mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2026-02-15 16:20:33 +00:00
Compare commits
13 Commits
develop-20
...
develop-20
| Author | SHA1 | Date | |
|---|---|---|---|
|
7fa9e79f2a | ||
|
4a5281fd80 | ||
|
ad60974430 | ||
|
|
195794881b | ||
|
|
3e6a997dd5 | ||
|
|
2eedfd9f26 | ||
|
|
9ec0515bb6 | ||
|
|
6b197eecb9 | ||
|
|
591c970882 | ||
|
|
15d91dbe1b | ||
|
|
6ff87bf447 | ||
|
|
147ce154d8 | ||
|
|
2c8be33000 |
7
.github/mergify.yml
vendored
7
.github/mergify.yml
vendored
@@ -1,11 +1,4 @@
|
||||
pull_request_rules:
|
||||
- name: Make sure PR are up to date before merging
|
||||
description: This automatically updates PRs when they are out-of-date with the
|
||||
base branch to avoid semantic conflicts (next step is using a merge
|
||||
queue).
|
||||
conditions: []
|
||||
actions:
|
||||
update:
|
||||
- name: Close all on main
|
||||
conditions:
|
||||
- base=main
|
||||
|
||||
@@ -63,6 +63,9 @@ class UpdateRequest extends FormRequest
|
||||
{
|
||||
/** @var TransactionCurrency $currency */
|
||||
$currency = $this->route()->parameter('currency_code');
|
||||
if (is_string($currency)) {
|
||||
$currency = TransactionCurrency::whereCode($currency)->first();
|
||||
}
|
||||
|
||||
return [
|
||||
'name' => sprintf('min:1|max:255|unique:transaction_currencies,name,%d', $currency->id),
|
||||
|
||||
@@ -25,6 +25,7 @@ declare(strict_types=1);
|
||||
namespace FireflyIII\Console\Commands\System;
|
||||
|
||||
use FireflyIII\Console\Commands\ShowsFriendlyMessages;
|
||||
use FireflyIII\Console\Commands\Tools\VerifiesDatabaseConnectionTrait;
|
||||
use Illuminate\Console\Command;
|
||||
use PDO;
|
||||
use PDOException;
|
||||
@@ -32,6 +33,7 @@ use PDOException;
|
||||
class CreatesDatabase extends Command
|
||||
{
|
||||
use ShowsFriendlyMessages;
|
||||
use VerifiesDatabaseConnectionTrait;
|
||||
|
||||
protected $description = 'Tries to create the database if it doesn\'t exist yet.';
|
||||
|
||||
@@ -39,21 +41,27 @@ class CreatesDatabase extends Command
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
if ('mysql' !== env('DB_CONNECTION')) { // @phpstan-ignore larastan.noEnvCallsOutsideOfConfig */
|
||||
$this->friendlyInfo(sprintf('CreateDB does not apply to "%s", skipped.', env('DB_CONNECTION')));
|
||||
$connected = $this->verifyDatabaseConnection();
|
||||
if (!$connected) {
|
||||
$this->friendlyError('Failed to connect to the database. Is it up?');
|
||||
|
||||
return Command::FAILURE;
|
||||
}
|
||||
if ('mysql' !== config('database.default')) { // @phpstan-ignore larastan.noEnvCallsOutsideOfConfig */
|
||||
$this->friendlyInfo(sprintf('CreateDB does not apply to "%s", skipped.', config('database.default')));
|
||||
|
||||
return 0;
|
||||
}
|
||||
// try to set up a raw connection:
|
||||
$exists = false;
|
||||
$dsn = sprintf('mysql:host=%s;port=%d;charset=utf8mb4', env('DB_HOST'), env('DB_PORT'));
|
||||
$exists = false;
|
||||
$dsn = sprintf('mysql:host=%s;port=%d;charset=utf8mb4', env('DB_HOST'), env('DB_PORT'));
|
||||
|
||||
if ('' !== (string) env('DB_SOCKET')) {
|
||||
$dsn = sprintf('mysql:unix_socket=%s;charset=utf8mb4', env('DB_SOCKET'));
|
||||
}
|
||||
$this->friendlyLine(sprintf('DSN is %s', $dsn));
|
||||
|
||||
$options = [
|
||||
$options = [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
@@ -71,7 +79,7 @@ class CreatesDatabase extends Command
|
||||
// only continue when no error.
