Remove a lot of stuff that deals with user activation.

2025-09-20 11:19:16 +00:00 · 2016-12-28 17:07:44 +01:00
parent 98d4bc48b6
commit f44336f7aa
18 changed files with 10 additions and 511 deletions
--- a/app/Events/ConfirmedUser.php
+++ b/app/Events/ConfirmedUser.php
@@ -1,42 +0,0 @@
 <?php
 /**
 * ConfirmedUser.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Events;
 use FireflyIII\User;
 use Illuminate\Queue\SerializesModels;
 /**
 * Class ConfirmedUser
 *
 * @package FireflyIII\Events
 */
 class ConfirmedUser extends Event
 {
    use SerializesModels;
    public $ipAddress;
    public $user;
    /**
     * Create a new event instance. This event is triggered when a user confirms their new account.
     *
     * @param  User  $user
     * @param string $ipAddress
     */
    public function __construct(User $user, string $ipAddress)
    {
        $this->user      = $user;
        $this->ipAddress = $ipAddress;
    }
 }
--- a/app/Events/ResentConfirmation.php
+++ b/app/Events/ResentConfirmation.php
@@ -1,42 +0,0 @@
 <?php
 /**
 * ResentConfirmation.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Events;
 use FireflyIII\User;
 use Illuminate\Queue\SerializesModels;
 /**
 * Class ResentConfirmation
 *
 * @package FireflyIII\Events
 */
 class ResentConfirmation extends Event
 {
    use SerializesModels;
    public $ipAddress;
    public $user;
    /**
     * Create a new event instance. This event is triggered when a users wants a new confirmation.
     *
     * @param  User  $user
     * @param string $ipAddress
     */
    public function __construct(User $user, string $ipAddress)
    {
        $this->user      = $user;
        $this->ipAddress = $ipAddress;
    }
 }
--- a/app/Handlers/Events/UserEventHandler.php
+++ b/app/Handlers/Events/UserEventHandler.php
@@ -15,9 +15,7 @@ namespace FireflyIII\Handlers\Events;
 use FireflyIII\Events\RegisteredUser;
 use FireflyIII\Events\RequestedNewPassword;
 use FireflyIII\Events\ResentConfirmation;
 use FireflyIII\Repositories\User\UserRepositoryInterface;
 use FireflyIII\Support\Events\SendUserMail;
 use Illuminate\Mail\Message;
 use Log;
 use Mail;
@@ -70,37 +68,6 @@ class UserEventHandler
        return true;
    }
    /**
     * This method will send a newly registered user a confirmation message, urging him or her to activate their account.
     *
     * @param RegisteredUser $event
     *
     * @return bool
     */
    public function sendConfirmationMessage(RegisteredUser $event): bool
    {
        $sender = new SendUserMail;
        return $sender->sendConfirmation($event->user, $event->ipAddress);
    }
    /**
     * If the user has somehow lost his or her confirmation message, this event will send it to the user again.
     *
     * At the moment, this method is exactly the same as the ::sendConfirmationMessage method, but that will change.
     *
     * @param ResentConfirmation $event
     *
     * @return bool
     */
    function sendConfirmationMessageAgain(ResentConfirmation $event): bool
    {
        $sender = new SendUserMail;
        return $sender->sendConfirmation($event->user, $event->ipAddress);
    }
    /**
     * @param RequestedNewPassword $event
     *
--- a/app/Http/Controllers/Admin/UserController.php
+++ b/app/Http/Controllers/Admin/UserController.php
@@ -14,7 +14,6 @@ declare(strict_types = 1);
 namespace FireflyIII\Http\Controllers\Admin;
 use FireflyConfig;
 use FireflyIII\Http\Controllers\Controller;
 use FireflyIII\Http\Requests\UserFormRequest;
 use FireflyIII\Repositories\User\UserRepositoryInterface;
@@ -81,15 +80,15 @@ class UserController extends Controller
     */
    public function index(UserRepositoryInterface $repository)
    {
-        $subTitle           = strval(trans('firefly.user_administration'));
+        $subTitle     = strval(trans('firefly.user_administration'));
-        $subTitleIcon       = 'fa-users';
+        $subTitleIcon = 'fa-users';
-        $users              = $repository->all();
+        $users        = $repository->all();
        // add meta stuff.
