Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-06-04 05:34:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Updates for Password Protection with OAuth

Browse Source
This commit is contained in:
David Bomba 2021-06-09 16:22:25 +10:00
parent 26a1e34268
commit 3d880f2dd3
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Console/Commands/CheckDb.php
View File

@ -126,9 +126,9 @@ class CheckDb extends Command
public function handle() public function handle()
{ {
foreach($this->entities as $entity) { $this->LogMessage("Checking - V5_DB1");
$this->LogMessage("V5_DB1"); foreach($this->entities as $entity) {
$count_db_1 = $entity::on('db-ninja-01')->count(); $count_db_1 = $entity::on('db-ninja-01')->count();
$count_db_2 = $entity::on('db-ninja-02a')->count(); $count_db_2 = $entity::on('db-ninja-02a')->count();
@ -140,11 +140,10 @@ class CheckDb extends Command
} }
$this->LogMessage("Checking - V5_DB2");
foreach($this->entities as $entity) { foreach($this->entities as $entity) {
$this->LogMessage("V5_DB2");
$count_db_1 = $entity::on('db-ninja-02')->count(); $count_db_1 = $entity::on('db-ninja-02')->count();
$count_db_2 = $entity::on('db-ninja-01a')->count(); $count_db_2 = $entity::on('db-ninja-01a')->count();

6
app/Http/Middleware/PasswordProtection.php
View File

@ -71,7 +71,7 @@ class PasswordProtection
nlog($query); nlog($query);
//If OAuth and user also has a password set - check both //If OAuth and user also has a password set - check both
if ($existing_user = MultiDB::hasUser($query) && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) { if ($existing_user = MultiDB::hasUser($query) && auth()->user()->company()->oauth_password_required && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) {
nlog("existing user with password"); nlog("existing user with password");
@ -79,10 +79,10 @@ class PasswordProtection
return $next($request); return $next($request);
} }
elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->has_password){ elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->company()->oauth_password_required){
nlog("existing user without password"); nlog("existing user without password");
Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout); Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout);
return $next($request); return $next($request);
} }