|
||||
// with PDO, try to list DB's (
|
||||
/** @var array $stmt */
|
||||
$stmt = $pdo->query('SHOW DATABASES;');
|
||||
$stmt = $pdo->query('SHOW DATABASES;');
|
||||
// slightly more complex but less error-prone.
|
||||
foreach ($stmt as $row) {
|
||||
$name = $row['Database'] ?? false;
|
||||
|
||||
64
app/Console/Commands/Tools/VerifiesDatabaseConnection.php
Normal file
64
app/Console/Commands/Tools/VerifiesDatabaseConnection.php
Normal file
@@ -0,0 +1,64 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
/*
|
||||
* VerifiesDatabaseConnection.php
|
||||
* Copyright (c) 2026 james@firefly-iii.org
|
||||
*
|
||||
* This file is part of Firefly III (https://github.com/firefly-iii).
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
namespace FireflyIII\Console\Commands\Tools;
|
||||
|
||||
use FireflyIII\Console\Commands\ShowsFriendlyMessages;
|
||||
use Illuminate\Console\Command;
|
||||
|
||||
class VerifiesDatabaseConnection extends Command
|
||||
{
|
||||
use ShowsFriendlyMessages;
|
||||
use VerifiesDatabaseConnectionTrait;
|
||||
|
||||
/**
|
||||
* The name and signature of the console command.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $signature = 'firefly-iii:verify-database-connection';
|
||||
|
||||
/**
|
||||
* The console command description.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $description = 'This command tries to connect to the database.';
|
||||
|
||||
/**
|
||||
* Execute the console command.
|
||||
*/
|
||||
public function handle(): int
|
||||
{
|
||||
$connected = $this->verifyDatabaseConnection();
|
||||
if ($connected) {
|
||||
$this->friendlyPositive('Connected to the database.');
|
||||
|
||||
return Command::SUCCESS;
|
||||
}
|
||||
$this->friendlyError('Failed to connect to the database. Is it up?');
|
||||
|
||||
return Command::FAILURE;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,66 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
/*
|
||||
* VerifiesDatabaseConnectionTrait.php
|
||||
* Copyright (c) 2026 james@firefly-iii.org
|
||||
*
|
||||
* This file is part of Firefly III (https://github.com/firefly-iii).
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
namespace FireflyIII\Console\Commands\Tools;
|
||||
|
||||
use Exception;
|
||||
use Illuminate\Database\QueryException;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
trait VerifiesDatabaseConnectionTrait
|
||||
{
|
||||
protected function verifyDatabaseConnection(): bool
|
||||
{
|
||||
$loops = 30;
|
||||
$loop = 0;
|
||||
$queries = ['pgsql' => 'SELECT * FROM pg_catalog.pg_tables;', 'sqlite' => 'SELECT name FROM sqlite_schema;', 'mysql' => 'SHOW TABLES;'];
|
||||
$default = config('database.default');
|
||||
if (!array_key_exists($default, $queries)) {
|
||||
$this->friendlyWarning(sprintf('Cannot validate database connection for "%s"', $default));
|
||||
|
||||
return true;
|
||||
}
|
||||
$query = $queries[$default];
|
||||
$connected = false;
|
||||
Log::debug(sprintf('Connecting to database "%s"...', config('database.default')));
|
||||
while (!$connected && $loop < $loops) {
|
||||
try {
|
||||
DB::select($query);
|
||||
$connected = true;
|
||||
} catch (QueryException $e) {
|
||||
Log::error(sprintf('Loop #%d: connection failed: %s', $loop, $e->getMessage()));
|
||||
$this->friendlyWarning(sprintf('Database connection attempt #%d failed. Sleep for 10 seconds...', $loop + 1));
|
||||
sleep(10);
|
||||
} catch (Exception $e) {
|
||||
Log::error(sprintf('Loop #%d: not connected yet because of a %s: %s', $loop, get_class($e), $e->getMessage()));
|
||||
$this->friendlyWarning(sprintf('Database connection attempt #%d failed. Sleep for 10 seconds...', $loop + 1));
|
||||
sleep(10);
|
||||
}
|
||||
++$loop;
|
||||
}
|
||||
|
||||
return $connected;
|
||||
}
|
||||
}
|
||||
@@ -94,6 +94,7 @@ class UpgradesDatabase extends Command
|
||||
|
||||
private function callInitialCommands(): void
|
||||
{
|
||||
$this->call('firefly-iii:verify-database-connection');
|
||||
