mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2026-01-10 12:24:50 +00:00
Various new scripts to improve sandstorm.io experience.
This commit is contained in:
James Cole
@@ -20,6 +20,7 @@ use FireflyIII\Http\Middleware\IsAdmin;
|
||||
use FireflyIII\Http\Middleware\Range;
|
||||
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
|
||||
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
|
||||
use FireflyIII\Http\Middleware\Sandstorm;
|
||||
use FireflyIII\Http\Middleware\VerifyCsrfToken;
|
||||
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
||||
use Illuminate\Auth\Middleware\Authorize;
|
||||
@@ -80,6 +81,7 @@ class Kernel extends HttpKernel
|
||||
// does not check 2fa
|
||||
// does not check activation
|
||||
'web' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
@@ -87,8 +89,11 @@ class Kernel extends HttpKernel
|
||||
VerifyCsrfToken::class,
|
||||
SubstituteBindings::class,
|
||||
],
|
||||
|
||||
|
||||
// MUST NOT be logged in. Does not care about 2FA or confirmation.
|
||||
'user-not-logged-in' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
@@ -101,6 +106,7 @@ class Kernel extends HttpKernel
|
||||
// MUST NOT have 2FA
|
||||
// don't care about confirmation:
|
||||
'user-logged-in-no-2fa' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
@@ -110,24 +116,12 @@ class Kernel extends HttpKernel
|
||||
Authenticate::class,
|
||||
RedirectIfTwoFactorAuthenticated::class,
|
||||
],
|
||||
// MUST be logged in
|
||||
// MUST have 2FA
|
||||
// MUST NOT have confirmation.
|
||||
'user-logged-in-2fa-no-activation' => [
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
ShareErrorsFromSession::class,
|
||||
VerifyCsrfToken::class,
|
||||
SubstituteBindings::class,
|
||||
Authenticate::class,
|
||||
AuthenticateTwoFactor::class,
|
||||
],
|
||||
|
||||
// MUST be logged in
|
||||
// don't care about 2fa
|
||||
// don't care about confirmation.
|
||||
'user-simple-auth' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
@@ -142,6 +136,7 @@ class Kernel extends HttpKernel
|
||||
// MUST be confirmed.
|
||||
// (this group includes the other Firefly middleware)
|
||||
'user-full-auth' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
@@ -159,6 +154,7 @@ class Kernel extends HttpKernel
|
||||
// MUST have owner role
|
||||
// (this group includes the other Firefly middleware)
|
||||
'admin' => [
|
||||
Sandstorm::class,
|
||||
EncryptCookies::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
|
||||
72
app/Http/Middleware/Sandstorm.php
Normal file
72
app/Http/Middleware/Sandstorm.php
Normal file
@@ -0,0 +1,72 @@
|
||||
<?php
|
||||
/**
|
||||
* Sandstorm.php
|
||||
* Copyright (c) 2017 thegrumpydictator@gmail.com
|
||||
* This software may be modified and distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License.
|
||||
*
|
||||
* See the LICENSE file for details.
|
||||
*/
|
||||
|
||||
declare(strict_types = 1);
|
||||
|
||||
namespace FireflyIII\Http\Middleware;
|
||||
|
||||
use Auth;
|
||||
use Closure;
|
||||
use FireflyIII\User;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
/**
|
||||
* Class Sandstorm
|
||||
*
|
||||
* @package FireflyIII\Http\Middleware
|
||||
*/
|
||||
class Sandstorm
|
||||
{
|
||||
/**
|
||||
* Detects if is using Sandstorm, and responds by logging the user
|
||||
* in and/or creating an account.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @param string|null $guard
|
||||
*
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle(Request $request, Closure $next, $guard = null)
|
||||
{
|
||||
// is in Sandstorm environment?
|
||||
$sandstorm = intval(getenv('SANDSTORM')) === 1;
|
||||
if (!$sandstorm) {
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
// we're in sandstorm! is user a guest?
|
||||
if (Auth::guard($guard)->guest()) {
|
||||
$userId = strval($request->header('X-Sandstorm-User-Id'));
|
||||
if (strlen($userId) > 0) {
|
||||
// find user?
|
||||
$email = $userId . '@firefly';
|
||||
$user = User::whereEmail($email)->first();
|
||||
if (is_null($user)) {
|
||||
$user = User::create(
|
||||
[
|
||||
'email' => $email,
|
||||
'password' => str_random(16),
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
// login user:
|
||||
Auth::guard($guard)->login($user);
|
||||
} else {
|
||||
echo 'user id no length, guest?';
|
||||
exit;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user