Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Updates for Password Protection with OAuth

Browse Source
This commit is contained in:
David Bomba 2021-06-09 16:22:25 +10:00
parent 26a1e34268
commit 3d880f2dd3
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Console/Commands/CheckDb.php
View File

@ -126,9 +126,9 @@ class CheckDb extends Command
public function handle()
{
foreach($this->entities as $entity) {
$this->LogMessage("Checking - V5_DB1");
$this->LogMessage("V5_DB1");
foreach($this->entities as $entity) {
$count_db_1 = $entity::on('db-ninja-01')->count();
$count_db_2 = $entity::on('db-ninja-02a')->count();
@ -140,11 +140,10 @@ class CheckDb extends Command
}
$this->LogMessage("Checking - V5_DB2");
foreach($this->entities as $entity) {
$this->LogMessage("V5_DB2");
$count_db_1 = $entity::on('db-ninja-02')->count();
$count_db_2 = $entity::on('db-ninja-01a')->count();

6
app/Http/Middleware/PasswordProtection.php
View File

@ -71,7 +71,7 @@ class PasswordProtection
nlog($query);
//If OAuth and user also has a password set - check both
if ($existing_user = MultiDB::hasUser($query) && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) {
if ($existing_user = MultiDB::hasUser($query) && auth()->user()->company()->oauth_password_required && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) {
nlog("existing user with password");
@ -79,10 +79,10 @@ class PasswordProtection
return $next($request);
}
elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->has_password){
elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->company()->oauth_password_required){
nlog("existing user without password");
Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout);
return $next($request);
}