diff --git a/app/Http/Controllers/Auth/ConfirmPasswordController.php b/app/Http/Controllers/Auth/ConfirmPasswordController.php
index 73c1c4d13b..8aa2052f19 100644
--- a/app/Http/Controllers/Auth/ConfirmPasswordController.php
+++ b/app/Http/Controllers/Auth/ConfirmPasswordController.php
@@ -24,6 +24,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ConfirmsPasswords;
@@ -62,5 +63,12 @@ class ConfirmPasswordController extends Controller
{
parent::__construct();
$this->middleware('auth');
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
}
}
diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php
index a325c9181a..0d07994a36 100644
--- a/app/Http/Controllers/Auth/ForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ForgotPasswordController.php
@@ -23,6 +23,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Repositories\User\UserRepositoryInterface;
use FireflyIII\User;
@@ -51,6 +52,13 @@ class ForgotPasswordController extends Controller
{
parent::__construct();
$this->middleware('guest');
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
}
/**
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 9c610bc079..c6d59aa30e 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -24,6 +24,7 @@ namespace FireflyIII\Http\Controllers\Auth;
use Adldap;
use DB;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Providers\RouteServiceProvider;
use Illuminate\Contracts\View\Factory;
@@ -65,6 +66,13 @@ class LoginController extends Controller
{
parent::__construct();
$this->middleware('guest')->except('logout');
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
}
@@ -73,9 +81,9 @@ class LoginController extends Controller
*
* @param Request $request
*
- * @throws ValidationException
* @return RedirectResponse|\Illuminate\Http\Response|JsonResponse
*
+ * @throws ValidationException
*/
public function login(Request $request)
{
@@ -133,7 +141,6 @@ class LoginController extends Controller
return redirect(route('register')); // @codeCoverageIgnore
}
-
// is allowed to?
$singleUserMode = app('fireflyconfig')->get('single_user_mode', config('firefly.configuration.single_user_mode'))->data;
$allowRegistration = true;
@@ -162,9 +169,9 @@ class LoginController extends Controller
*
* @param Request $request
*
- * @throws ValidationException
* @return Response
*
+ * @throws ValidationException
*/
protected function sendFailedLoginResponse(Request $request)
{
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index a7d9f43a74..422e57073e 100644
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -24,6 +24,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Events\RegisteredUser;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Support\Http\Controllers\CreateStuff;
use FireflyIII\Support\Http\Controllers\RequestInformation;
@@ -63,6 +64,13 @@ class RegisterController extends Controller
{
parent::__construct();
$this->middleware('guest');
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
}
/**
diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
index bd7149a1e2..53a95040f6 100644
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -23,6 +23,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User;
use Illuminate\Contracts\View\Factory;
@@ -60,6 +61,13 @@ class ResetPasswordController extends Controller
{
parent::__construct();
$this->middleware('guest');
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
}
/**
@@ -67,9 +75,9 @@ class ResetPasswordController extends Controller
*
* @param Request $request
*
+ * @return Factory|JsonResponse|RedirectResponse|View
* @throws \Illuminate\Validation\ValidationException
*
- * @return Factory|JsonResponse|RedirectResponse|View
*/
public function reset(Request $request)
{
diff --git a/app/Http/Controllers/Auth/TwoFactorController.php b/app/Http/Controllers/Auth/TwoFactorController.php
index a0ed675119..c92049e828 100644
--- a/app/Http/Controllers/Auth/TwoFactorController.php
+++ b/app/Http/Controllers/Auth/TwoFactorController.php
@@ -22,6 +22,7 @@ declare(strict_types=1);
namespace FireflyIII\Http\Controllers\Auth;
+use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\User;
use Illuminate\Http\RedirectResponse;
@@ -35,6 +36,21 @@ use Preferences;
*/
class TwoFactorController extends Controller
{
+ /**
+ * Create a new controller instance.
+ */
+ public function __construct()
+ {
+ parent::__construct();
+
+ $loginProvider = config('firefly.login_provider');
+ $authGuard = config('firefly.authentication_guard');
+
+ if ('eloquent' !== $loginProvider || 'web' !== $authGuard) {
+ throw new FireflyException('Using external identity provider. Cannot continue.');
+ }
+ }
+
/**
* What to do if 2FA lost?
*
diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index cd952dcb1e..8c26c76665 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -82,6 +82,7 @@ class ProfileController extends Controller
$loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard');
$this->externalIdentity = 'eloquent' !== $loginProvider || 'web' !== $authGuard;
+ $this->externalIdentity = true;
$this->middleware(IsDemoUser::class)->except(['index']);
}
@@ -222,9 +223,9 @@ class ProfileController extends Controller
* @param UserRepositoryInterface $repository
* @param string $token
*
- * @throws FireflyException
* @return RedirectResponse|Redirector
*
+ * @throws FireflyException
*/
public function confirmEmailChange(UserRepositoryInterface $repository, string $token)
{
@@ -338,10 +339,13 @@ class ProfileController extends Controller
public function index()
{
/** @var User $user */
- $user = auth()->user();
- $loginProvider = config('firefly.login_provider');
- // check if client token thing exists (default one)
- $count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
+ $user = auth()->user();
+ $externalIdentity = $this->externalIdentity;
+ $count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
+ $subTitle = $user->email;
+ $userId = $user->id;
+ $enabled2FA = null !== $user->mfa_secret;
+ $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
$this->createOAuthKeys();
@@ -350,19 +354,14 @@ class ProfileController extends Controller
$repository = app(ClientRepository::class);
$repository->createPersonalAccessClient(null, config('app.name') . ' Personal Access Client', 'http://localhost');
}
- $subTitle = $user->email;
- $userId = $user->id;
- $enabled2FA = null !== $user->mfa_secret;
- $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
- // get access token or create one.
$accessToken = app('preferences')->get('access_token', null);
if (null === $accessToken) {
$token = $user->generateAccessToken();
$accessToken = app('preferences')->set('access_token', $token);
}
- return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'loginProvider'));
+ return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'externalIdentity'));
}
/**
@@ -381,7 +380,7 @@ class ProfileController extends Controller
$recoveryCodes = $recovery->lowercase()
->setCount(8) // Generate 8 codes
->setBlocks(2) // Every code must have 7 blocks
- ->setChars(6) // Each block must have 16 chars
+ ->setChars(6) // Each block must have 16 chars
->toArray();
$codes = implode("\r\n", $recoveryCodes);
@@ -583,9 +582,9 @@ class ProfileController extends Controller
* @param string $token
* @param string $hash
*
- * @throws FireflyException
* @return RedirectResponse|Redirector
*
+ * @throws FireflyException
*/
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
{
diff --git a/resources/views/v1/profile/index.twig b/resources/views/v1/profile/index.twig
index 513150bf92..4d5a8863d6 100644
--- a/resources/views/v1/profile/index.twig
+++ b/resources/views/v1/profile/index.twig
@@ -18,12 +18,14 @@
{{ 'command_line_token'|_ }}
+ {% if false == externalIdentity %}
{{ 'oauth'|_ }}
{{ 'pref_two_factor_auth'|_ }}
+ {% endif %}
{{ 'delete_stuff_header'|_ }}
@@ -40,19 +42,24 @@
@@ -60,11 +67,6 @@
-
-
-
+ {% if false == externalIdentity %}
+
+
+
+ {% endif %}
@@ -246,38 +255,6 @@
-
- {#
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- #}
-
-
-
-
-
-
- {# #}
{% endblock %}
{% block scripts %}