kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-18 18:44:16 +00:00
Code Issues Projects Releases Wiki Activity

Fix #3586

Browse Source
This commit is contained in:
James Cole
2020-08-14 09:59:56 +02:00
parent 3dc1050929
commit d4029775ec
8 changed files with 85 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Controllers/Auth/ConfirmPasswordController.php
View File

@@ -24,6 +24,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ConfirmsPasswords;
@@ -62,5 +63,12 @@ class ConfirmPasswordController extends Controller
{
parent::__construct();
$this->middleware('auth');
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
}

8
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@@ -23,6 +23,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Repositories\User\UserRepositoryInterface;
use FireflyIII\User;
@@ -51,6 +52,13 @@ class ForgotPasswordController extends Controller
{
parent::__construct();
$this->middleware('guest');
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
/**

13
app/Http/Controllers/Auth/LoginController.php
View File

@@ -24,6 +24,7 @@ namespace FireflyIII\Http\Controllers\Auth;
use Adldap;
use DB;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Providers\RouteServiceProvider;
use Illuminate\Contracts\View\Factory;
@@ -65,6 +66,13 @@ class LoginController extends Controller
{
parent::__construct();
$this->middleware('guest')->except('logout');
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
@@ -73,9 +81,9 @@ class LoginController extends Controller
*
* @param Request $request
*
* @throws ValidationException
* @return RedirectResponse|\Illuminate\Http\Response|JsonResponse
*
* @throws ValidationException
*/
public function login(Request $request)
{
@@ -133,7 +141,6 @@ class LoginController extends Controller
return redirect(route('register')); // @codeCoverageIgnore
}
// is allowed to?
$singleUserMode = app('fireflyconfig')->get('single_user_mode', config('firefly.configuration.single_user_mode'))->data;
$allowRegistration = true;
@@ -162,9 +169,9 @@ class LoginController extends Controller
*
* @param Request $request
*
* @throws ValidationException
* @return Response
*
* @throws ValidationException
*/
protected function sendFailedLoginResponse(Request $request)
{

8
app/Http/Controllers/Auth/RegisterController.php
View File

@@ -24,6 +24,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Events\RegisteredUser;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Support\Http\Controllers\CreateStuff;
use FireflyIII\Support\Http\Controllers\RequestInformation;
@@ -63,6 +64,13 @@ class RegisterController extends Controller
{
parent::__construct();
$this->middleware('guest');
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
/**

10
app/Http/Controllers/Auth/ResetPasswordController.php
View File

@@ -23,6 +23,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User;
use Illuminate\Contracts\View\Factory;
@@ -60,6 +61,13 @@ class ResetPasswordController extends Controller
{
parent::__construct();
$this->middleware('guest');
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
/**
@@ -67,9 +75,9 @@ class ResetPasswordController extends Controller
*
* @param Request $request
*
* @return Factory|JsonResponse|RedirectResponse|View
* @throws \Illuminate\Validation\ValidationException
*
* @return Factory|JsonResponse|RedirectResponse|View
*/
public function reset(Request $request)
{

16
app/Http/Controllers/Auth/TwoFactorController.php
View File

@@ -22,6 +22,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User;
use Illuminate\Http\RedirectResponse;
@@ -35,6 +36,21 @@ use Preferences;
*/
class TwoFactorController extends Controller
{
/**
* Create a new controller instance.
*/
public function __construct()
{
parent::__construct();
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
throw new FireflyException('Using external identity provider. Cannot continue.');
}
}
/**
* What to do if 2FA lost?
*