$this->call('migrate', ['--seed' => true, '--force' => true, '--no-interaction' => true]);
|
||||
$this->call('upgrade:600-pgsql-sequences');
|
||||
$this->call('upgrade:480-decrypt-all');
|
||||
|
||||
@@ -190,6 +190,14 @@ class LoginController extends Controller
|
||||
*/
|
||||
public function showLoginForm(Request $request): Factory|Redirector|RedirectResponse|View
|
||||
{
|
||||
if ('remote_user_guard' === config('auth.defaults.guard')) {
|
||||
$message = sprintf(
|
||||
'Firefly III is configured to use the "remote user guard", but was unable to link you to a user. Are you sure the "%s" header is in place?',
|
||||
config('auth.guard_header')
|
||||
);
|
||||
|
||||
return view('errors.error', ['message' => $message]);
|
||||
}
|
||||
Log::channel('audit')->info('Show login form (1.1).');
|
||||
|
||||
$count = DB::table('users')->count();
|
||||
|
||||
@@ -82,22 +82,25 @@ class Authenticate
|
||||
protected function authenticate($request, array $guards)
|
||||
{
|
||||
if (0 === count($guards)) {
|
||||
// go for default guard:
|
||||
// @noinspection PhpUndefinedMethodInspection
|
||||
if ($this->auth->check()) {
|
||||
// do an extra check on user object.
|
||||
/** @noinspection PhpUndefinedMethodInspection */
|
||||
|
||||
/** @var User $user */
|
||||
$user = $this->auth->authenticate();
|
||||
Log::debug('in Authenticate::authenticate() with zero guards.');
|
||||
// There are no guards defined, go for the default guard:
|
||||
if (auth()->check()) {
|
||||
Log::debug('User is authenticated.');
|
||||
$user = auth()->user();
|
||||
$this->validateBlockedUser($user, $guards);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
// @noinspection PhpUndefinedMethodInspection
|
||||
return $this->auth->authenticate();
|
||||
$this->auth->authenticate();
|
||||
if (!$this->auth->check()) {
|
||||
throw new AuthenticationException('The user is not logged in but must be.', $guards);
|
||||
}
|
||||
}
|
||||
|
||||
exit('five');
|
||||
foreach ($guards as $guard) {
|
||||
exit('six');
|
||||
if ('api' !== $guard) {
|
||||
$this->auth->guard($guard)->authenticate();
|
||||
}
|
||||
@@ -111,6 +114,7 @@ class Authenticate
|
||||
}
|
||||
}
|
||||
|
||||
exit('seven');
|
||||
// this is a massive hack, but if the handler has the oauth exception
|
||||
// at this point we can report its error instead of a generic one.
|
||||
$message = 'Unauthenticated.';
|
||||
@@ -143,5 +147,6 @@ class Authenticate
|
||||
// @phpstan-ignore-line (thinks function is undefined)
|
||||
throw new AuthenticationException('Blocked account.', $guards);
|
||||
}
|
||||
Log::debug(sprintf('User #%d is not blocked.', $user->id));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -42,20 +42,18 @@ class RouteServiceProvider extends ServiceProvider
|
||||
#[Override]
|
||||
public function boot(): void
|
||||
{
|
||||
$this->routes(function (): void {
|
||||
Route::prefix('api')
|
||||
->middleware('api')
|
||||
->namespace($this->namespace)
|
||||
->group(base_path('routes/api.php'))
|
||||
;
|
||||
|
||||
Route::prefix('api/v1/cron')
|
||||
->middleware('api_basic')
|
||||
->namespace($this->namespace)
|
||||
->group(base_path('routes/api-noauth.php'))
|
||||
;
|
||||
|
||||
Route::middleware('web')->namespace($this->namespace)->group(base_path('routes/web.php'));
|
||||
});
|
||||
// $this->routes(function (): void {
|
||||
// Route::prefix('api')
|
||||
// ->middleware('api')
|
||||
// ->namespace($this->namespace)
|
||||
// ->group(base_path('routes/api.php'))
|
||||
// ;
|
||||
// Route::prefix('api/v1/cron')
|
||||
// ->middleware('api_basic')
|
||||
// ->namespace($this->namespace)
|
||||
// ->group(base_path('routes/api-noauth.php'))
|
||||
// ;
|
||||
// Route::middleware('web')->namespace($this->namespace)->group(base_path('routes/web.php'));
|
||||
// });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -84,7 +84,8 @@ class RemoteUserGuard implements Guard
|
||||
if (null === $userID || '' === $userID) {
|
||||
Log::error(sprintf('No user in header "%s".', $header));
|
||||
|
||||
