diff --git a/app/Http/Controllers/Auth/ConfirmPasswordController.php b/app/Http/Controllers/Auth/ConfirmPasswordController.php new file mode 100644 index 0000000000..eae22bd852 --- /dev/null +++ b/app/Http/Controllers/Auth/ConfirmPasswordController.php @@ -0,0 +1,44 @@ +middleware('auth'); + } +} diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 6219a4398e..3ac3c77403 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -1,7 +1,7 @@ middleware('guest')->except('logout'); } + /** - * Log in a user. + * Handle a login request to the application. * - * @param Request $request + * @param \Illuminate\Http\Request $request + * + * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse * - * @return \Illuminate\Http\Response|\Symfony\Component\HttpFoundation\Response|void * @throws \Illuminate\Validation\ValidationException */ public function login(Request $request) @@ -80,6 +86,7 @@ class LoginController extends Controller /** @var Adldap\Connections\Provider $provider */ Adldap::getProvider('default')->setSchema(new $schema); } + $this->validateLogin($request); /** Copied directly from AuthenticatesUsers, but with logging added: */ @@ -114,9 +121,7 @@ class LoginController extends Controller /** * Show the application's login form. * - * @param Request $request - * - * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View + * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\Response|\Illuminate\View\View */ public function showLoginForm(Request $request) { @@ -146,4 +151,26 @@ class LoginController extends Controller return view('auth.login', compact('allowRegistration', 'email', 'remember', 'allowReset', 'title')); } + + /** + * Get the failed login response instance. + * + * @param \Illuminate\Http\Request $request + * + * @return \Symfony\Component\HttpFoundation\Response + * + * @throws ValidationException + */ + protected function sendFailedLoginResponse(Request $request) + { + $exception = ValidationException::withMessages( + [ + $this->username() => [trans('auth.failed')], + ] + ); + $exception->redirectTo = route('login'); + + throw $exception; + } + } diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index fb9061802f..09490e9833 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -23,6 +23,7 @@ declare(strict_types=1); namespace FireflyIII\Http\Controllers\Auth; +use FireflyIII\Events\RegisteredUser; use FireflyIII\Http\Controllers\Controller; use FireflyIII\Support\Http\Controllers\CreateStuff; use FireflyIII\Support\Http\Controllers\RequestInformation; @@ -30,6 +31,7 @@ use FireflyIII\User; use Illuminate\Auth\Events\Registered; use Illuminate\Foundation\Auth\RegistersUsers; use Illuminate\Http\Request; +use Log; /** * Class RegisterController @@ -88,10 +90,10 @@ class RegisterController extends Controller return view('error', compact('message')); } - /** @noinspection PhpUndefinedMethodInspection */ $this->validator($request->all())->validate(); - - event(new Registered($user = $this->createUser($request->all()))); + $user = $this->createUser($request->all()); + Log::info(sprintf('Registered new user %s', $user->email)); + event(new RegisteredUser($user, $request->ip())); $this->guard()->login($user); diff --git a/app/Http/Controllers/Auth/TwoFactorController.php b/app/Http/Controllers/Auth/TwoFactorController.php index 294496bc2b..9b97d403b3 100644 --- a/app/Http/Controllers/Auth/TwoFactorController.php +++ b/app/Http/Controllers/Auth/TwoFactorController.php @@ -22,11 +22,8 @@ declare(strict_types=1); namespace FireflyIII\Http\Controllers\Auth; -use FireflyIII\Exceptions\FireflyException; use FireflyIII\Http\Controllers\Controller; -use FireflyIII\Http\Requests\TokenFormRequest; use FireflyIII\User; -use Illuminate\Cookie\CookieJar; use Illuminate\Http\Request; use Log; use PragmaRX\Google2FALaravel\Support\Authenticator; diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 06403a4b31..fd854da8d0 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -29,12 +29,14 @@ use URL; /** * @codeCoverageIgnore - * Class AppServiceProvider. + * Class AppServiceProvider */ class AppServiceProvider extends ServiceProvider { /** * Bootstrap any application services. + * + * @return void */ public function boot(): void { @@ -46,6 +48,8 @@ class AppServiceProvider extends ServiceProvider /** * Register any application services. + * + * @return void */ public function register(): void { diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index ac632892c4..5881ee4a74 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -38,16 +38,21 @@ class AuthServiceProvider extends ServiceProvider */ protected $policies = [ - 'FireflyIII\Model' => 'FireflyIII\Policies\ModelPolicy', + // 'FireflyIII\Model' => 