IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix #7618

Browse Source
This commit is contained in:
James Cole 2023-06-10 16:21:01 +02:00
parent 14f8695599
commit f32283d2f1
No known key found for this signature in database
GPG Key ID: B49A324B7EAD6D80
3 changed files with 28 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
app/Http/Controllers/ProfileController.php
View File

@ -70,7 +70,6 @@ class ProfileController extends Controller
use CreateStuff; use CreateStuff;
protected bool $internalAuth; protected bool $internalAuth;
protected bool $internalIdentity;
/** /**
* ProfileController constructor. * ProfileController constructor.
@ -89,10 +88,8 @@ class ProfileController extends Controller
return $next($request); return $next($request);
} }
); );
$loginProvider = config('firefly.login_provider'); $authGuard = config('firefly.authentication_guard');
$authGuard = config('firefly.authentication_guard'); $this->internalAuth = 'web' === $authGuard;
$this->internalAuth = 'web' === $authGuard;
$this->internalIdentity = 'eloquent' === $loginProvider;
Log::debug(sprintf('ProfileController::__construct(). Login provider is "%s", authentication guard is "%s"', $loginProvider, $authGuard)); Log::debug(sprintf('ProfileController::__construct(). Login provider is "%s", authentication guard is "%s"', $loginProvider, $authGuard));
$this->middleware(IsDemoUser::class)->except(['index']); $this->middleware(IsDemoUser::class)->except(['index']);
@ -107,7 +104,7 @@ class ProfileController extends Controller
*/ */
public function changeEmail(Request $request): Factory|RedirectResponse|View public function changeEmail(Request $request): Factory|RedirectResponse|View
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -130,7 +127,7 @@ class ProfileController extends Controller
*/ */
public function changePassword(Request $request) public function changePassword(Request $request)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -157,7 +154,7 @@ class ProfileController extends Controller
*/ */
public function code(Request $request): Factory|View|RedirectResponse public function code(Request $request): Factory|View|RedirectResponse
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -213,7 +210,7 @@ class ProfileController extends Controller
*/ */
public function confirmEmailChange(UserRepositoryInterface $repository, string $token): RedirectResponse|Redirector public function confirmEmailChange(UserRepositoryInterface $repository, string $token): RedirectResponse|Redirector
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
throw new FireflyException(trans('firefly.external_user_mgt_disabled')); throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
} }
// find preference with this token value. // find preference with this token value.
@ -247,7 +244,7 @@ class ProfileController extends Controller
*/ */
public function deleteAccount(Request $request): View|RedirectResponse public function deleteAccount(Request $request): View|RedirectResponse
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -265,7 +262,7 @@ class ProfileController extends Controller
*/ */
public function deleteCode(Request $request): RedirectResponse|Redirector public function deleteCode(Request $request): RedirectResponse|Redirector
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -293,7 +290,7 @@ class ProfileController extends Controller
*/ */
public function enable2FA(Request $request): RedirectResponse|Redirector public function enable2FA(Request $request): RedirectResponse|Redirector
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -326,14 +323,13 @@ class ProfileController extends Controller
public function index(): Factory|View public function index(): Factory|View
{ {
/** @var User $user */ /** @var User $user */
$user = auth()->user(); $user = auth()->user();
$isInternalAuth = $this->internalAuth; $isInternalAuth = $this->internalAuth;
$isInternalIdentity = $this->internalIdentity; $count = DB::table('oauth_clients')->where('personal_access_client', true)->whereNull('user_id')->count();
$count = DB::table('oauth_clients')->where('personal_access_client', true)->whereNull('user_id')->count(); $subTitle = $user->email;
$subTitle = $user->email; $userId = $user->id;
$userId = $user->id; $enabled2FA = null !== $user->mfa_secret;
$enabled2FA = null !== $user->mfa_secret; $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
$mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data);
$this->createOAuthKeys(); $this->createOAuthKeys();
if (0 === $count) { if (0 === $count) {
@ -350,7 +346,7 @@ class ProfileController extends Controller
return view( return view(
'profile.index', 'profile.index',
compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth', 'isInternalIdentity') compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth')
); );
} }
@ -376,7 +372,7 @@ class ProfileController extends Controller
*/ */
public function newBackupCodes(Request $request): Factory|View|RedirectResponse public function newBackupCodes(Request $request): Factory|View|RedirectResponse
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -407,7 +403,7 @@ class ProfileController extends Controller
*/ */
public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository): Factory|RedirectResponse|Redirector public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository): Factory|RedirectResponse|Redirector
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -456,7 +452,7 @@ class ProfileController extends Controller
*/ */
public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository) public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -493,7 +489,7 @@ class ProfileController extends Controller
*/ */
public function postCode(TokenFormRequest $request) public function postCode(TokenFormRequest $request)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -541,7 +537,7 @@ class ProfileController extends Controller
*/ */
public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request) public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -601,7 +597,7 @@ class ProfileController extends Controller
*/ */
public function regenerate(Request $request) public function regenerate(Request $request)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@ -629,7 +625,7 @@ class ProfileController extends Controller
*/ */
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash) public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
{ {
if (!$this->internalAuth || !$this->internalIdentity) { if (!$this->internalAuth) {
throw new FireflyException(trans('firefly.external_user_mgt_disabled')); throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
} }