        $users->each(
            function (User $user) {
-                $list            = ['twoFactorAuthEnabled', 'twoFactorAuthSecret'];
+                $list          = ['twoFactorAuthEnabled', 'twoFactorAuthSecret'];
-                $preferences     = Preferences::getArrayForUser($user, $list);
+                $preferences   = Preferences::getArrayForUser($user, $list);
                $user->isAdmin = $user->hasRole('owner');
                $is2faEnabled  = $preferences['twoFactorAuthEnabled'] === true;
                $has2faSecret  = !is_null($preferences['twoFactorAuthSecret']);
@@ -115,37 +114,12 @@ class UserController extends Controller
        $mainTitleIcon = 'fa-hand-spock-o';
        $subTitle      = strval(trans('firefly.single_user_administration', ['email' => $user->email]));
        $subTitleIcon  = 'fa-user';
-
+        $information   = $repository->getUserData($user);
        // get IP info:
        $defaultIp    = '0.0.0.0';
        $regPref      = Preferences::getForUser($user, 'registration_ip_address');
        $registration = $defaultIp;
        $conPref      = Preferences::getForUser($user, 'confirmation_ip_address');
        $confirmation = $defaultIp;
        if (!is_null($regPref)) {
            $registration = $regPref->data;
        }
        if (!is_null($conPref)) {
            $confirmation = $conPref->data;
        }
        $registrationHost = '';
        $confirmationHost = '';
        if ($registration != $defaultIp) {
            $registrationHost = gethostbyaddr($registration);
        }
        if ($confirmation != $defaultIp) {
            $confirmationHost = gethostbyaddr($confirmation);
        }
        $information = $repository->getUserData($user);
        return view(
            'admin.users.show',
            compact(
-                'title', 'mainTitleIcon', 'subTitle', 'subTitleIcon', 'information',
+                'title', 'mainTitleIcon', 'subTitle', 'subTitleIcon', 'information', 'user'
                'user', 'registration', 'confirmation', 'registrationHost', 'confirmationHost'
            )
        );
    }
--- a/app/Http/Controllers/Auth/ConfirmationController.php
+++ b/app/Http/Controllers/Auth/ConfirmationController.php
@@ -1,90 +0,0 @@
 <?php
 /**
 * ConfirmationController.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Http\Controllers\Auth;
 use FireflyIII\Events\ConfirmedUser;
 use FireflyIII\Events\ResentConfirmation;
 use FireflyIII\Exceptions\FireflyException;
 use FireflyIII\Http\Controllers\Controller;
 use Illuminate\Http\Request;
 use Preferences;
 use Session;
 /**
 * Class ConfirmationController
 *
 * @package FireflyIII\Http\Controllers\Auth
 */
 class ConfirmationController extends Controller
 {
    /**
     * @return mixed
     */
    public function confirmationError()
    {
        return view('auth.confirmation.error');
    }
    /**
     * @param Request $request
     * @param string  $code
     *
     * @return mixed
     * @throws FireflyException
     */
    public function doConfirmation(Request $request, string $code)
    {
        // check user_confirmed_last_mail
        $database = Preferences::get('user_confirmed_code')->data;
        $time     = Preferences::get('user_confirmed_last_mail', 0)->data;
        $now      = time();
        $maxDiff  = config('firefly.confirmation_age');
        if ($database === $code && ($now - $time <= $maxDiff)) {
            // trigger user registration event:
            event(new ConfirmedUser(auth()->user(), $request->ip()));
            Preferences::setForUser(auth()->user(), 'user_confirmed', true);
            Preferences::setForUser(auth()->user(), 'user_confirmed_confirmed', time());
            Session::flash('success', strval(trans('firefly.account_is_confirmed')));
            return redirect(route('home'));
        }
        throw new FireflyException(trans('firefly.invalid_activation_code'));
    }
    /**
     * @param Request $request
     *
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
     */
    public function resendConfirmation(Request $request)
    {
        $time    = Preferences::get('user_confirmed_last_mail', 0)->data;
        $now     = time();
        $maxDiff = config('firefly.resend_confirmation');
        $owner   = env('SITE_OWNER', 'mail@example.com');
        $view    = 'auth.confirmation.no-resent';
        if ($now - $time > $maxDiff) {
            event(new ResentConfirmation(auth()->user(), $request->ip()));
            $view = 'auth.confirmation.resent';
        }
        return view($view, ['owner' => $owner]);
    }
 }
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -98,9 +98,6 @@ class RegisterController extends Controller
        $user = $this->create($request->all());
        // trigger user registration event:
        // automatically activate user:
        Preferences::setForUser($user, 'user_confirmed', true);
        Preferences::setForUser($user, 'user_confirmed_last_mail', 0);
        event(new RegisteredUser($user, $request->ip()));
        Auth::login($user);
@@ -125,9 +122,6 @@ class RegisterController extends Controller
        // is demo site?