'FireflyIII\Policies\ModelPolicy', ]; /** * Register any authentication / authorization services. + * + * @return void */ public function boot(): void { $this->registerPolicies(); Passport::routes(); Passport::tokensExpireIn(now()->addDays(14)); + + + // } } diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php index 7fb107201e..4c4d6446a6 100644 --- a/app/Providers/EventServiceProvider.php +++ b/app/Providers/EventServiceProvider.php @@ -31,6 +31,7 @@ use FireflyIII\Events\RequestedVersionCheckStatus; use FireflyIII\Events\StoredTransactionGroup; use FireflyIII\Events\UpdatedTransactionGroup; use FireflyIII\Events\UserChangedEmail; +use FireflyIII\Handlers\Events\SendEmailVerificationNotification; use FireflyIII\Mail\OAuthTokenCreatedMail; use FireflyIII\Models\PiggyBank; use FireflyIII\Models\PiggyBankRepetition; @@ -66,7 +67,6 @@ class EventServiceProvider extends ServiceProvider Login::class => [ 'FireflyIII\Handlers\Events\UserEventHandler@checkSingleUserIsAdmin', 'FireflyIII\Handlers\Events\UserEventHandler@demoUserBackToEnglish', - ], RequestedVersionCheckStatus::class => [ 'FireflyIII\Handlers\Events\VersionCheckEventHandler@checkForUpdates', diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php index 9a7494ac18..d6fbb036f2 100644 --- a/app/Providers/RouteServiceProvider.php +++ b/app/Providers/RouteServiceProvider.php @@ -31,6 +31,14 @@ use Illuminate\Support\Facades\Route; */ class RouteServiceProvider extends ServiceProvider { + /** + * The path to the "home" route for your application. + * + * @var string + */ + public const HOME = '/'; + + /** * This namespace is applied to your controller routes. * diff --git a/config/debugbar.php b/config/debugbar.php new file mode 100644 index 0000000000..96b78aed59 --- /dev/null +++ b/config/debugbar.php @@ -0,0 +1,202 @@ + env('DEBUGBAR_ENABLED', null), + 'except' => [ + 'telescope*' + ], + + /* + |-------------------------------------------------------------------------- + | Storage settings + |-------------------------------------------------------------------------- + | + | DebugBar stores data for session/ajax requests. + | You can disable this, so the debugbar stores data in headers/session, + | but this can cause problems with large data collectors. + | By default, file storage (in the storage folder) is used. Redis and PDO + | can also be used. For PDO, run the package migrations first. + | + */ + 'storage' => [ + 'enabled' => true, + 'driver' => 'file', // redis, file, pdo, custom + 'path' => storage_path('debugbar'), // For file driver + 'connection' => null, // Leave null for default connection (Redis/PDO) + 'provider' => '' // Instance of StorageInterface for custom driver + ], + + /* + |-------------------------------------------------------------------------- + | Vendors + |-------------------------------------------------------------------------- + | + | Vendor files are included by default, but can be set to false. + | This can also be set to 'js' or 'css', to only include javascript or css vendor files. + | Vendor files are for css: font-awesome (including fonts) and highlight.js (css files) + | and for js: jquery and and highlight.js + | So if you want syntax highlighting, set it to true. + | jQuery is set to not conflict with existing jQuery scripts. + | + */ + + 'include_vendors' => true, + + /* + |-------------------------------------------------------------------------- + | Capture Ajax Requests + |-------------------------------------------------------------------------- + | + | The Debugbar can capture Ajax requests and display them. If you don't want this (ie. because of errors), + | you can use this option to disable sending the data through the headers. + | + | Optionally, you can also send ServerTiming headers on ajax requests for the Chrome DevTools. + */ + + 'capture_ajax' => true, + 'add_ajax_timing' => false, + + /* + |-------------------------------------------------------------------------- + | Custom Error Handler for Deprecated warnings + |-------------------------------------------------------------------------- + | + | When enabled, the Debugbar shows deprecated warnings for Symfony components + | in the Messages tab. + | + */ + 'error_handler' => true, + + /* + |-------------------------------------------------------------------------- + | Clockwork integration + |-------------------------------------------------------------------------- + | + | The Debugbar can emulate the Clockwork headers, so you can use the Chrome + | Extension, without the server-side code. It uses Debugbar collectors instead. + | + */ + 'clockwork' => false, + + /* + |-------------------------------------------------------------------------- + | DataCollectors + |-------------------------------------------------------------------------- + | + | Enable/disable DataCollectors + | + */ + + 'collectors' => [ + 'phpinfo' => true, // Php version + 'messages' => true, // Messages + 'time' => true, // Time Datalogger + 'memory' => true, // Memory usage + 'exceptions' => true, // Exception displayer + 'log' => true, // Logs from Monolog (merged in messages if enabled) + 'db' => true, // Show database (PDO) queries and bindings + 'views' => true, // Views with their data + 'route' => true, // Current route information + 'auth' => true, // Display Laravel authentication status + 'gate' => true, // Display Laravel Gate checks + 'session' => true, // Display session data + 'symfony_request' => true, // Only one can be enabled.. + 'mail' => true, // Catch mail messages + 'laravel' => false, // Laravel version and environment + 'events' => true, // All events fired + 'default_request' => false, // Regular or special Symfony request logger + 'logs' => false, // Add the latest log messages + 'files' => false, // Show the included files + 'config' => false, // Display config settings + 'cache' => true, // Display cache events + 'models' => false, // Display models + ], + + /* + |-------------------------------------------------------------------------- + | Extra options + |-------------------------------------------------------------------------- + | + | Configure some DataCollectors + | + */ + + 'options' => [ + 'auth' => [ + 'show_name' => true, // Also show the users name/email in the debugbar + ], + 'db' => [ + 'with_params' => true, // Render SQL with the parameters substituted + 'backtrace' => true, // Use a backtrace to find the origin of the query in your files. + 'timeline' => false, // Add the queries to the timeline + 'explain' => [ // Show EXPLAIN output on queries + 'enabled' => false, + 'types' => ['SELECT'], // // workaround ['SELECT'] only. https://github.com/barryvdh/laravel-debugbar/issues/888 ['SELECT', 'INSERT', 'UPDATE', 'DELETE']; for MySQL 5.6.3+ + ], + 'hints' => true, // Show hints for common mistakes + ], + 'mail' => [ + 'full_log' => false + ], + 'views' => [ + 'data' => true, //Note: Can slow down the application, because the data can be quite large.. + ], + 'route' => [ + 'label' => true // show complete route on bar + ], + 'logs' => [ + 'file' => null + ], + 'cache' => [ + 'values' => true // collect cache values + ], + ], + + /* + |-------------------------------------------------------------------------- + | Inject Debugbar in Response + |-------------------------------------------------------------------------- + | + | Usually, the debugbar is added just before , by listening to the + | Response after the App is done. If you disable this, you have to add them + | in your template yourself. See http://phpdebugbar.com/docs/rendering.html + | + */ + + 'inject' => true, + + /* + |-------------------------------------------------------------------------- + | DebugBar route prefix + |-------------------------------------------------------------------------- + | + | Sometimes you want to set route prefix to be used by DebugBar to load + | its resources from. Usually the need comes from misconfigured web server or + | from trying to overcome bugs like this: http://trac.nginx.org/nginx/ticket/97 + | + */ + 'route_prefix' => '_debugbar', + + /* + |-------------------------------------------------------------------------- + | DebugBar route domain + |-------------------------------------------------------------------------- + | + | By default DebugBar route served from the same domain that request served. + | To override default domain, specify it as a non-empty value. + */ + 'route_domain' => null, +]; diff --git a/resources/views/v1/auth/login.twig b/resources/views/v1/auth/login.twig index ad0a5feae8..1e01d574b6 100644 --- a/resources/views/v1/auth/login.twig +++ b/resources/views/v1/auth/login.twig @@ -1,6 +1,9 @@ {% extends "./layout/guest" %} - {% block content %} + + {{ dump(errors.all()) }} + + {% if IS_DEMO_SITE %}
diff --git a/routes/web.php b/routes/web.php index 5ff616394b..eaafefb111 100644 --- a/routes/web.php +++ b/routes/web.php @@ -42,8 +42,8 @@ Route::group( ['middleware' => 'user-not-logged-in', 'namespace' => 'FireflyIII\Http\Controllers'], static function () { // Authentication Routes... - Route::get('login', 'Auth\LoginController@showLoginForm')->name('login'); - Route::post('login', 'Auth\LoginController@login'); + Route::get('login',['uses' =>'Auth\LoginController@showLoginForm', 'as' => 'login']); + Route::post('login',['uses' => 'Auth\LoginController@login','as' => 'login.post']); // Registration Routes...