firefly-iii/app/Http/Kernel.php

<?php
declare(strict_types = 1);

namespace FireflyIII\Http;

use FireflyIII\Http\Middleware\Authenticate;
use FireflyIII\Http\Middleware\AuthenticateTwoFactor;
use FireflyIII\Http\Middleware\Binder;
use FireflyIII\Http\Middleware\EncryptCookies;
use FireflyIII\Http\Middleware\IsAdmin;
use FireflyIII\Http\Middleware\IsConfirmed;
use FireflyIII\Http\Middleware\IsNotConfirmed;
use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
use FireflyIII\Http\Middleware\VerifyCsrfToken;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;

/**
 * Class Kernel
 *
 * @package FireflyIII\Http
 */
class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware
        = [
            CheckForMaintenanceMode::class,
        ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups
        = [
            // does not check login
            // does not check 2fa
            // does not check activation
            'web'                              => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
            ],
            // MUST NOT be logged in. Does not care about 2FA or confirmation.
            'user-not-logged-in'               => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                RedirectIfAuthenticated::class,
            ],

            // MUST be logged in.
            // MUST NOT have 2FA
            // don't care about confirmation:
            'user-logged-in-no-2fa'            => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                Authenticate::class,
                RedirectIfTwoFactorAuthenticated::class,
            ],
            // MUST be logged in
            // MUST have 2FA
            // MUST NOT have confirmation.
            'user-logged-in-2fa-no-activation' => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsNotConfirmed::class,
            ],

            // MUST be logged in
            // don't care about 2fa
            // don't care about confirmation.
            'user-simple-auth'                 => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                Authenticate::class,
            ],

            // MUST be logged in
            // MUST have 2fa
            // MUST be confirmed.
            // (this group includes the other Firefly middleware)
            'user-full-auth'                   => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsConfirmed::class,
                Range::class,
                Binder::class,
            ],
            // MUST be logged in
            // MUST have 2fa
            // MUST be confirmed.
            // MUST have owner role
            // (this group includes the other Firefly middleware)
            'admin'                   => [
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                Authenticate::class,
                AuthenticateTwoFactor::class,
                IsConfirmed::class,
                IsAdmin::class,
                Range::class,
                Binder::class,

