extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-11-26 02:04:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Set user to orphan 2FAs/groups when behind auth proxy - Fix #176

Browse Source
This commit is contained in:
Bubka 2023-04-19 08:38:48 +02:00
parent a9cefc5f3a
commit a584c21670
6 changed files with 69 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Api/v1/Controllers/GroupController.php
View File

@ -9,6 +9,7 @@
use App\Facades\Groups; use App\Facades\Groups;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Models\Group; use App\Models\Group;
use App\Models\User;
use Illuminate\Http\Request; use Illuminate\Http\Request;
class GroupController extends Controller class GroupController extends Controller
@ -20,6 +21,14 @@ class GroupController extends Controller
*/ */
public function index(Request $request) public function index(Request $request)
{ {
// Quick fix for #176
if (config('auth.defaults.guard') === 'reverse-proxy-guard' && User::count() === 1) {
if (Group::orphans()->exists()) {
$groups = Group::orphans()->get();
Groups::setUser($groups, $request->user());
}
}
// We do not use fluent call all over the call chain to ease tests // We do not use fluent call all over the call chain to ease tests
$user = $request->user(); $user = $request->user();
$groups = $user->groups()->withCount('twofaccounts')->get(); $groups = $user->groups()->withCount('twofaccounts')->get();

9
app/Api/v1/Controllers/TwoFAccountController.php
View File

@ -18,6 +18,7 @@
use App\Helpers\Helpers; use App\Helpers\Helpers;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Models\TwoFAccount; use App\Models\TwoFAccount;
use App\Models\User;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Arr; use Illuminate\Support\Arr;
@ -30,6 +31,14 @@ class TwoFAccountController extends Controller
*/ */
public function index(Request $request) public function index(Request $request)
{ {
// Quick fix for #176
if (config('auth.defaults.guard') === 'reverse-proxy-guard' && User::count() === 1) {
if (TwoFAccount::orphans()->exists()) {
$twofaccounts = TwoFAccount::orphans()->get();
TwoFAccounts::setUser($twofaccounts, $request->user());
}
}
return new TwoFAccountCollection($request->user()->twofaccounts->sortBy('order_column')); return new TwoFAccountCollection($request->user()->twofaccounts->sortBy('order_column'));
} }

11
app/Models/Group.php
View File

@ -103,4 +103,15 @@ public function user()
{ {
return $this->belongsTo(\App\Models\User::class); return $this->belongsTo(\App\Models\User::class);
} }
/**
* Scope a query to only include orphan (userless) groups.
*
* @param \Illuminate\Database\Eloquent\Builder<User> $query
* @return \Illuminate\Database\Eloquent\Builder<User>
*/
public function scopeOrphans($query)
{
return $query->where('user_id', null);
}
} }

11
app/Models/TwoFAccount.php
View File

@ -215,6 +215,17 @@ public function user()
return $this->belongsTo(\App\Models\User::class); return $this->belongsTo(\App\Models\User::class);
} }
/**
* Scope a query to only include orphan (userless) accounts.
*
* @param \Illuminate\Database\Eloquent\Builder<User> $query
* @return \Illuminate\Database\Eloquent\Builder<User>
*/
public function scopeOrphans($query)
{
return $query->where('user_id', null);
}
/** /**
* Get legacy_uri attribute * Get legacy_uri attribute
* *

14
app/Services/GroupService.php
View File

@ -60,6 +60,20 @@ public static function prependTheAllGroup(Collection $groups, User $user) : Coll
return $groups->prepend($theAllGroup); return $groups->prepend($theAllGroup);
} }
/**
* Set owner of given groups
*
* @param Collection<int, Group> $groups
* @param \App\Models\User $user
*/
public static function setUser(Collection $groups, User $user) : void
{
$groups->each(function ($group, $key) use ($user) {
$group->user_id = $user->id;
$group->save();
});
}
/** /**
* Determines the default group of the given user * Determines the default group of the given user
* *

15
app/Services/TwoFAccountService.php
View File

@ -5,6 +5,7 @@
use App\Factories\MigratorFactoryInterface; use App\Factories\MigratorFactoryInterface;
use App\Helpers\Helpers; use App\Helpers\Helpers;
use App\Models\TwoFAccount; use App\Models\TwoFAccount;
use App\Models\User;
use Illuminate\Support\Collection; use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
@ -93,6 +94,20 @@ public static function delete($ids) : int
return $deleted; return $deleted;
} }
/**
* Set owner of given twofaccounts
*
* @param \Illuminate\Support\Collection<int, TwoFAccount> $twofaccounts
* @param \App\Models\User $user
*/
public static function setUser(Collection $twofaccounts, User $user) : void
{
$twofaccounts->each(function ($twofaccount, $key) use ($user) {
$twofaccount->user_id = $user->id;
$twofaccount->save();
});
}
/** /**
* Return the given collection with items marked as Duplicates (using id=-1) if similar records exist * Return the given collection with items marked as Duplicates (using id=-1) if similar records exist
* in the authenticated user accounts * in the authenticated user accounts