        $isDemoSite = FireflyConfig::get('is_demo_site', Config::get('firefly.configuration.is_demo_site'))->data;
        // activate account?
        $mustConfirmAccount = FireflyConfig::get('must_confirm_account', Config::get('firefly.configuration.must_confirm_account'))->data;
        // is allowed to?
        $singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data;
        $userCount      = User::count();
@@ -139,7 +133,7 @@ class RegisterController extends Controller
        $email = $request->old('email');
-        return view('auth.register', compact('isDemoSite', 'email', 'mustConfirmAccount'));
+        return view('auth.register', compact('isDemoSite', 'email'));
    }
    /**
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@@ -175,9 +175,6 @@ class HomeController extends Controller
            'logout',
            'two-fac',
            'lost-two',
            'confirm',
            'resend',
            'do_confirm',
            // test troutes
            'test-flash',
            'all-routes',
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -17,8 +17,6 @@ use FireflyIII\Http\Middleware\AuthenticateTwoFactor;
 use FireflyIII\Http\Middleware\Binder;
 use FireflyIII\Http\Middleware\EncryptCookies;
 use FireflyIII\Http\Middleware\IsAdmin;
 use FireflyIII\Http\Middleware\IsConfirmed;
 use FireflyIII\Http\Middleware\IsNotConfirmed;
 use FireflyIII\Http\Middleware\Range;
 use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
 use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
@@ -124,7 +122,6 @@ class Kernel extends HttpKernel
                SubstituteBindings::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsNotConfirmed::class,
            ],
            // MUST be logged in
@@ -153,7 +150,6 @@ class Kernel extends HttpKernel
                SubstituteBindings::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsConfirmed::class,
                Range::class,
                Binder::class,
            ],
@@ -171,11 +167,9 @@ class Kernel extends HttpKernel
                SubstituteBindings::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsConfirmed::class,
                IsAdmin::class,
                Range::class,
                Binder::class,
            ],
--- a/app/Http/Middleware/IsAdmin.php
+++ b/app/Http/Middleware/IsAdmin.php
@@ -26,8 +26,7 @@ use Illuminate\Support\Facades\Auth;
 class IsAdmin
 {
    /**
-     * Handle an incoming request. User account must be confirmed for this routine to let
+     * Handle an incoming request. Must be admin.
     * the user pass.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure                 $next
--- a/app/Http/Middleware/IsConfirmed.php
+++ b/app/Http/Middleware/IsConfirmed.php
@@ -1,67 +0,0 @@
 <?php
 /**
 * IsConfirmed.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Http\Middleware;
 use Closure;
 use FireflyConfig;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Preferences;
 /**
 * Class IsConfirmed
 *
 * @package FireflyIII\Http\Middleware
 */
 class IsConfirmed
 {
    /**
     * Handle an incoming request. User account must be confirmed for this routine to let
     * the user pass.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure                 $next
     * @param  string|null              $guard
     *
     * @return mixed
     */
    public function handle(Request $request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->guest()) {
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            }
            return redirect()->guest('login');
        }
        // must the user be confirmed in the first place?
