Remove a lot of stuff that deals with user activation.

This commit is contained in:
James Cole 2016-12-28 17:07:44 +01:00
parent 98d4bc48b6
commit f44336f7aa
No known key found for this signature in database
GPG Key ID: C16961E655E74B5E
18 changed files with 10 additions and 511 deletions

View File

@ -1,42 +0,0 @@
<?php
/**
* ConfirmedUser.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use FireflyIII\User;
use Illuminate\Queue\SerializesModels;
/**
* Class ConfirmedUser
*
* @package FireflyIII\Events
*/
class ConfirmedUser extends Event
{
use SerializesModels;
public $ipAddress;
public $user;
/**
* Create a new event instance. This event is triggered when a user confirms their new account.
*
* @param User $user
* @param string $ipAddress
*/
public function __construct(User $user, string $ipAddress)
{
$this->user = $user;
$this->ipAddress = $ipAddress;
}
}

View File

@ -1,42 +0,0 @@
<?php
/**
* ResentConfirmation.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use FireflyIII\User;
use Illuminate\Queue\SerializesModels;
/**
* Class ResentConfirmation
*
* @package FireflyIII\Events
*/
class ResentConfirmation extends Event
{
use SerializesModels;
public $ipAddress;
public $user;
/**
* Create a new event instance. This event is triggered when a users wants a new confirmation.
*
* @param User $user
* @param string $ipAddress
*/
public function __construct(User $user, string $ipAddress)
{
$this->user = $user;
$this->ipAddress = $ipAddress;
}
}

View File

@ -15,9 +15,7 @@ namespace FireflyIII\Handlers\Events;
use FireflyIII\Events\RegisteredUser;
use FireflyIII\Events\RequestedNewPassword;
use FireflyIII\Events\ResentConfirmation;
use FireflyIII\Repositories\User\UserRepositoryInterface;
use FireflyIII\Support\Events\SendUserMail;
use Illuminate\Mail\Message;
use Log;
use Mail;
@ -70,37 +68,6 @@ class UserEventHandler
return true;
}
/**
* This method will send a newly registered user a confirmation message, urging him or her to activate their account.
*
* @param RegisteredUser $event
*
* @return bool
*/
public function sendConfirmationMessage(RegisteredUser $event): bool
{
$sender = new SendUserMail;
return $sender->sendConfirmation($event->user, $event->ipAddress);
}
/**
* If the user has somehow lost his or her confirmation message, this event will send it to the user again.
*
* At the moment, this method is exactly the same as the ::sendConfirmationMessage method, but that will change.
*
* @param ResentConfirmation $event
*
* @return bool
*/
function sendConfirmationMessageAgain(ResentConfirmation $event): bool
{
$sender = new SendUserMail;
return $sender->sendConfirmation($event->user, $event->ipAddress);
}
/**
* @param RequestedNewPassword $event
*

View File

@ -14,7 +14,6 @@ declare(strict_types = 1);
namespace FireflyIII\Http\Controllers\Admin;
use FireflyConfig;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Http\Requests\UserFormRequest;
use FireflyIII\Repositories\User\UserRepositoryInterface;
@ -81,15 +80,15 @@ class UserController extends Controller
*/
public function index(UserRepositoryInterface $repository)
{
$subTitle = strval(trans('firefly.user_administration'));
$subTitleIcon = 'fa-users';
$users = $repository->all();
$subTitle = strval(trans('firefly.user_administration'));
$subTitleIcon = 'fa-users';
$users = $repository->all();
// add meta stuff.
$users->each(
function (User $user) {
$list = ['twoFactorAuthEnabled', 'twoFactorAuthSecret'];
$preferences = Preferences::getArrayForUser($user, $list);
$list = ['twoFactorAuthEnabled', 'twoFactorAuthSecret'];
$preferences = Preferences::getArrayForUser($user, $list);
$user->isAdmin = $user->hasRole('owner');
$is2faEnabled = $preferences['twoFactorAuthEnabled'] === true;
$has2faSecret = !is_null($preferences['twoFactorAuthSecret']);
@ -115,37 +114,12 @@ class UserController extends Controller
$mainTitleIcon = 'fa-hand-spock-o';
$subTitle = strval(trans('firefly.single_user_administration', ['email' => $user->email]));
$subTitleIcon = 'fa-user';
// get IP info:
$defaultIp = '0.0.0.0';
$regPref = Preferences::getForUser($user, 'registration_ip_address');
$registration = $defaultIp;
$conPref = Preferences::getForUser($user, 'confirmation_ip_address');
$confirmation = $defaultIp;
if (!is_null($regPref)) {
$registration = $regPref->data;
}
if (!is_null($conPref)) {
$confirmation = $conPref->data;
}
$registrationHost = '';
$confirmationHost = '';
if ($registration != $defaultIp) {
$registrationHost = gethostbyaddr($registration);
}
if ($confirmation != $defaultIp) {
$confirmationHost = gethostbyaddr($confirmation);
}
$information = $repository->getUserData($user);
$information = $repository->getUserData($user);
return view(
'admin.users.show',
compact(
'title', 'mainTitleIcon', 'subTitle', 'subTitleIcon', 'information',
'user', 'registration', 'confirmation', 'registrationHost', 'confirmationHost'
'title', 'mainTitleIcon', 'subTitle', 'subTitleIcon', 'information', 'user'
)
);
}

