Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-06-03 11:04:37 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add back passwordprotection middleware

Browse Source
This commit is contained in:
David Bomba 2023-06-21 06:51:48 +10:00
parent db6c351ff8
commit 786bda2515
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/Filters/RecurringInvoiceFilters.php
View File

@ -34,10 +34,17 @@ class RecurringInvoiceFilters extends QueryFilters
} }
return $this->builder->where(function ($query) use ($filter) { return $this->builder->where(function ($query) use ($filter) {
$query->where('recurring_invoices.custom_value1', 'like', '%'.$filter.'%') $query->where('number', 'like', '%'.$filter.'%')
->orWhere('recurring_invoices.custom_value2', 'like', '%'.$filter.'%') ->orWhere('date', 'like', '%'.$filter.'%')
->orWhere('recurring_invoices.custom_value3', 'like', '%'.$filter.'%') ->orWhere('amount', 'like', '%'.$filter.'%')
->orWhere('recurring_invoices.custom_value4', 'like', '%'.$filter.'%'); ->orWhere('balance', 'like', '%'.$filter.'%')
->orWhere('custom_value1', 'like', '%'.$filter.'%')
->orWhere('custom_value2', 'like', '%'.$filter.'%')
->orWhere('custom_value3', 'like', '%'.$filter.'%')
->orWhere('custom_value4', 'like', '%'.$filter.'%')
->orWhereHas('client', function ($q) use ($filter) {
$q->where('name', 'like', '%'.$filter.'%');
});
}); });
} }

6
app/Http/Middleware/PasswordProtection.php
View File

@ -58,7 +58,11 @@ class PasswordProtection
Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout); Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout);
return $next($request); return $next($request);
} elseif ($request->header('X-API-OAUTH-PASSWORD') && strlen($request->header('X-API-OAUTH-PASSWORD')) >=1) { }
elseif(strlen(auth()->user()->oauth_provider_id) > 2 && !auth()->user()->company()->oauth_password_required){
return $next($request);
}
elseif ($request->header('X-API-OAUTH-PASSWORD') && strlen($request->header('X-API-OAUTH-PASSWORD')) >=1) {
//user is attempting to reauth with OAuth - check the token value //user is attempting to reauth with OAuth - check the token value
//todo expand this to include all OAuth providers //todo expand this to include all OAuth providers
if (auth()->user()->oauth_provider_id == 'google') { if (auth()->user()->oauth_provider_id == 'google') {