            ],

            'api' => [
                'throttle:60,1',
            ],
        ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware
        = [
            'auth'       => Authenticate::class,
            'auth.basic' => AuthenticateWithBasicAuth::class,
            'guest'      => RedirectIfAuthenticated::class,
            'throttle'   => ThrottleRequests::class,
            'range'      => Range::class,
        ];
}
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`<?php`
Declare strict type. 2016-02-05 05:08:25 -06:00			`declare(strict_types = 1);`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00
			`namespace FireflyIII\Http;`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`use FireflyIII\Http\Middleware\Authenticate;`
These are some new middleware groups required to call the two factor auth routines at the right moments. 2016-03-19 10:22:20 -05:00			`use FireflyIII\Http\Middleware\AuthenticateTwoFactor;`
New middleware. 2016-01-09 08:39:02 -06:00			`use FireflyIII\Http\Middleware\Binder;`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`use FireflyIII\Http\Middleware\EncryptCookies;`
Basic user admin. 2016-04-03 00:07:17 -05:00			`use FireflyIII\Http\Middleware\IsAdmin;`
New middle ware for user activation. 2016-03-29 04:55:49 -05:00			`use FireflyIII\Http\Middleware\IsConfirmed;`
			`use FireflyIII\Http\Middleware\IsNotConfirmed;`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`use FireflyIII\Http\Middleware\Range;`
			`use FireflyIII\Http\Middleware\RedirectIfAuthenticated;`
Make sure the two factor auth pages are not accessible when already authenticated using two factor. 2016-03-19 10:29:01 -05:00			`use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`use FireflyIII\Http\Middleware\VerifyCsrfToken;`
			`use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;`
			`use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00			`use Illuminate\Foundation\Http\Kernel as HttpKernel;`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;`
			`use Illuminate\Routing\Middleware\ThrottleRequests;`
			`use Illuminate\Session\Middleware\StartSession;`
			`use Illuminate\View\Middleware\ShareErrorsFromSession;`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`/**`
			`* Class Kernel`
			`*`
			`* @package FireflyIII\Http`
			`*/`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`class Kernel extends HttpKernel`
			`{`
			`/**`
			`* The application's global HTTP middleware stack.`
			`*`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`* These middleware are run during every request to your application.`
			`*`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`* @var array`
			`*/`
			`protected $middleware`
			`= [`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`CheckForMaintenanceMode::class,`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`];`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`/**`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`* The application's route middleware groups.`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`*`
			`* @var array`
			`*/`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`protected $middlewareGroups`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`= [`
Update 2FA and account activation 2016-03-29 05:14:01 -05:00			`// does not check login`
			`// does not check 2fa`
			`// does not check activation`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'web' => [`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`],`
New middleware. 2016-03-29 05:23:10 -05:00			`// MUST NOT be logged in. Does not care about 2FA or confirmation.`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'user-not-logged-in' => [`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
New middleware. 2016-03-29 05:23:10 -05:00			`RedirectIfAuthenticated::class,`
Fixed some date range problems. 2016-01-09 00:46:11 -06:00			`],`
New middleware. 2016-03-29 05:23:10 -05:00
			`// MUST be logged in.`
			`// MUST NOT have 2FA`
			`// don't care about confirmation:`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'user-logged-in-no-2fa' => [`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
Make sure the two factor auth pages are not accessible when already authenticated using two factor. 2016-03-19 10:29:01 -05:00			`RedirectIfTwoFactorAuthenticated::class,`
These are some new middleware groups required to call the two factor auth routines at the right moments. 2016-03-19 10:22:20 -05:00			`],`
New middleware. 2016-03-29 05:23:10 -05:00			`// MUST be logged in`
			`// MUST have 2FA`
			`// MUST NOT have confirmation.`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'user-logged-in-2fa-no-activation' => [`
Update 2FA and account activation 2016-03-29 05:14:01 -05:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
New middleware. 2016-03-29 05:23:10 -05:00			`AuthenticateTwoFactor::class,`
			`IsNotConfirmed::class,`
Update 2FA and account activation 2016-03-29 05:14:01 -05:00			`],`
Updated the routes. 2016-03-29 06:45:18 -05:00
			`// MUST be logged in`
			`// don't care about 2fa`
			`// don't care about confirmation.`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'user-simple-auth' => [`
Updated the routes. 2016-03-29 06:45:18 -05:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
			`],`

New middleware. 2016-03-29 05:23:10 -05:00			`// MUST be logged in`
			`// MUST have 2fa`
			`// MUST be confirmed.`
			`// (this group includes the other Firefly middleware)`
Some code cleanup. 2016-03-29 09:16:14 -05:00			`'user-full-auth' => [`
These are some new middleware groups required to call the two factor auth routines at the right moments. 2016-03-19 10:22:20 -05:00			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
			`AuthenticateTwoFactor::class,`
New middle ware for user activation. 2016-03-29 04:55:49 -05:00			`IsConfirmed::class,`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`Range::class,`
New middleware. 2016-01-09 08:39:02 -06:00			`Binder::class,`
Fixed some date range problems. 2016-01-09 00:46:11 -06:00			`],`
Basic user admin. 2016-04-03 00:07:17 -05:00			`// MUST be logged in`
			`// MUST have 2fa`
			`// MUST be confirmed.`
			`// MUST have owner role`
			`// (this group includes the other Firefly middleware)`
			`'admin' => [`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartSession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
			`AuthenticateTwoFactor::class,`
			`IsConfirmed::class,`
			`IsAdmin::class,`
			`Range::class,`
			`Binder::class,`

			`],`
Some new tests. 2015-03-28 00:19:09 -05:00
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`'api' => [`
			`'throttle:60,1',`
			`],`
All kinds of new stuff. 2015-02-06 12:33:31 -06:00			`];`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`/**`
			`* The application's route middleware.`
			`*`
			`* These middleware may be assigned to groups or used individually.`
			`*`
			`* @var array`
			`*/`
			`protected $routeMiddleware`
			`= [`
Did some code cleanup. Comments and headers mostly. 2016-01-09 01:20:55 -06:00			`'auth' => Authenticate::class,`
			`'auth.basic' => AuthenticateWithBasicAuth::class,`
			`'guest' => RedirectIfAuthenticated::class,`
			`'throttle' => ThrottleRequests::class,`
			`'range' => Range::class,`
Update http related classes after upgrade to Laravel 5.2 2016-01-08 09:01:21 -06:00			`];`
Fresh L5 installation. 2015-02-05 21:39:52 -06:00			`}`