mirror of
https://github.com/grocy/grocy.git
synced 2025-04-29 17:45:39 +00:00
Reworked authentication related menu item handling (fixes #1462)
This commit is contained in:
Bernd Bestel
parent
bcf963ac49
commit
47c936e026
3
app.php
3
app.php
@ -18,7 +18,6 @@ require_once __DIR__ . '/helpers/ConfigurationValidator.php';
|
|||||||
if ((GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease') && !defined('GROCY_USER_ID'))
|
if ((GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease') && !defined('GROCY_USER_ID'))
|
||||||
{
|
{
|
||||||
define('GROCY_USER_ID', 1);
|
define('GROCY_USER_ID', 1);
|
||||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Definitions for disabled authentication mode
|
// Definitions for disabled authentication mode
|
||||||
@ -28,8 +27,6 @@ if (GROCY_DISABLE_AUTH === true)
|
|||||||
{
|
{
|
||||||
define('GROCY_USER_ID', 1);
|
define('GROCY_USER_ID', 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if any invalid entries in config.php have been made
|
// Check if any invalid entries in config.php have been made
|
||||||
|
|||||||
@ -68,6 +68,7 @@
|
|||||||
- The camera barcode scanner now also supports Code 39 barcodes (used for example in Germany on pharma products (PZN)) (thanks @andreheuer)
|
- The camera barcode scanner now also supports Code 39 barcodes (used for example in Germany on pharma products (PZN)) (thanks @andreheuer)
|
||||||
- Fixed that the number picker up/down buttons did not work when the input field was empty or contained an invalid number
|
- Fixed that the number picker up/down buttons did not work when the input field was empty or contained an invalid number
|
||||||
- Fixed that links and embeds (e.g. YouTube videos) did not work in the text editor
|
- Fixed that links and embeds (e.g. YouTube videos) did not work in the text editor
|
||||||
|
- Fixed that the "Manage users" and "Manage API keys" menu was not shown when using reverse proxy authentication
|
||||||
|
|
||||||
### API improvements/fixes
|
### API improvements/fixes
|
||||||
- Added a new API endpoint `/system/localization-strings` to get the localization strings (gettext JSON representation; in the by the user desired language)
|
- Added a new API endpoint `/system/localization-strings` to get the localization strings (gettext JSON representation; in the by the user desired language)
|
||||||
|
|||||||
@ -19,11 +19,6 @@ class ApiKeyAuthMiddleware extends AuthMiddleware
|
|||||||
|
|
||||||
public function authenticate(Request $request)
|
public function authenticate(Request $request)
|
||||||
{
|
{
|
||||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
|
||||||
{
|
|
||||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
|
||||||
}
|
|
||||||
|
|
||||||
$routeContext = RouteContext::fromRequest($request);
|
$routeContext = RouteContext::fromRequest($request);
|
||||||
$route = $routeContext->getRoute();
|
$route = $routeContext->getRoute();
|
||||||
$routeName = $route->getName();
|
$routeName = $route->getName();
|
||||||
|
|||||||
@ -11,6 +11,8 @@ class LdapAuthMiddleware extends AuthMiddleware
|
|||||||
{
|
{
|
||||||
public function authenticate(Request $request)
|
public function authenticate(Request $request)
|
||||||
{
|
{
|
||||||
|
define('GROCY_EXTERNALLY_MANAGED_AUTHENTICATION', true);
|
||||||
|
|
||||||
// TODO: Reuse DefaultAuthMiddleware->authenticate somehow
|
// TODO: Reuse DefaultAuthMiddleware->authenticate somehow
|
||||||
|
|
||||||
// First try to authenticate by API key
|
// First try to authenticate by API key
|
||||||
|
|||||||
@ -10,12 +10,9 @@ class ReverseProxyAuthMiddleware extends AuthMiddleware
|
|||||||
{
|
{
|
||||||
public function authenticate(Request $request)
|
public function authenticate(Request $request)
|
||||||
{
|
{
|
||||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
define('GROCY_EXTERNALLY_MANAGED_AUTHENTICATION', true);
|
||||||
|
|
||||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||||
{
|
|
||||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
|
||||||
}
|
|
||||||
|
|
||||||
// API key authentication is also ok
|
// API key authentication is also ok
|
||||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||||
|
|||||||
@ -15,11 +15,6 @@ class SessionAuthMiddleware extends AuthMiddleware
|
|||||||
|
|
||||||
public function authenticate(Request $request)
|
public function authenticate(Request $request)
|
||||||
{
|
{
|
||||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
|
||||||
{
|
|
||||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
|
||||||
}
|
|
||||||
|
|
||||||
$sessionService = SessionService::getInstance();
|
$sessionService = SessionService::getInstance();
|
||||||
|
|
||||||
