From 022d59bfddbc6acebc8d368caa4dc560161cf5a9 Mon Sep 17 00:00:00 2001 From: James Cole Date: Fri, 13 Feb 2026 07:33:30 +0100 Subject: [PATCH] Fix https://github.com/firefly-iii/firefly-iii/issues/11688 --- .../Authentication/RemoteUserGuard.php | 37 ++++++++++++------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/app/Support/Authentication/RemoteUserGuard.php b/app/Support/Authentication/RemoteUserGuard.php index 1ca788fd2b..604adae369 100644 --- a/app/Support/Authentication/RemoteUserGuard.php +++ b/app/Support/Authentication/RemoteUserGuard.php @@ -39,37 +39,40 @@ use Illuminate\Support\Facades\Log; class RemoteUserGuard implements Guard { protected Application $application; - protected ?User $user = null; + protected ?User $user = null; + private $tried = false; /** * Create a new authentication guard. */ - public function __construct( - protected UserProvider $provider, - Application $app - ) { + public function __construct(protected UserProvider $provider, Application $app) + { $app->get('request'); - // Log::debug(sprintf('Created RemoteUserGuard for %s "%s"', $request?->getMethod(), $request?->getRequestUri())); + Log::debug(sprintf('Created RemoteUserGuard for %s "%s"', $app->get('request')?->getMethod(), $app->get('request')?->getRequestUri())); $this->application = $app; } public function authenticate(): void { - // Log::debug(sprintf('Now at %s', __METHOD__)); + $this->tried = true; + Log::debug(sprintf('Now at %s', __METHOD__)); if ($this->user instanceof User) { Log::debug(sprintf('%s is found: #%d, "%s".', $this->user::class, $this->user->id, $this->user->email)); return; } // Get the user identifier from $_SERVER or apache filtered headers - $header = config('auth.guard_header', 'REMOTE_USER'); - $userID = request()->server($header) ?? null; + $header = config('auth.guard_header', 'REMOTE_USER'); + $userID = request()->server($header) ?? null; if (function_exists('apache_request_headers')) { Log::debug('Use apache_request_headers to find user ID.'); $userID = request()->server($header) ?? apache_request_headers()[$header] ?? null; } + // test value for development + // $userID = 'james@firefly'; + if (null === $userID || '' === $userID) { Log::error(sprintf('No user in header "%s".', $header)); @@ -82,10 +85,10 @@ class RemoteUserGuard implements Guard $retrievedUser = $this->provider->retrieveById($userID); // store email address if present in header and not already set. - $header = config('auth.guard_email'); + $header = config('auth.guard_email'); if (null !== $header) { - $emailAddress = (string) (request()->server($header) ?? apache_request_headers()[$header] ?? null); + $emailAddress = (string)(request()->server($header) ?? apache_request_headers()[$header] ?? null); $preference = Preferences::getForUser($retrievedUser, 'remote_guard_alt_email'); if ('' !== $emailAddress && null === $preference && $emailAddress !== $userID) { @@ -98,7 +101,7 @@ class RemoteUserGuard implements Guard } Log::debug(sprintf('Result of getting user from provider: %s', $retrievedUser->email)); - $this->user = $retrievedUser; + $this->user = $retrievedUser; } public function check(): bool @@ -125,14 +128,14 @@ class RemoteUserGuard implements Guard /** * @SuppressWarnings("PHPMD.ShortMethodName") */ - public function id(): int|string|null + public function id(): int | string | null { // Log::debug(sprintf('Now at %s', __METHOD__)); return $this->user?->id; } - public function setUser(Authenticatable|User|null $user): void // @phpstan-ignore-line + public function setUser(Authenticatable | User | null $user): void // @phpstan-ignore-line { // Log::debug(sprintf('Now at %s', __METHOD__)); if ($user instanceof User) { @@ -145,8 +148,14 @@ class RemoteUserGuard implements Guard public function user(): ?User { + if (false === $this->tried) { + Log::debug('Have not tried authentication, do it now.'); + $this->authenticate(); + } // Log::debug(sprintf('Now at %s', __METHOD__)); $user = $this->user; + + if (!$user instanceof User) { Log::debug('User is NULL');