throw new FireflyException('The guard header was unexpectedly empty. See the logs.');
|
||||
// throw new FireflyException('The guard header was unexpectedly empty. See the logs.');
|
||||
return;
|
||||
}
|
||||
|
||||
Log::debug(sprintf('User ID found in header is "%s"', $userID));
|
||||
|
||||
@@ -138,6 +138,10 @@ class ExportDataGenerator
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->accounts = new Collection();
|
||||
|
||||
@@ -65,6 +65,8 @@ class AvailableBudgetEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private readonly bool $convertToPrimary; // @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
@@ -90,6 +92,8 @@ class AvailableBudgetEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $currencies = [];
|
||||
private array $currencyIds = [];
|
||||
private array $ids = [];
|
||||
|
||||
@@ -65,6 +65,8 @@ class BudgetLimitEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $currencies = [];
|
||||
private array $currencyIds = [];
|
||||
private Carbon $end;
|
||||
|
||||
@@ -67,6 +67,8 @@ class PiggyBankEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $accounts = []; // @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
@@ -92,6 +94,8 @@ class PiggyBankEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $amounts = [];
|
||||
private Collection $collection;
|
||||
private array $currencies = [];
|
||||
|
||||
@@ -62,6 +62,8 @@ class PiggyBankEventEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $accountIds = []; // @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
@@ -87,6 +89,8 @@ class PiggyBankEventEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private Collection $collection;
|
||||
private array $currencies = [];
|
||||
private array $groupIds = [];
|
||||
|
||||
@@ -71,6 +71,8 @@ class SubscriptionEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private readonly bool $convertToPrimary;
|
||||
private ?Carbon $end = null;
|
||||
private array $mappedObjects = [];
|
||||
|
||||
@@ -103,6 +103,10 @@ class TransactionGroupEnrichment implements EnrichmentInterface
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
// @phpstan-ignore-line
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->dateFields = ['interest_date', 'book_date', 'process_date', 'due_date', 'payment_date', 'invoice_date'];
|
||||
|
||||
@@ -67,6 +67,8 @@ class WebhookEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $ids = []; // @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
@@ -92,6 +94,8 @@ class WebhookEnrichment implements EnrichmentInterface
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
// @phpstan-ignore-line
|
||||
private array $responses = [];
|
||||
private array $triggers = [];
|
||||
private array $webhookDeliveries = [];
|
||||
|
||||
@@ -38,8 +38,8 @@ class CurrencyTransformer extends AbstractTransformer
|
||||
{
|
||||
return [
|
||||
'id' => $currency->id,
|
||||
'created_at' => $currency->created_at->toAtomString(),
|
||||
'updated_at' => $currency->updated_at->toAtomString(),
|
||||
'created_at' => $currency->created_at?->toAtomString(),
|
||||
'updated_at' => $currency->updated_at?->toAtomString(),
|
||||
'native' => $currency->userGroupNative,
|
||||
'default' => $currency->userGroupNative,
|
||||
'primary' => $currency->userGroupNative,
|
||||
|
||||
@@ -40,8 +40,8 @@ class PreferenceTransformer extends AbstractTransformer
|
||||
|
||||
return [
|
||||
'id' => $preference->id,
|
||||
'created_at' => $preference->created_at->toAtomString(),
|
||||
'updated_at' => $preference->updated_at->toAtomString(),
|
||||
'created_at' => $preference->created_at?->toAtomString(),
|
||||
'updated_at' => $preference->updated_at?->toAtomString(),
|
||||
'user_group_id' => $userGroupId,
|
||||
'name' => $preference->name,
|
||||
'data' => $preference->data,
|
||||
|
||||
@@ -33,10 +33,8 @@ use FireflyIII\Http\Middleware\Range;
|
||||
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
|
||||
use FireflyIII\Http\Middleware\SecureHeaders;
|
||||
use FireflyIII\Http\Middleware\StartFireflyIIISession;