25
app/Http/Controllers/ProfileController.php
View File

@@ -82,6 +82,7 @@ class ProfileController extends Controller
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
$this->externalIdentity = 'eloquent' !== $loginProvider || 'web' !== $authGuard;
$this->externalIdentity = true;
$this->middleware(IsDemoUser::class)->except(['index']);
}
@@ -222,9 +223,9 @@ class ProfileController extends Controller
* @param UserRepositoryInterface $repository
* @param string $token
*
* @throws FireflyException
* @return RedirectResponse|Redirector
*
* @throws FireflyException
*/
public function confirmEmailChange(UserRepositoryInterface $repository, string $token)
{
@@ -338,10 +339,13 @@ class ProfileController extends Controller
public function index()
{
/** @var User $user */
$user = auth()->user();
$loginProvider = config('firefly.login_provider');
// check if client token thing exists (default one)
$count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
$user = auth()->user();
$externalIdentity = $this->externalIdentity;
$count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
$subTitle = $user->email;
$userId = $user->id;
$enabled2FA = null !== $user->mfa_secret;
$mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
$this->createOAuthKeys();
@@ -350,19 +354,14 @@ class ProfileController extends Controller
$repository = app(ClientRepository::class);
$repository->createPersonalAccessClient(null, config('app.name') . ' Personal Access Client', 'http://localhost');
}
$subTitle = $user->email;
$userId = $user->id;
$enabled2FA = null !== $user->mfa_secret;
$mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
// get access token or create one.
$accessToken = app('preferences')->get('access_token', null);
if (null === $accessToken) {
$token = $user->generateAccessToken();
$accessToken = app('preferences')->set('access_token', $token);
}
return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'loginProvider'));
return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'externalIdentity'));
}
/**
@@ -381,7 +380,7 @@ class ProfileController extends Controller
$recoveryCodes = $recovery->lowercase()
->setCount(8) // Generate 8 codes
->setBlocks(2) // Every code must have 7 blocks
->setChars(6) // Each block must have 16 chars
->setChars(6) // Each block must have 16 chars
->toArray();
$codes = implode("\r\n", $recoveryCodes);
@@ -583,9 +582,9 @@ class ProfileController extends Controller
* @param string $token
* @param string $hash
*
* @throws FireflyException
* @return RedirectResponse|Redirector
*
* @throws FireflyException
*/
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
{

51
resources/views/v1/profile/index.twig
View File

@@ -18,12 +18,14 @@
<li role="presentation">
<a href="#cmd" aria-controls="profile" role="tab" data-toggle="tab">{{ 'command_line_token'|_ }}</a>
</li>
{% if false == externalIdentity %}
<li role="presentation">
<a href="#oauth" aria-controls="messages" role="tab" data-toggle="tab">{{ 'oauth'|_ }}</a>
</li>
<li role="presentation">
<a href="#mfa" aria-controls="settings" role="tab" data-toggle="tab">{{ 'pref_two_factor_auth'|_ }}</a>
</li>
{% endif %}
<li role="presentation">
<a href="#delete" aria-controls="settings" role="tab" data-toggle="tab">{{ 'delete_stuff_header'|_ }}</a>
</li>
@@ -40,19 +42,24 @@
<div class="row">
<div class="col-lg-6">
<ul>
{% if false == externalIdentity %}
<li>
<a href="{{ route('profile.change-email') }}">{{ 'change_your_email'|_ }}</a>
</li>
<li>
<a href="{{ route('profile.change-password') }}">{{ 'change_your_password'|_ }}</a>
</li>
{% endif %}
<li><a href="{{ route('logout') }}">{{ 'logout'|_ }}</a></li>
{% if false == externalIdentity %}
<li>
<a href="{{ route('profile.logout-others') }}">{{ 'logout_other_sessions'|_ }}</a>
</li>
<li><a class="text-danger"
href="{{ route('profile.delete-account') }}">{{ 'delete_account'|_ }}</a>
</li>
{% endif %}
</ul>
</div>
</div>
@@ -60,11 +67,6 @@
</div>
</div>
<!-- OAuth -->
<div role="tabpanel" class="tab-pane" id="oauth">
<div id="passport_clients"></div>
</div>
<!-- command line options -->
<div role="tabpanel" class="tab-pane" id="cmd">
<div class="box box-default">
@@ -91,6 +93,12 @@
</div>
</div>
{% if false == externalIdentity %}
<!-- OAuth -->
<div role="tabpanel" class="tab-pane" id="oauth">
<div id="passport_clients"></div>
</div>
<!-- MFA -->
<div role="tabpanel" class="tab-pane" id="mfa">
<div class="box box-default">
@@ -124,6 +132,7 @@
</div>
</div>
</div>
{% endif %}
<!-- delete stuff -->
<div role="tabpanel" class="tab-pane" id="delete">
@@ -246,38 +255,6 @@
</div>
</div>
{#
<!-- all tabs -->
<!-- command line opt -->
</div>
</div>
</div>
#}
<div class="row">
<div class="col-lg-8 col-lg-offset-2 col-md-12 col-sm-12">
</div>
</div>
<div class="row">
<div class="col-lg-8 col-lg-offset-2 col-md-12 col-sm-12">
</div>
</div>
{# #}
{% endblock %}
{% block scripts %}
<script type="text/javascript" nonce="{{ JS_NONCE }}">