kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-12 15:35:15 +00:00
Code Issues Projects Releases Wiki Activity

Make sure the /javascript/ url’s are ignored.

Browse Source
This commit is contained in:
James Cole
2017-02-12 16:50:35 +01:00
parent 3399b133ae
commit ec146d4cbe
10 changed files with 172 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/Http/Controllers/Auth/LoginController.php
View File

@@ -80,6 +80,26 @@ class LoginController extends Controller
return $this->sendFailedLoginResponse($request, $errorMessage);
}
/**
* @param Request $request
*
* @return $this|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function logout(Request $request)
{
if (intval(getenv('SANDSTORM')) === 1) {
return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));
}
$this->guard()->logout();
$request->session()->flush();
$request->session()->regenerate();
return redirect('/');
}
/**
* Show the application login form.
*

2
app/Http/Controllers/HomeController.php
View File

@@ -91,7 +91,7 @@ class HomeController extends Controller
public function flush(Request $request)
{
Preferences::mark();
$request->session()->forget(['start', 'end', 'viewRange', 'range', 'is_custom_range']);
$request->session()->forget(['start', 'end','_previous', 'viewRange', 'range', 'is_custom_range']);
Artisan::call('cache:clear');
return redirect(route('index'));

27
app/Http/Kernel.php
View File

@@ -21,6 +21,7 @@ use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
use FireflyIII\Http\Middleware\Sandstorm;
use FireflyIII\Http\Middleware\StartFireflySession;
use FireflyIII\Http\Middleware\VerifyCsrfToken;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
use Illuminate\Auth\Middleware\Authorize;
@@ -29,7 +30,6 @@ use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;
/**
@@ -51,7 +51,6 @@ class Kernel extends HttpKernel
= [
'Illuminate\Foundation\Bootstrap\LoadEnvironmentVariables',
'Illuminate\Foundation\Bootstrap\LoadConfiguration',
//'FireflyIII\Bootstrap\ConfigureLogging',
'Illuminate\Foundation\Bootstrap\HandleExceptions',
'Illuminate\Foundation\Bootstrap\RegisterFacades',
'Illuminate\Foundation\Bootstrap\RegisterProviders',
@@ -80,11 +79,11 @@ class Kernel extends HttpKernel
// does not check login
// does not check 2fa
// does not check activation
'web' => [
'web' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
@@ -92,11 +91,11 @@ class Kernel extends HttpKernel
// MUST NOT be logged in. Does not care about 2FA or confirmation.
'user-not-logged-in' => [
'user-not-logged-in' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
@@ -105,11 +104,11 @@ class Kernel extends HttpKernel
// MUST be logged in.
// MUST NOT have 2FA
// don't care about confirmation:
'user-logged-in-no-2fa' => [
'user-logged-in-no-2fa' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
@@ -120,11 +119,11 @@ class Kernel extends HttpKernel
// MUST be logged in
// don't care about 2fa
// don't care about confirmation.
'user-simple-auth' => [
'user-simple-auth' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
@@ -135,11 +134,11 @@ class Kernel extends HttpKernel
// MUST have 2fa
// MUST be confirmed.
// (this group includes the other Firefly middleware)
'user-full-auth' => [
'user-full-auth' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
@@ -153,11 +152,11 @@ class Kernel extends HttpKernel
// MUST be confirmed.
// MUST have owner role
// (this group includes the other Firefly middleware)
'admin' => [
'admin' => [
Sandstorm::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,

55
app/Http/Middleware/StartFireflySession.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
/**
* StartFireflySession.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
* This software may be modified and distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Http\Middleware;
use Illuminate\Http\Request;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\Session\SessionManager;
use Log;
/**
* Class StartFireflySession
*
* @package FireflyIII\Http\Middleware
*/
class StartFireflySession extends StartSession
{
/**
* Create a new session middleware.
*
* @param \Illuminate\Session\SessionManager $manager
*/
public function __construct(SessionManager $manager)
{
parent::__construct($manager);
}
/**
* Store the current URL for the request if necessary.
*
* @param \Illuminate\Http\Request $request
* @param \Illuminate\Contracts\Session\Session $session
*
* @return void
*/
protected function storeCurrentUrl(Request $request, $session)
{
$fullUrl = $request->fullUrl();
if ($request->method() === 'GET' && $request->route() && !$request->ajax()) {
if (strpos($fullUrl, '/javascript/') === false) {
$session->setPreviousUrl($fullUrl);
}
}
}
}

64
app/Providers/FireflySessionProvider.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
/**
* FireflySessionProvider.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
* This software may be modified and distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Providers;
use FireflyIII\Http\Middleware\StartFireflySession;
use Illuminate\Session\SessionManager;
use Illuminate\Support\ServiceProvider;
class FireflySessionProvider extends ServiceProvider
{
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->registerSessionManager();
$this->registerSessionDriver();
$this->app->singleton(StartFireflySession::class);
}
/**
* Register the session driver instance.
*
* @return void
*/
protected function registerSessionDriver()
{
$this->app->singleton(
'session.store', function ($app) {
// First, we will create the session manager which is responsible for the
// creation of the various session drivers when they are needed by the
// application instance, and will resolve them on a lazy load basis.
return $app->make('session')->driver();
}
);
}
/**
* Register the session manager instance.
*
* @return void
*/
protected function registerSessionManager()
{
$this->app->singleton(
'session', function ($app) {
return new SessionManager($app);
}
);
}
}