Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware

2026-01-17 10:08:05 +00:00 · 2024-01-23 16:05:47 +00:00 · 2024-01-23 16:05:47 +00:00 · 9fd4b56066
commit 9fd4b56066
parent d6a6b6bce0
9 changed files with 104 additions and 59 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,9 @@

 v1.5
 ----
+- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
+- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password
+- Fix #143 Ensure that the ProvisioningToken model behave likes all the other Consommable
 - Fix #141 Add a new hook system for the Account Service
 - Fix #138 Add a dictionary attached to the accounts
 - Fix #137 Migrate the icons from Material Icons to Material Symbols
@ -11,6 +14,14 @@ v1.5
 - Fix #132 Move the provisioning_tokens and recovery_codes to dedicated table
 - Fix #130 Drop the group column in the Accounts table

+v1.4.4
+------
+- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
+
+v1.4.3
+------
+- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password update related issue on update
+
 v1.4.2
 ------
 - Fix #135 Refactor the password algorithms code
--- a/flexiapi/app/Helpers/Utils.php
+++ b/flexiapi/app/Helpers/Utils.php
@ -92,11 +92,6 @@ function markdownDocumentationView($view): string
    );
 }

-function publicRegistrationEnabled(): bool
-{
-    return (config('app.public_registration'));
-}
-
 function isRegularExpression($string): bool
 {
    set_error_handler(function () {
--- a/flexiapi/app/Http/Kernel.php
+++ b/flexiapi/app/Http/Kernel.php
@ -72,6 +72,7 @@ class Kernel extends HttpKernel
        'auth.admin' => \App\Http\Middleware\AuthenticateAdmin::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'auth.digest_or_key' => \App\Http\Middleware\AuthenticateDigestOrKey::class,
+        'web_panel_enabled' => \App\Http\Middleware\IsWebPanelEnabled::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
--- a/flexiapi/app/Http/Middleware/IsWebPanelEnabled.php
+++ b/flexiapi/app/Http/Middleware/IsWebPanelEnabled.php
@ -0,0 +1,42 @@
+<?php
+/*
+    Flexisip Account Manager is a set of tools to manage SIP accounts.
+    Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as
+    published by the Free Software Foundation, either version 3 of the
+    License, or (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class IsWebPanelEnabled
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (!$request->expectsJson() && config('app.web_panel')) {
+            return $next($request);
+        }
+
+        return redirect()->route('about');
+    }
+}
--- a/flexiapi/resources/views/account/login.blade.php
+++ b/flexiapi/resources/views/account/login.blade.php
@ -37,7 +37,7 @@

        @include('parts.recovery')

-        @if (publicRegistrationEnabled())
+        @if (config('app.public_registration'))
            <br />
            <br />

--- a/flexiapi/resources/views/layouts/main.blade.php
+++ b/flexiapi/resources/views/layouts/main.blade.php
@ -20,7 +20,6 @@

 <body class="@if (isset($welcome) && $welcome) welcome @endif">
    <header>
-        @if (config('app.web_panel'))
        <nav>
            <a id="logo" href="{{ route('account.home') }}"><span
                    class="on_desktop">{{ config('app.name') }}</span></a>
@ -43,7 +42,6 @@
                </a>
            @endif
        </nav>
-        @endif
    </header>

    <content>
--- a/flexiapi/resources/views/parts/recovery.blade.php
+++ b/flexiapi/resources/views/parts/recovery.blade.php
@ -1,4 +1,3 @@
-@if (config('app.web_panel'))
 <p class="text-center pt-3">
    @if (config('app.account_email_unique'))
        Set or recover your account
@ -13,4 +12,3 @@
 <p class="text-center">
    …or login using an already authenticated device <a href="{{ route('account.authenticate.auth_token') }}">by flashing a QRcode</a>.
 </p>
-@endif
--- a/flexiapi/routes/web.php
+++ b/flexiapi/routes/web.php
@ -44,16 +44,16 @@ Route::redirect('/', 'login')->name('account.home');
 Route::get('documentation', 'Account\AccountController@documentation')->name('account.documentation');
 Route::get('about', 'AboutController@about')->name('about');

-if (config('app.web_panel')) {
+Route::middleware(['web_panel_enabled'])->group(function () {
    Route::get('login', 'Account\AuthenticateController@login')->name('account.login');
    Route::post('authenticate', 'Account\AuthenticateController@authenticate')->name('account.authenticate');
    Route::get('authenticate/qrcode/{token?}', 'Account\AuthenticateController@loginAuthToken')->name('account.authenticate.auth_token');
-}

    Route::prefix('creation_token')->controller(CreationRequestTokenController::class)->group(function () {
        Route::get('check/{token}', 'check')->name('account.creation_request_token.check');
        Route::post('validate', 'validateToken')->name('account.creation_request_token.validate');
    });
+});

 Route::group(['middleware' => 'auth.digest_or_key'], function () {
    Route::get('provisioning/me', 'Account\ProvisioningController@me')->name('provisioning.me');
@ -71,7 +71,8 @@ Route::name('provisioning.')->prefix('provisioning')->controller(ProvisioningCon
    Route::get('/', 'show')->name('show');
 });

-if (publicRegistrationEnabled()) {
+Route::middleware(['web_panel_enabled'])->group(function () {
+    if (config('app.public_registration')) {
        Route::redirect('register', 'register/email')->name('account.register');

        if (config('app.phone_authentication')) {
@ -82,7 +83,6 @@ if (publicRegistrationEnabled()) {
        Route::post('accounts', 'Account\AccountController@store')->name('account.store');
    }

-if (config('app.web_panel')) {
    Route::prefix('recovery')->controller(RecoveryController::class)->group(function () {
        Route::get('phone', 'showPhone')->name('account.recovery.show.phone');
        Route::get('email', 'showEmail')->name('account.recovery.show.email');
@ -250,4 +250,4 @@ if (config('app.web_panel')) {
            });
        });
    });
-}
+});