kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-12 15:35:15 +00:00
Code Issues Projects Releases Wiki Activity

Fix https://github.com/firefly-iii/firefly-iii/issues/6788

Browse Source
This commit is contained in:
James Cole
2023-01-01 14:25:52 +01:00
parent c60120ac20
commit c3ce9e896e
5 changed files with 56 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Kernel.php
View File

@@ -176,12 +176,14 @@ class Kernel extends HttpKernel
CreateFreshApiToken::class,
],
// full API authentication
'api' => [
EnsureFrontendRequestsAreStateful::class,
'auth:api,sanctum',
'bindings',
],
'apiY' => [
// do only bindings, no auth
'api_basic' => [
'bindings',
],
];

27
app/Http/Middleware/Authenticate.php
View File

@@ -29,8 +29,8 @@ use FireflyIII\Exceptions\FireflyException;
use FireflyIII\User;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Auth\Factory as Auth;
use Illuminate\Database\QueryException;
use Illuminate\Http\Request;
use Log;
/**
* Class Authenticate
@@ -87,17 +87,22 @@ class Authenticate
*/
protected function authenticate($request, array $guards)
{
if (empty($guards)) {
try {
Log::debug(sprintf('Now in %s', __METHOD__));
if (0 === count($guards)) {
Log::debug('No guards present.');
// go for default guard:
/** @noinspection PhpUndefinedMethodInspection */
if ($this->auth->check()) {
Log::debug('Default guard says user is authenticated.');
// do an extra check on user object.
/** @noinspection PhpUndefinedMethodInspection */
/** @var User $user */
$user = $this->auth->authenticate();
if (null === $user) {
Log::warning('User is null, throw exception?');
}
if (null !== $user) {
Log::debug(get_class($user));
if (1 === (int)$user->blocked) {
$message = (string)trans('firefly.block_account_logout');
if ('email_changed' === $user->blocked_code) {
@@ -110,21 +115,12 @@ class Authenticate
throw new AuthenticationException('Blocked account.', $guards);
}
}
} catch (QueryException $e) {
throw new FireflyException(
sprintf(
'It seems the database has not yet been initialized. Did you run the correct upgrade or installation commands? Error: %s',
$e->getMessage()
), 0, $e
);
}
/** @noinspection PhpUndefinedMethodInspection */
return $this->auth->authenticate();
}
Log::debug('Guard array is not empty.');
foreach ($guards as $guard) {
if ($this->auth->guard($guard)->check()) {
@@ -134,6 +130,5 @@ class Authenticate
}
throw new AuthenticationException('Unauthenticated.', $guards);
}
}

2
app/Providers/RouteServiceProvider.php
View File

@@ -58,7 +58,7 @@ class RouteServiceProvider extends ServiceProvider
->group(base_path('routes/api.php'));
Route::prefix('api/v1/cron')
->middleware('apiY')
->middleware('api_basic')
->namespace($this->namespace)
->group(base_path('routes/api-noauth.php'));

28
app/Support/Authentication/RemoteUserGuard.php
View File

@@ -30,6 +30,7 @@ use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Contracts\Foundation\Application;
use Illuminate\Http\Request;
use Log;
/**
@@ -50,26 +51,37 @@ class RemoteUserGuard implements Guard
// @phpstan-ignore-next-line
public function __construct(UserProvider $provider, Application $app) // @phpstan-ignore-line
{
/** @var Request $request */
$request = $app->get('request');
Log::debug(sprintf('Created RemoteUserGuard for "%s"', $request?->getRequestUri()));
$this->application = $app;
$this->provider = $provider;
$this->user = null;
}
/**
* @return bool
*/
public function viaRemember(): bool {
Log::debug(sprintf('Now at %s', __METHOD__));
return false;
}
/**
*
*/
public function authenticate(): void
{
Log::debug(sprintf('Now at %s', __METHOD__));
if (!is_null($this->user)) {
Log::debug('User is found.');
if (null !== $this->user) {
Log::debug(sprintf('%s is found: #%d, "%s".', get_class($this->user), $this->user->id, $this->user->email));
return;
}
// Get the user identifier from $_SERVER or apache filtered headers
$header = config('auth.guard_header', 'REMOTE_USER');
$userID = request()->server($header) ?? apache_request_headers()[$header] ?? null;
$userID = 'james@firefly';
if (null === $userID) {
Log::error(sprintf('No user in header "%s".', $header));
throw new FireflyException('The guard header was unexpectedly empty. See the logs.');
@@ -103,6 +115,8 @@ class RemoteUserGuard implements Guard
*/
public function guest(): bool
{
Log::debug(sprintf('Now at %s', __METHOD__));
$this->authenticate();
return !$this->check();
}
@@ -111,6 +125,8 @@ class RemoteUserGuard implements Guard
*/
public function check(): bool
{
Log::debug(sprintf('Now at %s', __METHOD__));
$this->authenticate();
return !is_null($this->user());
}
@@ -119,6 +135,8 @@ class RemoteUserGuard implements Guard
*/
public function user(): ?User
{
Log::debug(sprintf('Now at %s', __METHOD__));
$this->authenticate();
return $this->user;
}
@@ -127,6 +145,7 @@ class RemoteUserGuard implements Guard
*/
public function hasUser()
{
Log::debug(sprintf('Now at %s', __METHOD__));
// TODO: Implement hasUser() method.
}
@@ -135,6 +154,7 @@ class RemoteUserGuard implements Guard
*/
public function id(): ?User
{
Log::debug(sprintf('Now at %s', __METHOD__));
return $this->user;
}
@@ -143,6 +163,7 @@ class RemoteUserGuard implements Guard
*/
public function setUser(Authenticatable $user)
{
Log::debug(sprintf('Now at %s', __METHOD__));
$this->user = $user;
}
@@ -151,6 +172,7 @@ class RemoteUserGuard implements Guard
*/
public function validate(array $credentials = [])
{
Log::debug(sprintf('Now at %s', __METHOD__));
throw new FireflyException('Did not implement RemoteUserGuard::validate()');
}
}

2
config/passport.php
View File

@@ -14,7 +14,7 @@ return [
|
*/
'guard' => 'web',
'guard' => envNonEmpty('AUTHENTICATION_GUARD', 'web'),
/*
|--------------------------------------------------------------------------