mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2025-12-18 12:28:46 +00:00
Fix #11383
This commit is contained in:
James Cole
@@ -31,6 +31,7 @@ use FireflyIII\Exceptions\FireflyException;
|
||||
use FireflyIII\Http\Controllers\Controller;
|
||||
use FireflyIII\Providers\RouteServiceProvider;
|
||||
use FireflyIII\Repositories\User\UserRepositoryInterface;
|
||||
use FireflyIII\Support\Facades\Steam;
|
||||
use FireflyIII\User;
|
||||
use Illuminate\Contracts\Foundation\Application;
|
||||
use Illuminate\Contracts\View\Factory;
|
||||
@@ -85,7 +86,7 @@ class LoginController extends Controller
|
||||
*
|
||||
* @throws ValidationException
|
||||
*/
|
||||
public function login(Request $request): JsonResponse|RedirectResponse
|
||||
public function login(Request $request): JsonResponse | RedirectResponse
|
||||
{
|
||||
$username = $request->get($this->username());
|
||||
Log::channel('audit')->info(sprintf('User is trying to login using "%s"', $username));
|
||||
@@ -103,8 +104,7 @@ class LoginController extends Controller
|
||||
$this->username => trans('auth.failed'),
|
||||
]
|
||||
)
|
||||
->onlyInput($this->username)
|
||||
;
|
||||
->onlyInput($this->username);
|
||||
}
|
||||
Log::debug('Login data is present.');
|
||||
|
||||
@@ -128,11 +128,10 @@ class LoginController extends Controller
|
||||
// send a custom login event because laravel will also fire a login event if a "remember me"-cookie
|
||||
// restores the event.
|
||||
event(new ActuallyLoggedIn($this->guard()->user()));
|
||||
|
||||
return $this->sendLoginResponse($request);
|
||||
}
|
||||
Log::warning('Login attempt failed.');
|
||||
$username = (string) $request->get($this->username());
|
||||
$username = (string)$request->get($this->username());
|
||||
$user = $this->repository->findByEmail($username);
|
||||
if (!$user instanceof User) {
|
||||
// send event to owner.
|
||||
@@ -185,7 +184,7 @@ class LoginController extends Controller
|
||||
/**
|
||||
* Log the user out of the application.
|
||||
*/
|
||||
public function logout(Request $request): Redirector|RedirectResponse|Response
|
||||
public function logout(Request $request): Redirector | RedirectResponse | Response
|
||||
{
|
||||
$authGuard = config('firefly.authentication_guard');
|
||||
$logoutUrl = config('firefly.custom_logout_url');
|
||||
@@ -222,13 +221,13 @@ class LoginController extends Controller
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws NotFoundExceptionInterface
|
||||
*/
|
||||
public function showLoginForm(Request $request): Factory|Redirector|RedirectResponse|View
|
||||
public function showLoginForm(Request $request): Factory | Redirector | RedirectResponse | View
|
||||
{
|
||||
Log::channel('audit')->info('Show login form (1.1).');
|
||||
|
||||
$count = DB::table('users')->count();
|
||||
$guard = config('auth.defaults.guard');
|
||||
$title = (string) trans('firefly.login_page_title');
|
||||
$title = (string)trans('firefly.login_page_title');
|
||||
|
||||
if (0 === $count && 'web' === $guard) {
|
||||
return redirect(route('register'));
|
||||
@@ -254,10 +253,31 @@ class LoginController extends Controller
|
||||
$storeInCookie = config('google2fa.store_in_cookie', false);
|
||||
if (false !== $storeInCookie) {
|
||||
$cookieName = config('google2fa.cookie_name', 'google2fa_token');
|
||||
Cookie::queue(Cookie::make($cookieName, 'invalid-'.Carbon::now()->getTimestamp()));
|
||||
Cookie::queue(Cookie::make($cookieName, 'invalid-' . Carbon::now()->getTimestamp()));