View File

@ -1,90 +0,0 @@
<?php
/**
* ConfirmationController.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Http\Controllers\Auth;
use FireflyIII\Events\ConfirmedUser;
use FireflyIII\Events\ResentConfirmation;
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Preferences;
use Session;
/**
* Class ConfirmationController
*
* @package FireflyIII\Http\Controllers\Auth
*/
class ConfirmationController extends Controller
{
/**
* @return mixed
*/
public function confirmationError()
{
return view('auth.confirmation.error');
}
/**
* @param Request $request
* @param string $code
*
* @return mixed
* @throws FireflyException
*/
public function doConfirmation(Request $request, string $code)
{
// check user_confirmed_last_mail
$database = Preferences::get('user_confirmed_code')->data;
$time = Preferences::get('user_confirmed_last_mail', 0)->data;
$now = time();
$maxDiff = config('firefly.confirmation_age');
if ($database === $code && ($now - $time <= $maxDiff)) {
// trigger user registration event:
event(new ConfirmedUser(auth()->user(), $request->ip()));
Preferences::setForUser(auth()->user(), 'user_confirmed', true);
Preferences::setForUser(auth()->user(), 'user_confirmed_confirmed', time());
Session::flash('success', strval(trans('firefly.account_is_confirmed')));
return redirect(route('home'));
}
throw new FireflyException(trans('firefly.invalid_activation_code'));
}
/**
* @param Request $request
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function resendConfirmation(Request $request)
{
$time = Preferences::get('user_confirmed_last_mail', 0)->data;
$now = time();
$maxDiff = config('firefly.resend_confirmation');
$owner = env('SITE_OWNER', 'mail@example.com');
$view = 'auth.confirmation.no-resent';
if ($now - $time > $maxDiff) {
event(new ResentConfirmation(auth()->user(), $request->ip()));
$view = 'auth.confirmation.resent';
}
return view($view, ['owner' => $owner]);
}
}

View File

@ -98,9 +98,6 @@ class RegisterController extends Controller
$user = $this->create($request->all());
// trigger user registration event:
// automatically activate user:
Preferences::setForUser($user, 'user_confirmed', true);
Preferences::setForUser($user, 'user_confirmed_last_mail', 0);
event(new RegisteredUser($user, $request->ip()));
Auth::login($user);
@ -125,9 +122,6 @@ class RegisterController extends Controller
// is demo site?
$isDemoSite = FireflyConfig::get('is_demo_site', Config::get('firefly.configuration.is_demo_site'))->data;
// activate account?
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', Config::get('firefly.configuration.must_confirm_account'))->data;
// is allowed to?
$singleUserMode = FireflyConfig::get('single_user_mode', Config::get('firefly.configuration.single_user_mode'))->data;
$userCount = User::count();
@ -139,7 +133,7 @@ class RegisterController extends Controller
$email = $request->old('email');
return view('auth.register', compact('isDemoSite', 'email', 'mustConfirmAccount'));
return view('auth.register', compact('isDemoSite', 'email'));
}
/**

View File

@ -175,9 +175,6 @@ class HomeController extends Controller
'logout',
'two-fac',
'lost-two',
'confirm',
'resend',
'do_confirm',
// test troutes
'test-flash',
'all-routes',