|
||||
use FireflyIII\Http\Middleware\TrustProxies;
|
||||
use FireflyIII\Http\Middleware\VerifyCsrfToken;
|
||||
use Illuminate\Contracts\Debug\ExceptionHandler;
|
||||
use Illuminate\Contracts\Http\Kernel;
|
||||
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
||||
use Illuminate\Foundation\Application;
|
||||
use Illuminate\Foundation\Configuration\Exceptions;
|
||||
@@ -47,7 +45,6 @@ use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
|
||||
use Illuminate\Foundation\Http\Middleware\TrimStrings;
|
||||
use Illuminate\Http\Middleware\HandleCors;
|
||||
use Illuminate\Http\Middleware\ValidatePostSize;
|
||||
use Illuminate\Routing\Middleware\SubstituteBindings;
|
||||
use Illuminate\View\Middleware\ShareErrorsFromSession;
|
||||
use Laravel\Passport\Http\Middleware\CreateFreshApiToken;
|
||||
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
|
||||
@@ -92,116 +89,98 @@ if (!function_exists('stringIsEqual')) {
|
||||
$app = Application::configure(basePath: dirname(__DIR__))
|
||||
->withRouting(
|
||||
web : __DIR__ . '/../routes/web.php',
|
||||
api : __DIR__ . '/../routes/api.php',
|
||||
commands: __DIR__ . '/../routes/console.php',
|
||||
health : '/health',
|
||||
health : '/up',
|
||||
)
|
||||
->withMiddleware(function (Middleware $middleware): void {
|
||||
|
||||
// overrule the standard middleware
|
||||
$middleware->use(
|
||||
[
|
||||
InvokeDeferredCallbacks::class,
|
||||
\Illuminate\Http\Middleware\TrustProxies::class, // use the DEFAULT middleware for this.
|
||||
HandleCors::class,
|
||||
PreventRequestsDuringMaintenance::class,
|
||||
ValidatePostSize::class,
|
||||
TrimStrings::class,
|
||||
ConvertEmptyStringsToNull::class,
|
||||
SecureHeaders::class, // is a Firefly III specific middleware class.
|
||||
]
|
||||
InvokeDeferredCallbacks::class,
|
||||
\Illuminate\Http\Middleware\TrustProxies::class, // use the DEFAULT middleware for this.
|
||||
HandleCors::class,
|
||||
PreventRequestsDuringMaintenance::class,
|
||||
ValidatePostSize::class,
|
||||
TrimStrings::class,
|
||||
ConvertEmptyStringsToNull::class,
|
||||
SecureHeaders::class, // is a Firefly III specific middleware class.
|
||||
]
|
||||
);
|
||||
|
||||
// overrule the web group
|
||||
// append and extend the default "web" middleware
|
||||
// to include our own custom "StartFireflyIIISession" class.
|
||||
// this class in turns contains a better "previous URL" feature.
|
||||
// See https://laravel.com/docs/12.x/middleware for the default list.
|
||||
$middleware->group('web',
|
||||
[
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
StartFireflyIIISession::class, // this is different.
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
SubstituteBindings::class,
|
||||
Binder::class, // this is also different.
|
||||
CreateFreshApiToken::class,
|
||||
]
|
||||
);
|
||||
// new group?
|
||||
$middleware->group('binders-only',
|
||||
[
|
||||
Installer::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
Binder::class,
|
||||
]);
|
||||
|
||||
//
|
||||
$middleware->appendToGroup('user-not-logged-in', [
|
||||
Installer::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
Binder::class,
|
||||
RedirectIfAuthenticated::class,
|
||||
]);
|
||||
// the default API group only contains "substitute bindings" middleware
|
||||
// so here we replace the entire API group and add more sensible stuff.
|
||||
$middleware->group('api',
|
||||
[
|
||||
AcceptHeaders::class,
|
||||
EnsureFrontendRequestsAreStateful::class,
|
||||
'auth:api',
|
||||
]
|
||||
);
|
||||
$middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);
|
||||
|
||||
// more
|
||||
$middleware->appendToGroup('user-logged-in-no-2fa', [
|
||||
Installer::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
Binder::class,
|
||||
Authenticate::class,
|
||||
]);
|
||||
|
||||
// simple auth
|
||||
// "simple auth" means the user must be logged in and present,
|
||||
// but does not have to be 2FA authenticated. This is so all users
|
||||
// can always log out, for example.