|
||||
}
|
||||
$usernameField = $this->username();
|
||||
|
||||
return view('auth.login', ['allowRegistration' => $allowRegistration, 'email' => $email, 'remember' => $remember, 'allowReset' => $allowReset, 'title' => $title, 'usernameField' => $usernameField]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Send the response after the user was authenticated.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
*
|
||||
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\JsonResponse
|
||||
*/
|
||||
protected function sendLoginResponse(Request $request)
|
||||
{
|
||||
$request->session()->regenerate();
|
||||
$this->clearLoginAttempts($request);
|
||||
|
||||
if ($response = $this->authenticated($request, $this->guard()->user())) {
|
||||
return $response;
|
||||
}
|
||||
$path = Steam::getSafeUrl(session()->pull('url.intended', route('index')), route('index'));
|
||||
Log::debug(sprintf('SafeURL is %s', $path));
|
||||
return $request->wantsJson() ? new JsonResponse([], 204) : redirect()->to($path);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -23,9 +23,8 @@ declare(strict_types=1);
|
||||
|
||||
namespace FireflyIII\Support;
|
||||
|
||||
use FireflyIII\Support\Facades\Preferences;
|
||||
use Deprecated;
|
||||
use Carbon\Carbon;
|
||||
use Deprecated;
|
||||
use Exception;
|
||||
use FireflyIII\Exceptions\FireflyException;
|
||||
use FireflyIII\Models\Account;
|
||||
@@ -33,6 +32,7 @@ use FireflyIII\Models\AccountMeta;
|
||||
use FireflyIII\Models\Transaction;
|
||||
use FireflyIII\Models\TransactionCurrency;
|
||||
use FireflyIII\Support\Facades\Amount;
|
||||
use FireflyIII\Support\Facades\Preferences;
|
||||
use FireflyIII\Support\Http\Api\ExchangeRateConverter;
|
||||
use FireflyIII\Support\Singleton\PreferencesSingleton;
|
||||
use Illuminate\Support\Collection;
|
||||
@@ -43,7 +43,6 @@ use Psr\Container\ContainerExceptionInterface;
|
||||
use Psr\Container\NotFoundExceptionInterface;
|
||||
use Safe\Exceptions\UrlException;
|
||||
use ValueError;
|
||||
|
||||
use function Safe\parse_url;
|
||||
use function Safe\preg_replace;
|
||||
|
||||
@@ -66,8 +65,7 @@ class Steam
|
||||
->leftJoin('transaction_currencies', 'transaction_currencies.id', '=', 'transactions.transaction_currency_id')
|
||||
->where('transaction_journals.date', $inclusive ? '<=' : '<', $date->format('Y-m-d H:i:s'))
|
||||
->groupBy(['transactions.account_id', 'transaction_currencies.code'])
|
||||
->get(['transactions.account_id', 'transaction_currencies.code', DB::raw('SUM(transactions.amount) as sum_of_amount')])->toArray()
|
||||
;
|
||||
->get(['transactions.account_id', 'transaction_currencies.code', DB::raw('SUM(transactions.amount) as sum_of_amount')])->toArray();
|
||||
|
||||
Log::debug('Array of sums: ', $arrayOfSums);
|
||||
|
||||
@@ -80,7 +78,7 @@ class Steam
|
||||
$currency = $currencies[$account->id];
|
||||
|
||||
// second array
|
||||
$accountSums = array_filter($arrayOfSums, fn (array $entry): bool => $entry['account_id'] === $account->id);
|
||||
$accountSums = array_filter($arrayOfSums, fn(array $entry): bool => $entry['account_id'] === $account->id);
|
||||
if (0 === count($accountSums)) {
|
||||
$result[$account->id] = $return;
|
||||
|
||||
@@ -131,7 +129,8 @@ class Steam
|
||||
}
|
||||
|
||||
/**
|
||||
* Calls accountsBalancesOptimized for the given accounts and makes sure that inclusive is set to false, so it properly gets the balance of a range.
