diff --git a/.env.example b/.env.example index e07c635c51..f4d6e70857 100644 --- a/.env.example +++ b/.env.example @@ -179,11 +179,22 @@ AUTHENTICATION_GUARD=web # Some systems use X-Auth headers. In that case, use HTTP_X_AUTH_USERNAME or HTTP_X_AUTH_EMAIL # Depending on your system, REMOTE_USER may need to be changed to HTTP_REMOTE_USER # -# Firefly III won't be able to send emails when the header you use isn't an email address. -# AUTHENTICATION_GUARD_HEADER=REMOTE_USER -# Likewise, it's impossible to log out users who's authentication is handled by an external system. +# +# Firefly III uses email addresses as user identifiers. When you're using an external authentication guard +# that doesn't do this, Firefly III is incapable of emailing you. Messages sent to "Bill Gates" always fail. +# +# However, if you set this value, Firefly III will store the value from this header as the user's backup +# email address and use it to communicate. So user "Bill Gates" could still have +# the email address "bill@microsoft.com". +# +# Example value: AUTHENTICATION_GUARD_EMAIL=HTTP_X_AUTH_EMAIL +# +AUTHENTICATION_GUARD_EMAIL= + + +# It's impossible to log out users who's authentication is handled by an external system. # Enter a custom URL here that will force a logout (your authentication provider can tell you). # Setting this variable only works when AUTHENTICATION_GUARD != web # diff --git a/app/Handlers/Events/APIEventHandler.php b/app/Handlers/Events/APIEventHandler.php index 649dc9804c..16daaeb843 100644 --- a/app/Handlers/Events/APIEventHandler.php +++ b/app/Handlers/Events/APIEventHandler.php @@ -54,6 +54,12 @@ class APIEventHandler $email = $user->email; $ipAddress = Request::ip(); + // see if user has alternative email address: + $pref = app('preferences')->getForUser($user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + Log::debug(sprintf('Now in APIEventHandler::accessTokenCreated. Email is %s, IP is %s', $email, $ipAddress)); try { Log::debug('Trying to send message...'); diff --git a/app/Handlers/Events/AdminEventHandler.php b/app/Handlers/Events/AdminEventHandler.php index fe3cac633e..2cb8fea2a0 100644 --- a/app/Handlers/Events/AdminEventHandler.php +++ b/app/Handlers/Events/AdminEventHandler.php @@ -52,6 +52,12 @@ class AdminEventHandler $email = $event->user->email; $ipAddress = $event->ipAddress; + // see if user has alternative email address: + $pref = app('preferences')->getForUser($event->user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + Log::debug(sprintf('Now in sendTestMessage event handler. Email is %s, IP is %s', $email, $ipAddress)); try { Log::debug('Trying to send message...'); diff --git a/app/Handlers/Events/AutomationHandler.php b/app/Handlers/Events/AutomationHandler.php index bb2900524e..c3d2fe42d5 100644 --- a/app/Handlers/Events/AutomationHandler.php +++ b/app/Handlers/Events/AutomationHandler.php @@ -56,9 +56,19 @@ class AutomationHandler $repository = app(UserRepositoryInterface::class); $user = $repository->findNull($event->userId); if (null !== $user && 0 !== $event->groups->count()) { + + $email = $user->email; + + // see if user has alternative email address: + $pref = app('preferences')->getForUser($user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + + try { Log::debug('Trying to mail...'); - Mail::to($user->email)->send(new ReportNewJournalsMail($user->email, '127.0.0.1', $event->groups)); + Mail::to($user->email)->send(new ReportNewJournalsMail($email, '127.0.0.1', $event->groups)); // @codeCoverageIgnoreStart } catch (Exception $e) { Log::debug('Send message failed! :('); diff --git a/app/Handlers/Events/UserEventHandler.php b/app/Handlers/Events/UserEventHandler.php index 84106b85c3..2f1c3db8c4 100644 --- a/app/Handlers/Events/UserEventHandler.php +++ b/app/Handlers/Events/UserEventHandler.php @@ -184,6 +184,12 @@ class UserEventHandler $ipAddress = $event->ipAddress; $list = app('preferences')->getForUser($user, 'login_ip_history', [])->data; + // see if user has alternative email address: + $pref = app('preferences')->getForUser($user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + /** @var array $entry */ foreach ($list as $index => $entry) { if (false === $entry['notified']) { @@ -300,6 +306,12 @@ class UserEventHandler $uri = route('index'); $ipAddress = $event->ipAddress; + // see if user has alternative email address: + $pref = app('preferences')->getForUser($event->user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + // send email. try { Mail::to($email)->send(new RegisteredUserMail($uri, $ipAddress)); diff --git a/app/Http/Controllers/Admin/HomeController.php b/app/Http/Controllers/Admin/HomeController.php index e31e211102..2add59ac7e 100644 --- a/app/Http/Controllers/Admin/HomeController.php +++ b/app/Http/Controllers/Admin/HomeController.php @@ -59,8 +59,15 @@ class HomeController extends Controller Log::channel('audit')->info('User visits admin index.'); $title = (string) trans('firefly.administration'); $mainTitleIcon = 'fa-hand-spock-o'; + $email = auth()->user()->email; + $pref = app('preferences')->get('remote_guard_alt_email', null); + if(null !== $pref) { + $email = $pref->data; + } - return view('admin.index', compact('title', 'mainTitleIcon')); + + + return view('admin.index', compact('title', 'mainTitleIcon','email')); } /** diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php index 46f142a9ae..4a898d45e1 100644 --- a/app/Providers/EventServiceProvider.php +++ b/app/Providers/EventServiceProvider.php @@ -147,6 +147,12 @@ class EventServiceProvider extends ServiceProvider $email = $user->email; $ipAddress = Request::ip(); + // see if user has alternative email address: + $pref = app('preferences')->getForUser($user, 'remote_guard_alt_email', null); + if (null !== $pref) { + $email = $pref->data; + } + Log::debug(sprintf('Now in EventServiceProvider::registerCreateEvents. Email is %s, IP is %s', $email, $ipAddress)); try { Log::debug('Trying to send message...'); diff --git a/app/Support/Authentication/RemoteUserGuard.php b/app/Support/Authentication/RemoteUserGuard.php index 491922881e..c2b8f01ea8 100644 --- a/app/Support/Authentication/RemoteUserGuard.php +++ b/app/Support/Authentication/RemoteUserGuard.php @@ -78,6 +78,15 @@ class RemoteUserGuard implements Guard /** @var User $user */ $user = $this->provider->retrieveById($userID); + // store email address if present in header and not already set. + $header = config('auth.guard_email'); + $emailAddress = request()->server($header) ?? null; + $preference = app('preferences')->getForUser($user, 'remote_guard_alt_email', null); + + if (null !== $emailAddress && null === $preference && $emailAddress !== $userID) { + app('preferences')->setForUser($user, 'remote_guard_alt_email', $emailAddress); + } + Log::debug(sprintf('Result of getting user from provider: %s', $user->email)); $this->user = $user; } diff --git a/config/auth.php b/config/auth.php index 955f2fc96a..384373dc7a 100644 --- a/config/auth.php +++ b/config/auth.php @@ -38,6 +38,7 @@ return [ 'passwords' => 'users', ], 'guard_header' => envNonEmpty('AUTHENTICATION_GUARD_HEADER', 'REMOTE_USER'), + 'guard_email' => envNonEmpty('AUTHENTICATION_GUARD_EMAIL', null), /* |-------------------------------------------------------------------------- diff --git a/resources/views/v1/admin/index.twig b/resources/views/v1/admin/index.twig index dd2f1e0883..ce2b68f9c0 100644 --- a/resources/views/v1/admin/index.twig +++ b/resources/views/v1/admin/index.twig @@ -40,7 +40,7 @@

- {{ trans('firefly.send_test_email_text', {email:Auth.user.email})|raw }} + {{ trans('firefly.send_test_email_text', {email:email})|raw }}