View File

@ -17,8 +17,6 @@ use FireflyIII\Http\Middleware\AuthenticateTwoFactor;
use FireflyIII\Http\Middleware\Binder;
use FireflyIII\Http\Middleware\EncryptCookies;
use FireflyIII\Http\Middleware\IsAdmin;
use FireflyIII\Http\Middleware\IsConfirmed;
use FireflyIII\Http\Middleware\IsNotConfirmed;
use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
@ -124,7 +122,6 @@ class Kernel extends HttpKernel
SubstituteBindings::class,
Authenticate::class,
AuthenticateTwoFactor::class,
IsNotConfirmed::class,
],
// MUST be logged in
@ -153,7 +150,6 @@ class Kernel extends HttpKernel
SubstituteBindings::class,
Authenticate::class,
AuthenticateTwoFactor::class,
IsConfirmed::class,
Range::class,
Binder::class,
],
@ -171,11 +167,9 @@ class Kernel extends HttpKernel
SubstituteBindings::class,
Authenticate::class,
AuthenticateTwoFactor::class,
IsConfirmed::class,
IsAdmin::class,
Range::class,
Binder::class,
],

View File

@ -26,8 +26,7 @@ use Illuminate\Support\Facades\Auth;
class IsAdmin
{
/**
* Handle an incoming request. User account must be confirmed for this routine to let
* the user pass.
* Handle an incoming request. Must be admin.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next

View File

@ -1,67 +0,0 @@
<?php
/**
* IsConfirmed.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Http\Middleware;
use Closure;
use FireflyConfig;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Preferences;
/**
* Class IsConfirmed
*
* @package FireflyIII\Http\Middleware
*/
class IsConfirmed
{
/**
* Handle an incoming request. User account must be confirmed for this routine to let
* the user pass.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
*
* @return mixed
*/
public function handle(Request $request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
}
return redirect()->guest('login');
}
// must the user be confirmed in the first place?
$confirmPreference = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'));
$mustConfirmAccount = false;
if (!is_null($confirmPreference)) {
$mustConfirmAccount = $confirmPreference->data;
}
// user must be logged in, then continue:
$isConfirmed = Preferences::get('user_confirmed', false)->data;
if ($isConfirmed === false && $mustConfirmAccount === true) {
// user account is not confirmed, redirect to
// confirmation page:
return redirect(route('confirmation_error'));
}
return $next($request);
}
}

View File

@ -1,64 +0,0 @@
<?php
/**
* IsNotConfirmed.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Http\Middleware;
use Closure;
use FireflyConfig;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Log;
use Preferences;
/**
* Class IsNotConfirmed
*
* @package FireflyIII\Http\Middleware
*/
class IsNotConfirmed
{
/**
* Handle an incoming request. User account must be confirmed for this routine to let
* the user pass.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
*
* @return mixed
*/
public function handle(Request $request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
}
return redirect()->guest('login');
}
// must the user be confirmed in the first place?
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
Log::debug(sprintf('mustConfirmAccount is %s', $mustConfirmAccount));
// user must be logged in, then continue:
$isConfirmed = Preferences::get('user_confirmed', false)->data;
Log::debug(sprintf('isConfirmed is %s', $isConfirmed));
if ($isConfirmed || $mustConfirmAccount === false) {
Log::debug('User is confirmed or user does not have to confirm account. Redirect home.');
// user account is confirmed, simply send them home.
return redirect(route('home'));
}
return $next($request);
}
}

View File

@ -45,10 +45,6 @@ class EventServiceProvider extends ServiceProvider
'FireflyIII\Events\RequestedNewPassword' => [ // is a User related event.
'FireflyIII\Handlers\Events\UserEventHandler@sendNewPassword',
],
'FireflyIII\Events\ResentConfirmation' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@sendConfirmationMessageAgain',
],
'FireflyIII\Events\StoredBudgetLimit' => // is a Budget related event.
[
'FireflyIII\Handlers\Events\BudgetEventHandler@storeRepetition',

View File

@ -108,14 +108,6 @@ class UserRepository implements UserRepositoryInterface
$return['has_2fa'] = true;
}
// is user activated?
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
$isConfirmed = Preferences::getForUser($user, 'user_confirmed', false)->data;
$return['is_activated'] = true;
if ($isConfirmed === false && $mustConfirmAccount === true) {
$return['is_activated'] = false;
}
$return['is_admin'] = $user->hasRole('owner');
$return['blocked'] = intval($user->blocked) === 1;
$return['blocked_code'] = $user->blocked_code;

