tag/develop-20260127/bootstrap/app.php

<?php
/**
 * app.php
 * Copyright (c) 2019 james@firefly-iii.org.
 *
 * This file is part of Firefly III (https://github.com/firefly-iii).
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

use FireflyIII\Exceptions\Handler;
use FireflyIII\Http\Middleware\AcceptHeaders;
use FireflyIII\Http\Middleware\Authenticate;
use FireflyIII\Http\Middleware\Binder;
use FireflyIII\Http\Middleware\EncryptCookies;
use FireflyIII\Http\Middleware\Installer;
use FireflyIII\Http\Middleware\InterestingMessage;
use FireflyIII\Http\Middleware\IsAdmin;
use FireflyIII\Http\Middleware\Range;
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
use FireflyIII\Http\Middleware\SecureHeaders;
use FireflyIII\Http\Middleware\StartFireflySession;
use FireflyIII\Http\Middleware\TrustProxies;
use FireflyIII\Http\Middleware\VerifyCsrfToken;
use Illuminate\Contracts\Debug\ExceptionHandler;
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
use Illuminate\Foundation\Http\Middleware\InvokeDeferredCallbacks;
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
use Illuminate\Foundation\Http\Middleware\TrimStrings;
use Illuminate\Http\Middleware\HandleCors;
use Illuminate\Http\Middleware\ValidatePostSize;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\View\Middleware\ShareErrorsFromSession;
use Laravel\Passport\Http\Middleware\CreateFreshApiToken;
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
use PragmaRX\Google2FALaravel\Middleware as MFAMiddleware;

/*
|--------------------------------------------------------------------------
| Create The Application
|--------------------------------------------------------------------------
|
| The first thing we will do is create a new Laravel application instance
| which serves as the "glue" for all the components of Laravel, and is
| the IoC container for the system binding all the various parts.
|
*/

bcscale(12);

if (!function_exists('envNonEmpty')) {
    /**
     *
     * @return mixed|null
     */
    function envNonEmpty(string $key, string | int | bool | null $default = null)
    {
        $result = env($key, $default); // @phpstan-ignore-line
        if ('' === $result) {
            return $default;
        }

        return $result;
    }
}

if (!function_exists('stringIsEqual')) {
    function stringIsEqual(string $left, string $right): bool
    {
        return $left === $right;
    }
}

$app = Application::configure(basePath: dirname(__DIR__))
                  ->withRouting(
                      web     : __DIR__ . '/../routes/web.php',
                      commands: __DIR__ . '/../routes/console.php',
                      health  : '/up',
                  )
                  ->withMiddleware(function (Middleware $middleware): void {
                      // overrule the standard middleware
                      $middleware->use(
                          [
                              InvokeDeferredCallbacks::class,
                              HandleCors::class,
                              PreventRequestsDuringMaintenance::class,
                              ValidatePostSize::class,
                              TrimStrings::class,
                              ConvertEmptyStringsToNull::class,
                              SecureHeaders::class,
                              TrustProxies::class,
                          ]
                      );

                      // overrule the web group
                      $middleware->group('web',
                                         [
                                             EncryptCookies::class,
                                             AddQueuedCookiesToResponse::class,
                                             StartFireflySession::class,
                                             ShareErrorsFromSession::class,
                                             VerifyCsrfToken::class,
                                             SubstituteBindings::class,
                                             CreateFreshApiToken::class,
                                         ]
                      );
                      // new group?
                      $middleware->appendToGroup('binders-only',
                                                 [
                                                     Installer::class,
                                                     EncryptCookies::class,
                                                     AddQueuedCookiesToResponse::class,
                                                     Binder::class,
                                                 ]);

                      //
                      $middleware->appendToGroup('user-not-logged-in', [
                          Installer::class,
                          EncryptCookies::class,
                          AddQueuedCookiesToResponse::class,
                          StartFireflySession::class,
                          ShareErrorsFromSession::class,
                          VerifyCsrfToken::class,
                          Binder::class,
                          RedirectIfAuthenticated::class,
                      ]);

