firefly-iii/app/Http/Kernel.php

<?php
/**
 * Kernel.php
 * Copyright (c) 2017 thegrumpydictator@gmail.com
 *
 * This file is part of Firefly III.
 *
 * Firefly III is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Firefly III is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
 */
declare(strict_types=1);

namespace FireflyIII\Http;

use FireflyIII\Http\Middleware\Authenticate;
use FireflyIII\Http\Middleware\AuthenticateTwoFactor;
use FireflyIII\Http\Middleware\Binder;
use FireflyIII\Http\Middleware\EncryptCookies;
use FireflyIII\Http\Middleware\IsAdmin;
use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
use FireflyIII\Http\Middleware\Sandstorm;
use FireflyIII\Http\Middleware\StartFireflySession;
use FireflyIII\Http\Middleware\TrimStrings;
use FireflyIII\Http\Middleware\TrustProxies;
use FireflyIII\Http\Middleware\VerifyCsrfToken;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
use Illuminate\Auth\Middleware\Authorize;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Illuminate\View\Middleware\ShareErrorsFromSession;

/**
 * @CodeCoverageIgnore
 * Class Kernel
 */
class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware
        = [
            CheckForMaintenanceMode::class,
            ValidatePostSize::class,
            TrimStrings::class,
            ConvertEmptyStringsToNull::class,
            TrustProxies::class,
        ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups
        = [
            // does not check login
            // does not check 2fa
            // does not check activation
            'web'                   => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
            ],

            // MUST NOT be logged in. Does not care about 2FA or confirmation.
            'user-not-logged-in'    => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
                Binder::class,
                RedirectIfAuthenticated::class,
            ],
            // MUST be logged in.
            // MUST NOT have 2FA
            // don't care about confirmation:
            'user-logged-in-no-2fa' => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
                Binder::class,
                Authenticate::class,
                RedirectIfTwoFactorAuthenticated::class,
            ],

            // MUST be logged in
            // don't care about 2fa
            // don't care about confirmation.
            'user-simple-auth'      => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
                Binder::class,
                Authenticate::class,
            ],

            // MUST be logged in
            // MUST have 2fa
            // MUST be confirmed.
            // (this group includes the other Firefly middleware)
            'user-full-auth'        => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                Range::class,
                Binder::class,
            ],
            // MUST be logged in
            // MUST have 2fa
            // MUST be confirmed.
            // MUST have owner role
            // (this group includes the other Firefly middleware)
            'admin'                 => [
                Sandstorm::class,
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartFireflySession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                //SubstituteBindings::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsAdmin::class,
                Range::class,
                Binder::class,
            ],

            'api' => [
                'throttle:60,1',
                'bindings',
            ],
        ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware
        = [
            'auth'       => Authenticate::class,
            'auth.basic' => AuthenticateWithBasicAuth::class,
            'bindings'   => Binder::class,
            'can'        => Authorize::class,
            'guest'      => RedirectIfAuthenticated::class,
            'throttle'   => ThrottleRequests::class,
        ];
}
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`<?php`
New copyright notice. 2017-10-21 01:40:00 -05:00			`/**`
			`* Kernel.php`
			`* Copyright (c) 2017 thegrumpydictator@gmail.com`
			`*`
			`* This file is part of Firefly III.`
			`*`
			`* Firefly III is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* Firefly III is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
Update copyright [skip ci] 2017-12-17 07:41:58 -06:00			`* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.`
New copyright notice. 2017-10-21 01:40:00 -05:00			`*/`
Various code cleanup. 2017-09-14 10:40:02 -05:00			`declare(strict_types=1);`

Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`namespace FireflyIII\Http;`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`use FireflyIII\Http\Middleware\Authenticate;`
			`use FireflyIII\Http\Middleware\AuthenticateTwoFactor;`
			`use FireflyIII\Http\Middleware\Binder;`
			`use FireflyIII\Http\Middleware\EncryptCookies;`
			`use FireflyIII\Http\Middleware\IsAdmin;`
			`use FireflyIII\Http\Middleware\Range;`
			`use FireflyIII\Http\Middleware\RedirectIfAuthenticated;`
			`use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;`
			`use FireflyIII\Http\Middleware\Sandstorm;`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`use FireflyIII\Http\Middleware\StartFireflySession;`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`use FireflyIII\Http\Middleware\TrimStrings;`
			`use FireflyIII\Http\Middleware\TrustProxies;`
			`use FireflyIII\Http\Middleware\VerifyCsrfToken;`
			`use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;`
			`use Illuminate\Auth\Middleware\Authorize;`
			`use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00			`use Illuminate\Foundation\Http\Kernel as HttpKernel;`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;`
			`use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;`
			`use Illuminate\Foundation\Http\Middleware\ValidatePostSize;`
			`use Illuminate\Routing\Middleware\ThrottleRequests;`
			`use Illuminate\View\Middleware\ShareErrorsFromSession;`

Expand tests, do code cleanup. 2017-12-17 07:30:53 -06:00			`/**`
Expand test coverage. 2017-12-23 10:42:07 -06:00			`* @CodeCoverageIgnore`
Expand tests, do code cleanup. 2017-12-17 07:30:53 -06:00			`* Class Kernel`
			`*/`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`class Kernel extends HttpKernel`
			`{`
			`/**`
			`* The application's global HTTP middleware stack.`
			`*`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`* These middleware are run during every request to your application.`
			`*`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`* @var array`
			`*/`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`protected $middleware`
			`= [`
			`CheckForMaintenanceMode::class,`
			`ValidatePostSize::class,`
			`TrimStrings::class,`
			`ConvertEmptyStringsToNull::class,`
			`TrustProxies::class,`
			`];`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`/**`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`* The application's route middleware groups.`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`*`
			`* @var array`
			`*/`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`protected $middlewareGroups`
			`= [`
			`// does not check login`
			`// does not check 2fa`
			`// does not check activation`
			`'web' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`],`

			`// MUST NOT be logged in. Does not care about 2FA or confirmation.`
			`'user-not-logged-in' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
			`Binder::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`RedirectIfAuthenticated::class,`
			`],`
			`// MUST be logged in.`
			`// MUST NOT have 2FA`
			`// don't care about confirmation:`
			`'user-logged-in-no-2fa' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
			`Binder::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`Authenticate::class,`
			`RedirectIfTwoFactorAuthenticated::class,`
			`],`

			`// MUST be logged in`
			`// don't care about 2fa`
			`// don't care about confirmation.`
			`'user-simple-auth' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
			`Binder::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`Authenticate::class,`
			`],`

			`// MUST be logged in`
			`// MUST have 2fa`
			`// MUST be confirmed.`
			`// (this group includes the other Firefly middleware)`
			`'user-full-auth' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`Authenticate::class,`
			`AuthenticateTwoFactor::class,`
			`Range::class,`
			`Binder::class,`
			`],`
			`// MUST be logged in`
			`// MUST have 2fa`
			`// MUST be confirmed.`
			`// MUST have owner role`
			`// (this group includes the other Firefly middleware)`
			`'admin' => [`
			`Sandstorm::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
Overrule Laravel middleware [skip ci] 2017-10-27 11:56:38 -05:00			`StartFireflySession::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`//SubstituteBindings::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`Authenticate::class,`
			`AuthenticateTwoFactor::class,`
			`IsAdmin::class,`
			`Range::class,`
			`Binder::class,`
			`],`

			`'api' => [`
			`'throttle:60,1',`
			`'bindings',`
			`],`
			`];`

Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`/**`
			`* The application's route middleware.`
			`*`
			`* These middleware may be assigned to groups or used individually.`
			`*`
			`* @var array`
			`*/`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`protected $routeMiddleware`
			`= [`
			`'auth' => Authenticate::class,`
			`'auth.basic' => AuthenticateWithBasicAuth::class,`
Replace Laravel binder with own binder. This will save in queries and increase security. 2017-12-25 01:45:23 -06:00			`'bindings' => Binder::class,`
Update Kernel file to work with Laravel 5.5 2017-09-10 01:33:51 -05:00			`'can' => Authorize::class,`
			`'guest' => RedirectIfAuthenticated::class,`
			`'throttle' => ThrottleRequests::class,`
			`];`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00			`}`