|
||||
$middleware->appendToGroup('user-simple-auth', [
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
Binder::class,
|
||||
Authenticate::class,
|
||||
]);
|
||||
|
||||
// user full auth
|
||||
// This middleware is added for all routes where the user MUST have full authentication.
|
||||
// this includes 2FA etc.
|
||||
// incidentally, this group also includes the range middleware and the message thing.
|
||||
$middleware->appendToGroup('user-full-auth', [
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
Authenticate::class,
|
||||
MFAMiddleware::class,
|
||||
Range::class,
|
||||
Binder::class,
|
||||
InterestingMessage::class,
|
||||
CreateFreshApiToken::class,
|
||||
]);
|
||||
|
||||
// admin
|
||||
// This middleware is added to ensure that the user is not only logged in and
|
||||
// authenticated (with MFA and everything), but also admin.
|
||||
$middleware->appendToGroup('admin', [
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartFireflyIIISession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
Authenticate::class,
|
||||
// AuthenticateTwoFactor::class,
|
||||
MFAMiddleware::class,
|
||||
IsAdmin::class,
|
||||
Range::class,
|
||||
Binder::class,
|
||||
CreateFreshApiToken::class,
|
||||
InterestingMessage::class,
|
||||
]);
|
||||
|
||||
// api
|
||||
$middleware->appendToGroup('api', [AcceptHeaders::class, EnsureFrontendRequestsAreStateful::class, 'auth:api,sanctum', Binder::class]);
|
||||
// api basic,
|
||||
$middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);
|
||||
// if the user is not logged in, this group applies.
|
||||
// on top of everything else of course.
|
||||
$middleware->appendToGroup('user-not-logged-in', [
|
||||
Installer::class,
|
||||
RedirectIfAuthenticated::class,
|
||||
]);
|
||||
|
||||
// the "binders only" group does not need or ask for authentication
|
||||
// it just makes sure strings from routes are bound to objects if possible.
|
||||
$middleware->group('binders-only',
|
||||
[
|
||||
Installer::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
Binder::class,
|
||||
]);
|
||||
|
||||
// $middleware->priority([StartFireflyIIISession::class, ShareErrorsFromSession::class, Authenticate::class, Binder::class, Authorize::class]);
|
||||
})
|
||||
->withEvents(discover: [
|
||||
__DIR__ . '/../app/Listeners',
|
||||
|
||||
@@ -79,7 +79,7 @@ return [
|
||||
// see cer.php for exchange rates feature flag.
|
||||
],
|
||||
'version' => 'develop/2026-02-15',
|
||||
'build_time' => 1771138014,
|
||||
'build_time' => 1771154471,
|
||||
'api_version' => '2.1.0', // field is no longer used.
|
||||
'db_version' => 28, // field is no longer used.
|
||||
|
||||
|
||||
38
package-lock.json
generated
38
package-lock.json
generated
@@ -4240,6 +4240,22 @@
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/body-parser/node_modules/qs": {
|
||||
"version": "6.14.2",
|
||||
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
|
||||
"integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
|
||||
"dev": true,
|
||||
"license": "BSD-3-Clause",
|
||||
"dependencies": {
|
||||
"side-channel": "^1.1.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=0.6"
|
||||
},
|
||||
"funding": {
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/bonjour-service": {
|
||||
"version": "1.3.0",
|
||||
"resolved": "https://registry.npmjs.org/bonjour-service/-/bonjour-service-1.3.0.tgz",
|
||||
@@ -6191,6 +6207,22 @@
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/express/node_modules/qs": {
|
||||
"version": "6.14.2",
|
||||
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
|
||||
"integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
|
||||
"dev": true,
|
||||
"license": "BSD-3-Clause",
|
||||
"dependencies": {
|
||||
"side-channel": "^1.1.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=0.6"
|
||||
},
|
||||
"funding": {
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/fast-deep-equal": {
|
||||
"version": "3.1.3",
|
||||
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
|
||||
@@ -9717,9 +9749,9 @@
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/qs": {
|
||||
"version": "6.14.2",
|
||||
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
|
||||
"integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
|
||||
"version": "6.15.0",
|
||||
"resolved": "https://registry.npmjs.org/qs/-/qs-6.15.0.tgz",
|
||||
"integrity": "sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==",
|
||||
"dev": true,
|
||||
"license": "BSD-3-Clause",
|
||||
"dependencies": {
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* api-noauth.php
|
||||
* Copyright (c) 2021 james@firefly-iii.org
|
||||
*
|
||||
* This file is part of Firefly III (https://github.com/firefly-iii).