|
||||
* Calls accountsBalancesOptimized for the given accounts and makes sure that inclusive is set to false, so it
|
||||
* properly gets the balance of a range.
|
||||
*/
|
||||
public function accountsBalancesInRange(Collection $accounts, Carbon $start, Carbon $end, ?TransactionCurrency $primary = null, ?bool $convertToPrimary = null): array
|
||||
{
|
||||
@@ -160,10 +159,10 @@ class Steam
|
||||
// Log::debug(sprintf('Trying bcround("%s",%d)', $number, $precision));
|
||||
if (str_contains($number, '.')) {
|
||||
if ('-' !== $number[0]) {
|
||||
return bcadd($number, '0.'.str_repeat('0', $precision).'5', $precision);
|
||||
return bcadd($number, '0.' . str_repeat('0', $precision) . '5', $precision);
|
||||
}
|
||||
|
||||
return bcsub($number, '0.'.str_repeat('0', $precision).'5', $precision);
|
||||
return bcsub($number, '0.' . str_repeat('0', $precision) . '5', $precision);
|
||||
}
|
||||
|
||||
return $number;
|
||||
@@ -305,7 +304,8 @@ class Steam
|
||||
"balance": balance in the account's currency OR user's primary currency if the account has no currency
|
||||
--> "pc_balance": balance in the user's primary currency, with all amounts converted to the primary currency.
|
||||
"EUR": balance in EUR (or whatever currencies the account has balance in)
|
||||
TXT)]
|
||||
TXT
|
||||
)]
|
||||
public function finalAccountBalance(Account $account, Carbon $date, ?TransactionCurrency $primary = null, ?bool $convertToPrimary = null, bool $inclusive = true): array
|
||||
{
|
||||
|
||||
@@ -342,8 +342,7 @@ class Steam
|
||||
->leftJoin('transaction_journals', 'transaction_journals.id', '=', 'transactions.transaction_journal_id')
|
||||
->leftJoin('transaction_currencies', 'transaction_currencies.id', '=', 'transactions.transaction_currency_id')
|
||||
->where('transaction_journals.date', $inclusive ? '<=' : '<', $date->format('Y-m-d H:i:s'))
|
||||
->get(['transaction_currencies.code', 'transactions.amount'])->toArray()
|
||||
;
|
||||
->get(['transaction_currencies.code', 'transactions.amount'])->toArray();
|
||||
$others = $this->groupAndSumTransactions($array, 'code', 'amount');
|
||||
Log::debug('All balances are (joined)', $others);
|
||||
// if there is no request to convert, take this as "balance" and "pc_balance".
|
||||
@@ -446,8 +445,7 @@ class Steam
|
||||
'transactions.transaction_currency_id',
|
||||
DB::raw('SUM(transactions.amount) AS sum_of_day'),
|
||||
]
|
||||
)
|
||||
;
|
||||
);
|
||||
|
||||
$currentBalance = $startBalance;
|
||||
$converter = new ExchangeRateConverter();
|
||||
@@ -663,8 +661,8 @@ class Steam
|
||||
*/
|
||||
public function getSafePreviousUrl(): string
|
||||
{
|
||||
// Log::debug(sprintf('getSafePreviousUrl: "%s"', session()->previousUrl()));
|
||||
return session()->previousUrl() ?? route('index');
|
||||
$res = $this->getSafeUrl(session()->previousUrl() ?? route('index'), route('index'));
|
||||
Log::debug(sprintf('getSafePreviousUrl: "%s"', $res));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -674,7 +672,7 @@ class Steam
|
||||
{
|
||||
// Log::debug(sprintf('getSafeUrl(%s, %s)', $unknownUrl, $safeUrl));
|
||||
$returnUrl = $safeUrl;
|
||||
|
||||
// die('in get safe url');
|
||||
try {
|
||||
$unknownHost = parse_url($unknownUrl, PHP_URL_HOST);
|
||||
} catch (UrlException $e) {
|
||||
|
||||
Reference in New Issue
Block a user