if (!isset($_COOKIE[SessionService::SESSION_COOKIE_NAME]) || !$sessionService->IsValidSession($_COOKIE[SessionService::SESSION_COOKIE_NAME]))
|
if (!isset($_COOKIE[SessionService::SESSION_COOKIE_NAME]) || !$sessionService->IsValidSession($_COOKIE[SessionService::SESSION_COOKIE_NAME]))
|
||||||
|
|||||||
@ -466,7 +466,7 @@
|
|||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<ul class="navbar-nav ml-auto">
|
<ul class="navbar-nav ml-auto">
|
||||||
@if(GROCY_AUTHENTICATED === true && !GROCY_IS_EMBEDDED_INSTALL && GROCY_SHOW_AUTH_VIEWS)
|
@if(GROCY_AUTHENTICATED === true && !GROCY_IS_EMBEDDED_INSTALL && !GROCY_DISABLE_AUTH)
|
||||||
<li class="nav-item dropdown">
|
<li class="nav-item dropdown">
|
||||||
<a class="nav-link dropdown-toggle discrete-link @if(!empty(GROCY_USER_PICTURE_FILE_NAME)) py-0 @endif"
|
<a class="nav-link dropdown-toggle discrete-link @if(!empty(GROCY_USER_PICTURE_FILE_NAME)) py-0 @endif"
|
||||||
href="#"
|
href="#"
|
||||||
@ -481,11 +481,16 @@
|
|||||||
</a>
|
</a>
|
||||||
|
|
||||||
<div class="dropdown-menu dropdown-menu-right">
|
<div class="dropdown-menu dropdown-menu-right">
|
||||||
|
@if(!defined('GROCY_EXTERNALLY_MANAGED_AUTHENTICATION'))
|
||||||
<a class="dropdown-item logout-button discrete-link"
|
<a class="dropdown-item logout-button discrete-link"
|
||||||
href="{{ $U('/logout') }}"><i class="fas fa-sign-out-alt"></i> {{ $__t('Logout') }}</a>
|
href="{{ $U('/logout') }}"><i class="fas fa-sign-out-alt"></i> {{ $__t('Logout') }}</a>
|
||||||
<div class="dropdown-divider"></div>
|
<div class="dropdown-divider"></div>
|
||||||
<a class="dropdown-item logout-button discrete-link"
|
<a class="dropdown-item logout-button discrete-link"
|
||||||
href="{{ $U('/user/' . GROCY_USER_ID . '?changepw=true') }}"><i class="fas fa-key"></i> {{ $__t('Change password') }}</a>
|
href="{{ $U('/user/' . GROCY_USER_ID . '?changepw=true') }}"><i class="fas fa-key"></i> {{ $__t('Change password') }}</a>
|
||||||
|
@else
|
||||||
|
<a class="dropdown-item logout-button discrete-link"
|
||||||
|
href="{{ $U('/user/' . GROCY_USER_ID) }}"><i class="fas fa-key"></i> {{ $__t('Edit user') }}</a>
|
||||||
|
@endif
|
||||||
</div>
|
</div>
|
||||||
</li>
|
</li>
|
||||||
@endif
|
@endif
|
||||||
@ -635,11 +640,13 @@
|
|||||||
class="dropdown-item discrete-link link-return">
|
class="dropdown-item discrete-link link-return">
|
||||||
<i class="fas fa-user-cog"></i> {{ $__t('User settings') }}
|
<i class="fas fa-user-cog"></i> {{ $__t('User settings') }}
|
||||||
</a>
|
</a>
|
||||||
|
@if(!GROCY_IS_EMBEDDED_INSTALL && !GROCY_DISABLE_AUTH)
|
||||||
<div class="dropdown-divider"></div>
|
<div class="dropdown-divider"></div>
|
||||||
@if(GROCY_SHOW_AUTH_VIEWS)
|
|
||||||
<a class="dropdown-item discrete-link permission-USERS_READ"
|
<a class="dropdown-item discrete-link permission-USERS_READ"
|
||||||
href="{{ $U('/users') }}"><i class="fas fa-users"></i> {{ $__t('Manage users') }}</a>
|
href="{{ $U('/users') }}"><i class="fas fa-users"></i> {{ $__t('Manage users') }}</a>
|
||||||
|
@endif
|
||||||
<div class="dropdown-divider"></div>
|
<div class="dropdown-divider"></div>
|
||||||
|
@if(!GROCY_DISABLE_AUTH)
|
||||||
<a class="dropdown-item discrete-link"
|
<a class="dropdown-item discrete-link"
|
||||||
href="{{ $U('/manageapikeys') }}"><i class="fas fa-handshake"></i> {{ $__t('Manage API keys') }}</a>
|
href="{{ $U('/manageapikeys') }}"><i class="fas fa-handshake"></i> {{ $__t('Manage API keys') }}</a>
|
||||||
@endif
|
@endif
|
||||||
|
|||||||
@ -65,6 +65,7 @@
|
|||||||
value="@if($mode == 'edit'){{ $user->last_name }}@endif">
|
value="@if($mode == 'edit'){{ $user->last_name }}@endif">
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@if(!defined('GROCY_EXTERNALLY_MANAGED_AUTHENTICATION'))
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="password">{{ $__t('Password') }}</label>
|
<label for="password">{{ $__t('Password') }}</label>
|
||||||
<input type="password"
|
<input type="password"
|
||||||
@ -83,6 +84,16 @@
|
|||||||
name="password_confirm">
|
name="password_confirm">
|
||||||
<div class="invalid-feedback">{{ $__t('Passwords do not match') }}</div>
|
<div class="invalid-feedback">{{ $__t('Passwords do not match') }}</div>
|
||||||
</div>
|
</div>
|
||||||
|
@else
|
||||||
|
<input type="hidden"
|
||||||
|
name="password"
|
||||||
|
id="password"
|
||||||
|
value="x">
|
||||||
|
<input type="hidden"
|
||||||
|
name="password_confirm"
|
||||||
|
id="password_confirm"
|
||||||
|
value="x">
|
||||||
|
@endif
|
||||||
|
|
||||||
@include('components.userfieldsform', array(
|
@include('components.userfieldsform', array(
|
||||||
'userfields' => $userfields,
|
'userfields' => $userfields,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user