39,11 @@ class ConfigurationRequest extends Request
'single_user_mode' => intval($this->get('single_user_mode')) === 1, 'single_user_mode' => intval($this->get('single_user_mode')) === 1,
'must_confirm_account' => intval($this->get('must_confirm_account')) === 1, 'must_confirm_account' => intval($this->get('must_confirm_account')) === 1,
'is_demo_site' => intval($this->get('is_demo_site')) === 1, 'is_demo_site' => intval($this->get('is_demo_site')) === 1,
'mail_for_lockout' => intval($this->get('mail_for_lockout')) === 1,
'mail_for_blocked_domain' => intval($this->get('mail_for_blocked_domain')) === 1,
'mail_for_blocked_email' => intval($this->get('mail_for_blocked_email')) === 1,
'mail_for_bad_login' => intval($this->get('mail_for_bad_login')) === 1,
'mail_for_blocked_login' => intval($this->get('mail_for_blocked_login')) === 1,
]; ];
} }
@@ -51,6 +56,11 @@ class ConfigurationRequest extends Request
'single_user_mode' => 'between:0,1|numeric', 'single_user_mode' => 'between:0,1|numeric',
'must_confirm_account' => 'between:0,1|numeric', 'must_confirm_account' => 'between:0,1|numeric',
'is_demo_site' => 'between:0,1|numeric', 'is_demo_site' => 'between:0,1|numeric',
'mail_for_lockout' => 'between:0,1|numeric',
'mail_for_blocked_domain' => 'between:0,1|numeric',
'mail_for_blocked_email' => 'between:0,1|numeric',
'mail_for_bad_login' => 'between:0,1|numeric',
'mail_for_blocked_login' => 'between:0,1|numeric',
]; ];
return $rules; return $rules;

13
app/Providers/EventServiceProvider.php
View File

@@ -41,10 +41,23 @@ class EventServiceProvider extends ServiceProvider
[ [
'FireflyIII\Handlers\Events\UserEventHandler@storeConfirmationIpAddress', 'FireflyIII\Handlers\Events\UserEventHandler@storeConfirmationIpAddress',
], ],
'FireflyIII\Events\DeletedUser' => // is a User related event. 'FireflyIII\Events\DeletedUser' => // is a User related event.
[ [
'FireflyIII\Handlers\Events\UserEventHandler@saveEmailAddress', 'FireflyIII\Handlers\Events\UserEventHandler@saveEmailAddress',
], ],
'FireflyIII\Events\LockedOutUser' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToLockout',
],
'FireflyIII\Events\BlockedUserLogin' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToBlockedUserLogin',
],
'FireflyIII\Events\BlockedBadLogin' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToBlockedBadLogin',
],
'FireflyIII\Events\RegisteredUser' => // is a User related event. 'FireflyIII\Events\RegisteredUser' => // is a User related event.
[ [
'FireflyIII\Handlers\Events\UserEventHandler@sendRegistrationMail', 'FireflyIII\Handlers\Events\UserEventHandler@sendRegistrationMail',

5
config/firefly.php
View File

@@ -22,6 +22,11 @@ return [
'single_user_mode' => true, 'single_user_mode' => true,
'is_demo_site' => false, 'is_demo_site' => false,
'must_confirm_account' => false, 'must_confirm_account' => false,
'mail_for_lockout' => false,
'mail_for_blocked_domain' => false,
'mail_for_blocked_email' => false,
'mail_for_bad_login' => false,
'mail_for_blocked_login' => false,
], ],
'chart' => 'chartjs', 'chart' => 'chartjs',
'version' => '4.2.1', 'version' => '4.2.1',

21
resources/views/admin/configuration/index.twig
View File

@@ -53,6 +53,7 @@
</div> </div>
</div> </div>
</div> </div>
{# send email messages #}
<!-- configuration setting block --> <!-- configuration setting block -->
<!-- <!--
@@ -70,6 +71,26 @@
</div> </div>
--> -->
</div> </div>
<div class="row">
{# send email messages about stuff: #}
<div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">
<div class="box box-default">
<div class="box-header with-border">
<h3 class="box-title">{{ 'setting_send_email_notifications'|_ }}</h3>
</div>
<div class="box-body">
<p class="text-info">
{{ 'setting_send_email_explain'|_ }}
</p>
{{ ExpandedForm.checkbox('mail_for_lockout','1', sendErrorMessage.mail_for_lockout) }}
{{ ExpandedForm.checkbox('mail_for_blocked_domain','1', sendErrorMessage.mail_for_blocked_domain) }}
{{ ExpandedForm.checkbox('mail_for_blocked_email','1', sendErrorMessage.mail_for_blocked_email) }}
{{ ExpandedForm.checkbox('mail_for_bad_login','1', sendErrorMessage.mail_for_bad_login) }}
{{ ExpandedForm.checkbox('mail_for_blocked_login','1', sendErrorMessage.mail_for_blocked_login) }}
</div>
</div>
</div>
</div>
<div class="row"> <div class="row">
<div class="col-lg-4 col-md-6 col-sm-12 col-xs-12"> <div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">

5
resources/views/emails/blocked-bad-creds-html.twig Normal file
View File

@@ -0,0 +1,5 @@
{% include 'emails.header-html' %}
<p style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;">
Firefly III has just blocked a login from user with email "{{ email }}" because they supplied bad credentials.
</p>
{% include 'emails.footer-html' %}

3
resources/views/emails/blocked-bad-creds-text.twig Normal file
View File

@@ -0,0 +1,3 @@
{% include 'emails.header-text' %}
Firefly III has just blocked a login from user with email "{{ email }}" because they supplied bad credentials.
{% include 'emails.footer-text' %}

5
resources/views/emails/locked-out-html.twig Normal file
View File

@@ -0,0 +1,5 @@
{% include 'emails.header-html' %}
<p style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;">
Firefly III has just locked out somebody trying to login with email address {{ email }}.
</p>
{% include 'emails.footer-html' %}

3
resources/views/emails/locked-out-text.twig Normal file
View File

@@ -0,0 +1,3 @@
{% include 'emails.header-text' %}
Firefly III has just locked out somebody trying to login with email address {{ email }}.
{% include 'emails.footer-text' %}