        $confirmPreference  = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'));
        $mustConfirmAccount = false;
        if (!is_null($confirmPreference)) {
            $mustConfirmAccount = $confirmPreference->data;
        }
        // user must be logged in, then continue:
        $isConfirmed = Preferences::get('user_confirmed', false)->data;
        if ($isConfirmed === false && $mustConfirmAccount === true) {
            // user account is not confirmed, redirect to
            // confirmation page:
            return redirect(route('confirmation_error'));
        }
        return $next($request);
    }
 }
--- a/app/Http/Middleware/IsNotConfirmed.php
+++ b/app/Http/Middleware/IsNotConfirmed.php
@@ -1,64 +0,0 @@
 <?php
 /**
 * IsNotConfirmed.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Http\Middleware;
 use Closure;
 use FireflyConfig;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Log;
 use Preferences;
 /**
 * Class IsNotConfirmed
 *
 * @package FireflyIII\Http\Middleware
 */
 class IsNotConfirmed
 {
    /**
     * Handle an incoming request. User account must be confirmed for this routine to let
     * the user pass.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure                 $next
     * @param  string|null              $guard
     *
     * @return mixed
     */
    public function handle(Request $request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->guest()) {
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            }
            return redirect()->guest('login');
        }
        // must the user be confirmed in the first place?
        $mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
        Log::debug(sprintf('mustConfirmAccount is %s', $mustConfirmAccount));
        // user must be logged in, then continue:
        $isConfirmed = Preferences::get('user_confirmed', false)->data;
        Log::debug(sprintf('isConfirmed is %s', $isConfirmed));
        if ($isConfirmed || $mustConfirmAccount === false) {
            Log::debug('User is confirmed or user does not have to confirm account. Redirect home.');
            // user account is confirmed, simply send them home.
            return redirect(route('home'));
        }
        return $next($request);
    }
 }
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -45,10 +45,6 @@ class EventServiceProvider extends ServiceProvider
            'FireflyIII\Events\RequestedNewPassword' => [ // is a User related event.
                                                          'FireflyIII\Handlers\Events\UserEventHandler@sendNewPassword',
            ],
            'FireflyIII\Events\ResentConfirmation'   => // is a User related event.
                [
                    'FireflyIII\Handlers\Events\UserEventHandler@sendConfirmationMessageAgain',
                ],
            'FireflyIII\Events\StoredBudgetLimit'    => // is a Budget related event.
                [
                    'FireflyIII\Handlers\Events\BudgetEventHandler@storeRepetition',
--- a/app/Repositories/User/UserRepository.php
+++ b/app/Repositories/User/UserRepository.php
@@ -108,14 +108,6 @@ class UserRepository implements UserRepositoryInterface
            $return['has_2fa'] = true;
        }
        // is user activated?
        $mustConfirmAccount     = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
        $isConfirmed            = Preferences::getForUser($user, 'user_confirmed', false)->data;
        $return['is_activated'] = true;
        if ($isConfirmed === false && $mustConfirmAccount === true) {
            $return['is_activated'] = false;
        }
        $return['is_admin']            = $user->hasRole('owner');
        $return['blocked']             = intval($user->blocked) === 1;
        $return['blocked_code']        = $user->blocked_code;
--- a/app/Support/Events/SendUserMail.php
+++ b/app/Support/Events/SendUserMail.php
@@ -1,62 +0,0 @@
 <?php
 /**
 * SendUserMail.php
 * Copyright (c) 2016 thegrumpydictator@gmail.com
 * This software may be modified and distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */
 declare(strict_types = 1);
 namespace FireflyIII\Support\Events;
 use Exception;
 use FireflyConfig;
 use FireflyIII\User;
 use Illuminate\Mail\Message;
 use Log;
 use Mail;
 use Preferences;
 use Swift_TransportException;
 class SendUserMail
 {
    /**
     * @param User   $user
     * @param string $ipAddress
     *
     * @return bool
     */
    public function sendConfirmation(User $user, string $ipAddress): bool
    {
        $mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
        if ($mustConfirmAccount === false) {
            Preferences::setForUser($user, 'user_confirmed', true);
            Preferences::setForUser($user, 'user_confirmed_last_mail', 0);
            Preferences::mark();
            return true;
        }
        $email = $user->email;
        $code  = str_random(16);
        $route = route('do_confirm_account', [$code]);
        Preferences::setForUser($user, 'user_confirmed', false);
        Preferences::setForUser($user, 'user_confirmed_last_mail', time());