View File

@ -1,62 +0,0 @@
<?php
/**
* SendUserMail.php
* Copyright (c) 2016 thegrumpydictator@gmail.com
* This software may be modified and distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Support\Events;
use Exception;
use FireflyConfig;
use FireflyIII\User;
use Illuminate\Mail\Message;
use Log;
use Mail;
use Preferences;
use Swift_TransportException;
class SendUserMail
{
/**
* @param User $user
* @param string $ipAddress
*
* @return bool
*/
public function sendConfirmation(User $user, string $ipAddress): bool
{
$mustConfirmAccount = FireflyConfig::get('must_confirm_account', config('firefly.configuration.must_confirm_account'))->data;
if ($mustConfirmAccount === false) {
Preferences::setForUser($user, 'user_confirmed', true);
Preferences::setForUser($user, 'user_confirmed_last_mail', 0);
Preferences::mark();
return true;
}
$email = $user->email;
$code = str_random(16);
$route = route('do_confirm_account', [$code]);
Preferences::setForUser($user, 'user_confirmed', false);
Preferences::setForUser($user, 'user_confirmed_last_mail', time());
Preferences::setForUser($user, 'user_confirmed_code', $code);
try {
Mail::send(
['emails.confirm-account-html', 'emails.confirm-account-text'], ['route' => $route, 'ip' => $ipAddress],
function (Message $message) use ($email) {
$message->to($email, $email)->subject('Please confirm your Firefly III account');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
} catch (Exception $e) {
Log::error($e->getMessage());
}
return true;
}
}

View File

@ -24,20 +24,6 @@
</div>
</div>
</div>
{# need to activate account #}
<div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">
<div class="box box-default">
<div class="box-header with-border">
<h3 class="box-title">{{ 'setting_must_confirm_account'|_ }}</h3>
</div>
<div class="box-body">
<p class="text-info">
{{ 'setting_must_confirm_account_explain'|_ }}
</p>
{{ ExpandedForm.checkbox('must_confirm_account','1', mustConfirmAccount) }}
</div>
</div>
</div>
{# installation is demo site #}
<div class="col-lg-4 col-md-6 col-sm-12 col-xs-12">

View File

@ -28,14 +28,6 @@
{{ user.created_at.formatLocalized(monthAndDayFormat) }}
{{ user.created_at.format('H:i') }}</td>
</tr>
<tr>
<td>{{ trans('list.registered_from') }}</td>
<td>{{ registration }} ({{ registrationHost }})</td>
</tr>
<tr>
<td>{{ trans('list.confirmed_from') }}</td>
<td>{{ confirmation }} ({{ confirmationHost }})</td>
</tr>
<tr>
<td>{{ trans('list.is_admin') }}</td>
<td>
@ -56,16 +48,6 @@
{% endif %}
</td>
</tr>
<tr>
<td>{{ trans('list.is_activated') }}</td>
<td>
{% if information.is_activated %}
<small class="text-success"><i class="fa fa-fw fa-check"></i></small> Yes
{% else %}
<small class="text-danger"><i class="fa fa-fw fa-times"></i></small> No
{% endif %}
</td>
</tr>
<tr>
<td>{{ trans('list.is_blocked') }}</td>
<td>

View File

@ -27,10 +27,6 @@
<div class="form-group has-feedback">
<input type="email" name="email" value="{{ email }}" class="form-control" placeholder="Email"/>
{% if mustConfirmAccount %}
<p class="help-block">
You must activate your account. If your email address is incorrect, your account will not work.</p>
{% endif %}
</div>
<div class="form-group has-feedback">
<input type="password" class="form-control" placeholder="Password" name="password"/>

View File

@ -49,6 +49,7 @@ Route::group(
/**
* For the two factor routes, the user must be logged in, but NOT 2FA. Account confirmation does not matter here.
* @deprecated
*/
Route::group(
['middleware' => 'user-logged-in-no-2fa', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'Auth'], function () {
@ -59,18 +60,6 @@ Route::group(
}
);
/**
* For the confirmation routes, the user must be logged in, also 2FA, but his account must not be confirmed.
*/
Route::group(
['middleware' => 'user-logged-in-2fa-no-activation', 'namespace' => 'Auth'], function () {
Route::get('/confirm-your-account', ['uses' => 'ConfirmationController@confirmationError', 'as' => 'confirmation_error']);
Route::get('/resend-confirmation', ['uses' => 'ConfirmationController@resendConfirmation', 'as' => 'resend_confirmation']);
Route::get('/confirmation/{code}', ['uses' => 'ConfirmationController@doConfirmation', 'as' => 'do_confirm_account']);
}
);
/**
* For all other routes, the user must be fully authenticated and have an activated account.
*/