From f32283d2f18d8a6c780e4814858e8715aab74d24 Mon Sep 17 00:00:00 2001 From: James Cole Date: Sat, 10 Jun 2023 16:21:01 +0200 Subject: [PATCH] Fix #7618 --- app/Http/Controllers/ProfileController.php | 52 ++++++++++------------ config/firefly.php | 1 - resources/views/profile/index.twig | 8 ++-- 3 files changed, 28 insertions(+), 33 deletions(-) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index f7189e3df0..b4e818a9df 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -70,7 +70,6 @@ class ProfileController extends Controller use CreateStuff; protected bool $internalAuth; - protected bool $internalIdentity; /** * ProfileController constructor. @@ -89,10 +88,8 @@ class ProfileController extends Controller return $next($request); } ); - $loginProvider = config('firefly.login_provider'); - $authGuard = config('firefly.authentication_guard'); - $this->internalAuth = 'web' === $authGuard; - $this->internalIdentity = 'eloquent' === $loginProvider; + $authGuard = config('firefly.authentication_guard'); + $this->internalAuth = 'web' === $authGuard; Log::debug(sprintf('ProfileController::__construct(). Login provider is "%s", authentication guard is "%s"', $loginProvider, $authGuard)); $this->middleware(IsDemoUser::class)->except(['index']); @@ -107,7 +104,7 @@ class ProfileController extends Controller */ public function changeEmail(Request $request): Factory|RedirectResponse|View { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -130,7 +127,7 @@ class ProfileController extends Controller */ public function changePassword(Request $request) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -157,7 +154,7 @@ class ProfileController extends Controller */ public function code(Request $request): Factory|View|RedirectResponse { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -213,7 +210,7 @@ class ProfileController extends Controller */ public function confirmEmailChange(UserRepositoryInterface $repository, string $token): RedirectResponse|Redirector { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { throw new FireflyException(trans('firefly.external_user_mgt_disabled')); } // find preference with this token value. @@ -247,7 +244,7 @@ class ProfileController extends Controller */ public function deleteAccount(Request $request): View|RedirectResponse { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -265,7 +262,7 @@ class ProfileController extends Controller */ public function deleteCode(Request $request): RedirectResponse|Redirector { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -293,7 +290,7 @@ class ProfileController extends Controller */ public function enable2FA(Request $request): RedirectResponse|Redirector { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -326,14 +323,13 @@ class ProfileController extends Controller public function index(): Factory|View { /** @var User $user */ - $user = auth()->user(); - $isInternalAuth = $this->internalAuth; - $isInternalIdentity = $this->internalIdentity; - $count = DB::table('oauth_clients')->where('personal_access_client', true)->whereNull('user_id')->count(); - $subTitle = $user->email; - $userId = $user->id; - $enabled2FA = null !== $user->mfa_secret; - $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data); + $user = auth()->user(); + $isInternalAuth = $this->internalAuth; + $count = DB::table('oauth_clients')->where('personal_access_client', true)->whereNull('user_id')->count(); + $subTitle = $user->email; + $userId = $user->id; + $enabled2FA = null !== $user->mfa_secret; + $mfaBackupCount = count(app('preferences')->get('mfa_recovery', [])->data); $this->createOAuthKeys(); if (0 === $count) { @@ -350,7 +346,7 @@ class ProfileController extends Controller return view( 'profile.index', - compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth', 'isInternalIdentity') + compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth') ); } @@ -376,7 +372,7 @@ class ProfileController extends Controller */ public function newBackupCodes(Request $request): Factory|View|RedirectResponse { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -407,7 +403,7 @@ class ProfileController extends Controller */ public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository): Factory|RedirectResponse|Redirector { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -456,7 +452,7 @@ class ProfileController extends Controller */ public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -493,7 +489,7 @@ class ProfileController extends Controller */ public function postCode(TokenFormRequest $request) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -541,7 +537,7 @@ class ProfileController extends Controller */ public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -601,7 +597,7 @@ class ProfileController extends Controller */ public function regenerate(Request $request) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { $request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); return redirect(route('profile.index')); @@ -629,7 +625,7 @@ class ProfileController extends Controller */ public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash) { - if (!$this->internalAuth || !$this->internalIdentity) { + if (!$this->internalAuth) { throw new FireflyException(trans('firefly.external_user_mgt_disabled')); } diff --git a/config/firefly.php b/config/firefly.php index eb011dc6f0..29205c4cbc 100644 --- a/config/firefly.php +++ b/config/firefly.php @@ -137,7 +137,6 @@ return [ 'tracker_url' => env('TRACKER_URL', ''), // authentication settings - 'login_provider' => envNonEmpty('LOGIN_PROVIDER', 'eloquent'), 'authentication_guard' => envNonEmpty('AUTHENTICATION_GUARD', 'web'), 'custom_logout_url' => envNonEmpty('CUSTOM_LOGOUT_URL', ''), diff --git a/resources/views/profile/index.twig b/resources/views/profile/index.twig index 166a240404..da702d0662 100644 --- a/resources/views/profile/index.twig +++ b/resources/views/profile/index.twig @@ -22,7 +22,7 @@
  • {{ 'oauth'|_ }}
    • - {% if true == isInternalAuth and true == isInternalIdentity %} + {% if true == isInternalAuth %}
  • {{ 'pref_two_factor_auth'|_ }} @@ -45,7 +45,7 @@
    - {% if true == isInternalAuth and true == isInternalIdentity %} + {% if true == isInternalAuth %}