1
config/firefly.php
View File

@ -137,7 +137,6 @@ return [
'tracker_url' => env('TRACKER_URL', ''), 'tracker_url' => env('TRACKER_URL', ''),
// authentication settings // authentication settings
'login_provider' => envNonEmpty('LOGIN_PROVIDER', 'eloquent'),
'authentication_guard' => envNonEmpty('AUTHENTICATION_GUARD', 'web'), 'authentication_guard' => envNonEmpty('AUTHENTICATION_GUARD', 'web'),
'custom_logout_url' => envNonEmpty('CUSTOM_LOGOUT_URL', ''), 'custom_logout_url' => envNonEmpty('CUSTOM_LOGOUT_URL', ''),

8
resources/views/profile/index.twig
View File

@ -22,7 +22,7 @@
<li role="presentation"> <li role="presentation">
<a href="#oauth" aria-controls="messages" role="tab" data-toggle="tab">{{ 'oauth'|_ }}</a> <a href="#oauth" aria-controls="messages" role="tab" data-toggle="tab">{{ 'oauth'|_ }}</a>
</li> </li>
{% if true == isInternalAuth and true == isInternalIdentity %} {% if true == isInternalAuth %}
<li role="presentation"> <li role="presentation">
<a href="#mfa" aria-controls="settings" role="tab" <a href="#mfa" aria-controls="settings" role="tab"
data-toggle="tab">{{ 'pref_two_factor_auth'|_ }}</a> data-toggle="tab">{{ 'pref_two_factor_auth'|_ }}</a>
@ -45,7 +45,7 @@
<div class="row"> <div class="row">
<div class="col-lg-6"> <div class="col-lg-6">
<ul> <ul>
{% if true == isInternalAuth and true == isInternalIdentity %} {% if true == isInternalAuth %}
<li> <li>
<a href="{{ route('profile.change-email') }}">{{ 'change_your_email'|_ }}</a> <a href="{{ route('profile.change-email') }}">{{ 'change_your_email'|_ }}</a>
</li> </li>
@ -57,7 +57,7 @@
<li><a href="{{ route('logout') }}" class="logout-link">{{ 'logout'|_ }}</a> <li><a href="{{ route('logout') }}" class="logout-link">{{ 'logout'|_ }}</a>
</li> </li>
{% if true == isInternalAuth and true == isInternalIdentity %} {% if true == isInternalAuth %}
<li> <li>
<a href="{{ route('profile.logout-others') }}">{{ 'logout_other_sessions'|_ }}</a> <a href="{{ route('profile.logout-others') }}">{{ 'logout_other_sessions'|_ }}</a>
</li> </li>
@ -103,7 +103,7 @@
<div id="passport_clients"></div> <div id="passport_clients"></div>
</div> </div>
{% if true == isInternalAuth and true == isInternalIdentity %} {% if true == isInternalAuth %}
<!-- MFA --> <!-- MFA -->
<div role="tabpanel" class="tab-pane" id="mfa"> <div role="tabpanel" class="tab-pane" id="mfa">
<div class="box box-default"> <div class="box box-default">