                      // more
                      $middleware->appendToGroup('user-logged-in-no-2fa', [
                          Installer::class,
                          EncryptCookies::class,
                          AddQueuedCookiesToResponse::class,
                          StartFireflySession::class,
                          ShareErrorsFromSession::class,
                          VerifyCsrfToken::class,
                          Binder::class,
                          Authenticate::class,
                      ]);

                      // simple auth
                      $middleware->appendToGroup('user-simple-auth', [
                          EncryptCookies::class,
                          AddQueuedCookiesToResponse::class,
                          StartFireflySession::class,
                          ShareErrorsFromSession::class,
                          VerifyCsrfToken::class,
                          Binder::class,
                          Authenticate::class,
                      ]);

                      // user full auth
                      $middleware->appendToGroup('user-full-auth', [
                          EncryptCookies::class,
                          AddQueuedCookiesToResponse::class,
                          StartFireflySession::class,
                          ShareErrorsFromSession::class,
                          VerifyCsrfToken::class,
                          Authenticate::class,
                          MFAMiddleware::class,
                          Range::class,
                          Binder::class,
                          InterestingMessage::class,
                          CreateFreshApiToken::class,
                      ]);

                      // admin
                      $middleware->appendToGroup('admin', [
                          EncryptCookies::class,
                          AddQueuedCookiesToResponse::class,
                          StartFireflySession::class,
                          ShareErrorsFromSession::class,
                          VerifyCsrfToken::class,
                          Authenticate::class,
                          // AuthenticateTwoFactor::class,
                          IsAdmin::class,
                          Range::class,
                          Binder::class,
                          CreateFreshApiToken::class,
                      ]);

                      // api
                      $middleware->appendToGroup('api', [AcceptHeaders::class, EnsureFrontendRequestsAreStateful::class, 'auth:api,sanctum', Binder::class]);
                      // api basic,
                      $middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);

                  })
                  ->withEvents(discover: [
                                             __DIR__ . '/../app/Listeners',
                                         ])
                  ->withExceptions(function (Exceptions $exceptions): void {
                      //
                  })->create();


//$app->withEvents(discover: [
//                           __DIR__.'/../app/Domain/Orders/Listeners',
//                       ]);

/*
|--------------------------------------------------------------------------
| Bind Important Interfaces
|--------------------------------------------------------------------------
|
| Next, we need to bind some important interfaces into the container so
| we will be able to resolve them when needed. The kernels serve the
| incoming requests to this application from both the web and CLI.
|
*/

$app->singleton(
    Kernel::class,
    FireflyIII\Http\Kernel::class
);

$app->singleton(
    Illuminate\Contracts\Console\Kernel::class,
    FireflyIII\Console\Kernel::class
);

$app->singleton(
    ExceptionHandler::class,
    Handler::class
);

/*
|--------------------------------------------------------------------------
| Return The Application
|--------------------------------------------------------------------------
|
| This script returns the application instance. The instance is given to
| the calling script so we can separate the building of the instances
| from the actual running of the application and sending responses.
|
*/

return $app;
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`<?php`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`/**`
			`* app.php`
Apply fixes from StyleCI 2020-03-17 16:06:30 +00:00			`* Copyright (c) 2019 james@firefly-iii.org.`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:38:00 +02:00			`* This file is part of Firefly III (https://github.com/firefly-iii).`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:38:00 +02:00			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:38:00 +02:00			`* This program is distributed in the hope that it will be useful,`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:38:00 +02:00			`* GNU Affero General Public License for more details.`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:38:00 +02:00			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
Update copyright stuff [skip ci] 2017-12-10 09:02:26 +01:00			`*/`