        Preferences::setForUser($user, 'user_confirmed_code', $code);
        try {
            Mail::send(
                ['emails.confirm-account-html', 'emails.confirm-account-text'], ['route' => $route, 'ip' => $ipAddress],
                function (Message $message) use ($email) {
                    $message->to($email, $email)->subject('Please confirm your Firefly III account');
                }
            );
        } catch (Swift_TransportException $e) {
            Log::error($e->getMessage());
        } catch (Exception $e) {
            Log::error($e->getMessage());
        }
        return true;
    }
 }
--- a/resources/views/admin/configuration/index.twig
+++ b/resources/views/admin/configuration/index.twig
@@ -24,20 +24,6 @@
                    </div>
                </div>
            </div>
            {# need to activate account #}
            <div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">
                <div class="box box-default">
                    <div class="box-header with-border">
                        <h3 class="box-title">{{ 'setting_must_confirm_account'|_ }}</h3>
                    </div>
                    <div class="box-body">
                        <p class="text-info">
                            {{ 'setting_must_confirm_account_explain'|_ }}
                        </p>
                        {{ ExpandedForm.checkbox('must_confirm_account','1', mustConfirmAccount) }}
                    </div>
                </div>
            </div>
            {# installation is demo site #}
            <div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">
--- a/resources/views/admin/users/show.twig
+++ b/resources/views/admin/users/show.twig
@@ -28,14 +28,6 @@
                                {{ user.created_at.formatLocalized(monthAndDayFormat) }}
                                {{ user.created_at.format('H:i') }}</td>
                        </tr>
                        <tr>
                            <td>{{ trans('list.registered_from') }}</td>
                            <td>{{ registration }} ({{ registrationHost }})</td>
                        </tr>
                        <tr>
                            <td>{{ trans('list.confirmed_from') }}</td>
                            <td>{{ confirmation }} ({{ confirmationHost }})</td>
                        </tr>
                        <tr>
                            <td>{{ trans('list.is_admin') }}</td>
                            <td>
@@ -56,16 +48,6 @@
                                {% endif %}
                            </td>
                        </tr>
                        <tr>
                            <td>{{ trans('list.is_activated') }}</td>
                            <td>
                                {% if information.is_activated %}
                                    <small class="text-success"><i class="fa fa-fw fa-check"></i></small> Yes
                                {% else %}
                                    <small class="text-danger"><i class="fa fa-fw fa-times"></i></small> No
                                {% endif %}
                            </td>
                        </tr>
                        <tr>
                            <td>{{ trans('list.is_blocked') }}</td>
                            <td>
--- a/resources/views/auth/register.twig
+++ b/resources/views/auth/register.twig
@@ -27,10 +27,6 @@
            <div class="form-group has-feedback">
                <input type="email" name="email" value="{{ email }}" class="form-control" placeholder="Email"/>
                {% if mustConfirmAccount %}
                    <p class="help-block">
                        You must activate your account. If your email address is incorrect, your account will not work.</p>
                {% endif %}
            </div>
            <div class="form-group has-feedback">
                <input type="password" class="form-control" placeholder="Password" name="password"/>
--- a/routes/web.php
+++ b/routes/web.php
@@ -49,6 +49,7 @@ Route::group(
 /**
 * For the two factor routes, the user must be logged in, but NOT 2FA. Account confirmation does not matter here.
 * @deprecated
 */
 Route::group(
    ['middleware' => 'user-logged-in-no-2fa', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'Auth'], function () {
@@ -59,18 +60,6 @@ Route::group(
 }
 );
 /**
 * For the confirmation routes, the user must be logged in, also 2FA, but his account must not be confirmed.
 */
 Route::group(
    ['middleware' => 'user-logged-in-2fa-no-activation', 'namespace' => 'Auth'], function () {
    Route::get('/confirm-your-account', ['uses' => 'ConfirmationController@confirmationError', 'as' => 'confirmation_error']);
    Route::get('/resend-confirmation', ['uses' => 'ConfirmationController@resendConfirmation', 'as' => 'resend_confirmation']);
    Route::get('/confirmation/{code}', ['uses' => 'ConfirmationController@doConfirmation', 'as' => 'do_confirm_account']);
 }
 );
 /**
 * For all other routes, the user must be fully authenticated and have an activated account.
 */