firefly-iii/app/Http/Kernel.php

199 lines
7.2 KiB
PHP
Raw Permalink Normal View History

<?php
2022-12-29 12:41:57 -06:00
2017-10-21 01:40:00 -05:00
/**
* Kernel.php
2020-01-31 00:32:04 -06:00
* Copyright (c) 2019 james@firefly-iii.org
2017-10-21 01:40:00 -05:00
*
* This file is part of Firefly III (https://github.com/firefly-iii).
2017-10-21 01:40:00 -05:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
2017-10-21 01:40:00 -05:00
*
* This program is distributed in the hope that it will be useful,
2017-10-21 01:40:00 -05:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
2017-10-21 01:40:00 -05:00
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
2017-10-21 01:40:00 -05:00
*/
2017-09-14 10:40:02 -05:00
declare(strict_types=1);
namespace FireflyIII\Http;
2015-02-05 21:39:52 -06:00
2022-06-23 02:33:43 -05:00
use FireflyIII\Http\Middleware\AcceptHeaders;
use FireflyIII\Http\Middleware\Authenticate;
2018-02-09 08:01:22 -06:00
use FireflyIII\Http\Middleware\Binder;
2018-02-09 12:11:55 -06:00
use FireflyIII\Http\Middleware\EncryptCookies;
use FireflyIII\Http\Middleware\InstallationId;
2018-03-07 13:21:36 -06:00
use FireflyIII\Http\Middleware\Installer;
use FireflyIII\Http\Middleware\InterestingMessage;
use FireflyIII\Http\Middleware\IsAdmin;
use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
2018-08-25 00:55:32 -05:00
use FireflyIII\Http\Middleware\SecureHeaders;
2017-10-27 11:56:38 -05:00
use FireflyIII\Http\Middleware\StartFireflySession;
use FireflyIII\Http\Middleware\TrimStrings;
use FireflyIII\Http\Middleware\TrustProxies;
use FireflyIII\Http\Middleware\VerifyCsrfToken;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
use Illuminate\Auth\Middleware\Authorize;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
2015-02-05 21:39:52 -06:00
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
use Illuminate\Routing\Middleware\ThrottleRequests;
2020-06-27 08:42:18 -05:00
use Illuminate\Session\Middleware\AuthenticateSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;
2018-02-07 03:49:06 -06:00
use Laravel\Passport\Http\Middleware\CreateFreshApiToken;
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
2019-08-03 12:54:30 -05:00
use PragmaRX\Google2FALaravel\Middleware as MFAMiddleware;
2018-02-07 03:49:06 -06:00
2017-12-17 07:30:53 -06:00
/**
* Class Kernel
*/
2015-02-06 12:33:31 -06:00
class Kernel extends HttpKernel
{
protected $middleware
= [
2018-08-25 00:55:32 -05:00
SecureHeaders::class,
CheckForMaintenanceMode::class,
ValidatePostSize::class,
TrimStrings::class,
ConvertEmptyStringsToNull::class,
TrustProxies::class,
InstallationId::class,
];
2023-05-29 06:56:55 -05:00
protected $middlewareAliases
= [
'auth' => Authenticate::class,
'auth.basic' => AuthenticateWithBasicAuth::class,
'bindings' => Binder::class,
'can' => Authorize::class,
'guest' => RedirectIfAuthenticated::class,
'throttle' => ThrottleRequests::class,
];
protected $middlewareGroups
= [
// does not check login
// does not check 2fa
// does not check activation
2019-02-13 10:38:41 -06:00
'web' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
2020-06-27 08:42:18 -05:00
AuthenticateSession::class,
2020-07-19 06:06:22 -05:00
CreateFreshApiToken::class,
],
2018-08-12 07:26:11 -05:00
// only the basic variable binders.
'binders-only' => [
Installer::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
Binder::class,
],
// MUST NOT be logged in. Does not care about 2FA or confirmation.
'user-not-logged-in' => [
2018-03-07 13:21:36 -06:00
Installer::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
2018-02-09 08:01:22 -06:00
Binder::class,
RedirectIfAuthenticated::class,
],
// MUST be logged in.
// MUST NOT have 2FA
// don't care about confirmation:
'user-logged-in-no-2fa' => [
2018-03-07 13:21:36 -06:00
Installer::class,
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
2018-02-09 08:01:22 -06:00
Binder::class,
Authenticate::class,
2023-12-20 12:35:52 -06:00
// RedirectIfTwoFactorAuthenticated::class,
],
// MUST be logged in
// don't care about 2fa
// don't care about confirmation.
'user-simple-auth' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
2018-02-09 08:01:22 -06:00
Binder::class,
Authenticate::class,
],
// MUST be logged in
// MUST have 2fa
// MUST be confirmed.
2020-11-24 23:25:08 -06:00
// (this group includes the other Firefly III middleware)
'user-full-auth' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
Authenticate::class,
2019-08-03 12:54:30 -05:00
MFAMiddleware::class,
Range::class,
2018-02-09 08:01:22 -06:00
Binder::class,
InterestingMessage::class,
2020-07-19 06:06:22 -05:00
CreateFreshApiToken::class,
],
// MUST be logged in
// MUST have 2fa
// MUST be confirmed.
// MUST have owner role
2020-11-24 23:25:08 -06:00
// (this group includes the other Firefly III middleware)
'admin' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
2017-10-27 11:56:38 -05:00
StartFireflySession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
Authenticate::class,
2023-12-20 12:35:52 -06:00
// AuthenticateTwoFactor::class,
IsAdmin::class,
Range::class,
2018-02-09 08:01:22 -06:00
Binder::class,
CreateFreshApiToken::class,
],
// full API authentication
2023-02-22 11:14:14 -06:00
'api' => [
2022-06-23 02:33:43 -05:00
AcceptHeaders::class,
EnsureFrontendRequestsAreStateful::class,
'auth:api,sanctum',
2018-02-09 08:01:22 -06:00
'bindings',
],
// do only bindings, no auth
2023-02-22 11:14:14 -06:00
'api_basic' => [
AcceptHeaders::class,
2021-03-21 05:06:08 -05:00
'bindings',
],
];
protected $middlewarePriority
= [
StartFireflySession::class,
ShareErrorsFromSession::class,
Authenticate::class,
Binder::class,
Authorize::class,
];
2015-02-05 21:39:52 -06:00
}