Various code cleanup. 2017-09-14 17:40:02 +02:00			`declare(strict_types=1);`

Final fixes. 2025-05-27 17:09:35 +02:00			`use FireflyIII\Exceptions\Handler;`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`use FireflyIII\Http\Middleware\AcceptHeaders;`
			`use FireflyIII\Http\Middleware\Authenticate;`
			`use FireflyIII\Http\Middleware\Binder;`
			`use FireflyIII\Http\Middleware\EncryptCookies;`
			`use FireflyIII\Http\Middleware\Installer;`
			`use FireflyIII\Http\Middleware\InterestingMessage;`
			`use FireflyIII\Http\Middleware\IsAdmin;`
			`use FireflyIII\Http\Middleware\Range;`
			`use FireflyIII\Http\Middleware\RedirectIfAuthenticated;`
Config from the right place? 2026-01-25 17:27:27 +01:00			`use FireflyIII\Http\Middleware\SecureHeaders;`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`use FireflyIII\Http\Middleware\StartFireflySession;`
Try to fix call to trusted proxies 2026-01-25 20:36:25 +01:00			`use FireflyIII\Http\Middleware\TrustProxies;`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`use FireflyIII\Http\Middleware\VerifyCsrfToken;`
			`use Illuminate\Contracts\Debug\ExceptionHandler;`
			`use Illuminate\Contracts\Http\Kernel;`
			`use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;`
			`use Illuminate\Foundation\Application;`
			`use Illuminate\Foundation\Configuration\Exceptions;`
			`use Illuminate\Foundation\Configuration\Middleware;`
Overrule middleware 2026-01-25 17:50:19 +01:00			`use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;`
			`use Illuminate\Foundation\Http\Middleware\InvokeDeferredCallbacks;`
			`use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;`
			`use Illuminate\Foundation\Http\Middleware\TrimStrings;`
			`use Illuminate\Http\Middleware\HandleCors;`
			`use Illuminate\Http\Middleware\ValidatePostSize;`
Clean up authentication. 2026-01-25 20:13:53 +01:00			`use Illuminate\Routing\Middleware\SubstituteBindings;`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`use Illuminate\View\Middleware\ShareErrorsFromSession;`
			`use Laravel\Passport\Http\Middleware\CreateFreshApiToken;`
			`use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;`
			`use PragmaRX\Google2FALaravel\Middleware as MFAMiddleware;`
Final fixes. 2025-05-27 17:09:35 +02:00
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Create The Application`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The first thing we will do is create a new Laravel application instance`
			`\| which serves as the "glue" for all the components of Laravel, and is`
Drop BCscale significantly. This breaks support for long crypto currencies. 2023-03-18 14:35:08 +01:00			`\| the IoC container for the system binding all the various parts.`
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`\|`
			`*/`

Drop BCscale significantly. This breaks support for long crypto currencies. 2023-03-18 14:35:08 +01:00			`bcscale(12);`
Add bcscale again. 2017-09-10 09:54:00 +02:00
Fix tests 2018-04-27 11:29:09 +02:00			`if (!function_exists('envNonEmpty')) {`
			`/**`
			`*`
			`* @return mixed\|null`
			`*/`
Reformat code. 2024-03-10 06:17:31 +01:00			`function envNonEmpty(string $key, string \| int \| bool \| null $default = null)`
Code cleanup 2023-10-28 15:03:33 +02:00			`{`
Fix various phpstan issues. 2025-01-03 14:56:06 +01:00			`$result = env($key, $default); // @phpstan-ignore-line`
Add experimental .env for test purposes. 2023-10-30 06:17:38 +01:00			`if ('' === $result) {`
Final fixes. 2025-05-27 17:09:35 +02:00			`return $default;`
Fix tests 2018-04-27 11:29:09 +02:00			`}`

			`return $result;`
Fix #1382 2018-04-27 06:26:37 +02:00			`}`
			`}`

chore: fix various small sonacloud issues to see if the actions run correctly. 2023-05-29 14:17:10 +02:00			`if (!function_exists('stringIsEqual')) {`
Code cleanup 2023-10-28 15:03:33 +02:00			`function stringIsEqual(string $left, string $right): bool`
			`{`
Expand search. 2020-08-22 12:24:01 +02:00			`return $left === $right;`
			`}`
			`}`

Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`$app = Application::configure(basePath: dirname(__DIR__))`
			`->withRouting(`
			`web : __DIR__ . '/../routes/web.php',`
			`commands: __DIR__ . '/../routes/console.php',`
			`health : '/up',`
			`)`
			`->withMiddleware(function (Middleware $middleware): void {`
Overrule middleware 2026-01-25 17:50:19 +01:00			`// overrule the standard middleware`
Clean up authentication. 2026-01-25 20:13:53 +01:00			`$middleware->use(`
			`[`
			`InvokeDeferredCallbacks::class,`
			`HandleCors::class,`
			`PreventRequestsDuringMaintenance::class,`
			`ValidatePostSize::class,`
			`TrimStrings::class,`
			`ConvertEmptyStringsToNull::class,`
			`SecureHeaders::class,`
Try to fix call to trusted proxies 2026-01-25 20:36:25 +01:00			`TrustProxies::class,`
Clean up authentication. 2026-01-25 20:13:53 +01:00			`]`
			`);`
Clean up a bunch of code and improve transaction store events 2026-01-25 09:02:47 +01:00
Overrule middleware 2026-01-25 17:50:19 +01:00			`// overrule the web group`
Clean up authentication. 2026-01-25 20:13:53 +01:00			`$middleware->group('web',`
			`[`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`SubstituteBindings::class,`
			`CreateFreshApiToken::class,`
			`]`
			`);`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00			`// new group?`
Clean up authentication. 2026-01-25 20:13:53 +01:00			`$middleware->appendToGroup('binders-only',`
			`[`
			`Installer::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`Binder::class,`
			`]);`
Clean up middleware and kernel files. 2026-01-24 20:36:20 +01:00
			`//`
			`$middleware->appendToGroup('user-not-logged-in', [`
			`Installer::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Binder::class,`
			`RedirectIfAuthenticated::class,`
			`]);`

			`// more`
			`$middleware->appendToGroup('user-logged-in-no-2fa', [`
			`Installer::class,`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Binder::class,`
			`Authenticate::class,`
			`]);`

			`// simple auth`
			`$middleware->appendToGroup('user-simple-auth', [`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Binder::class,`
			`Authenticate::class,`
			`]);`

			`// user full auth`
			`$middleware->appendToGroup('user-full-auth', [`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
			`MFAMiddleware::class,`
			`Range::class,`
			`Binder::class,`
			`InterestingMessage::class,`
			`CreateFreshApiToken::class,`
			`]);`

			`// admin`
			`$middleware->appendToGroup('admin', [`
			`EncryptCookies::class,`
			`AddQueuedCookiesToResponse::class,`
			`StartFireflySession::class,`
			`ShareErrorsFromSession::class,`
			`VerifyCsrfToken::class,`
			`Authenticate::class,`
			`// AuthenticateTwoFactor::class,`
			`IsAdmin::class,`
			`Range::class,`
			`Binder::class,`
			`CreateFreshApiToken::class,`
			`]);`

			`// api`
			`$middleware->appendToGroup('api', [AcceptHeaders::class, EnsureFrontendRequestsAreStateful::class, 'auth:api,sanctum', Binder::class]);`
			`// api basic,`
			`$middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);`

			`})`
			`->withEvents(discover: [`
			`__DIR__ . '/../app/Listeners',`
			`])`
			`->withExceptions(function (Exceptions $exceptions): void {`
			`//`
			`})->create();`


			`//$app->withEvents(discover: [`
			`// __DIR__.'/../app/Domain/Orders/Listeners',`
			`// ]);`
Fresh L5 installation. 2015-02-06 04:39:52 +01:00
			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Bind Important Interfaces`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| Next, we need to bind some important interfaces into the container so`
			`\| we will be able to resolve them when needed. The kernels serve the`
			`\| incoming requests to this application from both the web and CLI.`
			`\|`
			`*/`

			`$app->singleton(`
Final fixes. 2025-05-27 17:09:35 +02:00			`Kernel::class,`
Updated app file after upgrading to laravel 5.2 2016-01-08 14:28:15 +01:00			`FireflyIII\Http\Kernel::class`
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`);`

			`$app->singleton(`
Updated app file after upgrading to laravel 5.2 2016-01-08 14:28:15 +01:00			`Illuminate\Contracts\Console\Kernel::class,`
			`FireflyIII\Console\Kernel::class`
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`);`

			`$app->singleton(`
Final fixes. 2025-05-27 17:09:35 +02:00			`ExceptionHandler::class,`
			`Handler::class`
Fresh L5 installation. 2015-02-06 04:39:52 +01:00			`);`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Return The Application`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| This script returns the application instance. The instance is given to`
			`\| the calling script so we can separate the building of the instances`
			`\| from the actual running of the application and sending responses.`
			`\|`
			`*/`

			`return $app;`