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
use Illuminate\Support\Facades\Route;
|
||||
// Cron job API routes:
|
||||
use FireflyIII\Http\Middleware\AcceptHeaders;
|
||||
|
||||
Route::group(
|
||||
[
|
||||
'namespace' => 'FireflyIII\Api\V1\Controllers\System',
|
||||
'prefix' => '',
|
||||
'as' => 'api.v1.cron.',
|
||||
'middleware' => [AcceptHeaders::class],
|
||||
],
|
||||
static function (): void {
|
||||
Route::get('{cliToken}', ['uses' => 'CronController@cron', 'as' => 'index']);
|
||||
}
|
||||
);
|
||||
@@ -21,6 +21,9 @@
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
use FireflyIII\Http\Middleware\AcceptHeaders;
|
||||
use FireflyIII\Http\Middleware\Binder;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
|
||||
use function Safe\define;
|
||||
@@ -38,6 +41,19 @@ if (!defined('DATEFORMAT')) {
|
||||
define('DATEFORMAT', '(19|20)[0-9]{2}-?[0-9]{2}-?[0-9]{2}');
|
||||
}
|
||||
|
||||
// API route for cron
|
||||
Route::group(
|
||||
[
|
||||
'namespace' => 'FireflyIII\Api\V1\Controllers\System',
|
||||
'prefix' => 'v1',
|
||||
'as' => 'api.v1.cron.',
|
||||
'middleware' => [Binder::class, AcceptHeaders::class],
|
||||
],
|
||||
static function (): void {
|
||||
Route::get('cron/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'index'])->withoutMiddleware(['api']);
|
||||
}
|
||||
);
|
||||
|
||||
// Autocomplete controllers
|
||||
Route::group(
|
||||
[
|
||||
|
||||
@@ -73,24 +73,24 @@ Route::group(
|
||||
}
|
||||
);
|
||||
|
||||
Route::group(
|
||||
['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System', 'as' => 'cron.', 'prefix' => 'cron'],
|
||||
static function (): void {
|
||||
Route::get('run/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'cron']);
|
||||
}
|
||||
);
|
||||
// Route::group(
|
||||
// ['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System', 'as' => 'cron.', 'prefix' => 'cron'],
|
||||
// static function (): void {
|
||||
// Route::get('run/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'cron']);
|
||||
// }
|
||||
// );
|
||||
|
||||
Route::group(
|
||||
['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System'],
|
||||
['middleware' => ['binders-only'], 'namespace' => 'FireflyIII\Http\Controllers\System'],
|
||||
static function (): void {
|
||||
// Route::get('offline', static fn () => view('errors.offline'));
|
||||
// Route::get('health', ['uses' => 'HealthcheckController@check', 'as' => 'healthcheck']);
|
||||
Route::get('health', ['uses' => 'HealthcheckController@check', 'as' => 'healthcheck'])->withoutMiddleware(['web']);
|
||||
}
|
||||
);
|
||||
|
||||
// These routes only work when the user is NOT logged in.
|
||||
Route::group(
|
||||
['middleware' => 'user-not-logged-in', 'namespace' => 'FireflyIII\Http\Controllers'],
|
||||
['middleware' => ['user-not-logged-in'], 'namespace' => 'FireflyIII\Http\Controllers'],
|
||||
static function (): void {
|
||||
// Authentication Routes...
|
||||
Route::get('login', ['uses' => 'Auth\LoginController@showLoginForm', 'as' => 'login']);
|
||||
@@ -128,7 +128,7 @@ Route::group(
|
||||
|
||||
// For the two factor routes, the user must be logged in, but NOT 2FA. Account confirmation does not matter here.
|
||||
Route::group(
|
||||
['middleware' => 'user-logged-in-no-2fa', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'FireflyIII\Http\Controllers\Auth'],
|
||||
['middleware' => 'user-simple-auth', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'FireflyIII\Http\Controllers\Auth'],
|
||||
static function (): void {
|
||||
Route::post('submit', ['uses' => 'TwoFactorController@submitMFA', 'as' => 'submit']);
|
||||
Route::get('lost', ['uses' => 'TwoFactorController@lostTwoFactor', 'as' => 'lost']); // can be removed when v2 is live.
|
||||
|
||||
Reference in New Issue
Block a user