From 03cf280063ad7892e50217f45075ccd987c7c23f Mon Sep 17 00:00:00 2001 From: denisdulici Date: Wed, 4 Mar 2020 11:09:28 +0300 Subject: [PATCH] started l7 --- .env.example | 4 +- .env.testing | 2 +- .htaccess | 2 +- app/Console/Stubs/Modules/routes/admin.stub | 2 + app/Console/Stubs/Modules/routes/portal.stub | 2 + app/Exceptions/Handler.php | 12 +- app/Utilities/Overrider.php | 14 +- composer.json | 21 +-- config/app.php | 1 + config/auth.php | 16 ++- config/cors.php | 34 +++++ config/database.php | 8 +- config/filesystems.php | 17 ++- config/logging.php | 4 + config/mail.php | 132 +++++++------------ config/session.php | 6 +- config/view.php | 14 ++ database/seeds/SampleData.php | 2 +- index.php | 2 +- resources/lang/en-GB/passwords.php | 1 + routes/admin.php | 2 + routes/api.php | 2 + routes/channels.php | 2 + routes/common.php | 2 + routes/console.php | 1 + routes/guest.php | 2 + routes/install.php | 2 + routes/portal.php | 2 + routes/signed.php | 2 + routes/wizard.php | 2 + 30 files changed, 195 insertions(+), 120 deletions(-) create mode 100644 config/cors.php diff --git a/.env.example b/.env.example index 35e6b1393..016748105 100644 --- a/.env.example +++ b/.env.example @@ -20,7 +20,7 @@ SESSION_DRIVER=file QUEUE_CONNECTION=sync LOG_CHANNEL=stack -MAIL_DRIVER=mail +MAIL_MAILER=mail MAIL_HOST=localhost MAIL_PORT=2525 MAIL_USERNAME=null @@ -31,4 +31,4 @@ MAIL_FROM_ADDRESS=null FIREWALL_ENABLED=false -MODEL_CACHE_ENABLED=false \ No newline at end of file +MODEL_CACHE_ENABLED=false diff --git a/.env.testing b/.env.testing index 60ecb874e..41d3ee148 100644 --- a/.env.testing +++ b/.env.testing @@ -16,7 +16,7 @@ SESSION_DRIVER=file QUEUE_CONNECTION=sync LOG_CHANNEL=stack -MAIL_DRIVER=log +MAIL_MAILER=log MAIL_HOST=localhost MAIL_PORT=2525 MAIL_USERNAME=null diff --git a/.htaccess b/.htaccess index 13aff4065..8e48aefdb 100644 --- a/.htaccess +++ b/.htaccess @@ -27,7 +27,7 @@ RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)/$ /$1 [L,R=301] - # Handle Front Controller... + # Send Requests To Front Controller... RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [L] diff --git a/app/Console/Stubs/Modules/routes/admin.stub b/app/Console/Stubs/Modules/routes/admin.stub index cfda97c7b..f272c31f6 100644 --- a/app/Console/Stubs/Modules/routes/admin.stub +++ b/app/Console/Stubs/Modules/routes/admin.stub @@ -1,5 +1,7 @@ 'admin', 'namespace' => 'Modules\$STUDLY_NAME$\Http\Controllers' diff --git a/app/Console/Stubs/Modules/routes/portal.stub b/app/Console/Stubs/Modules/routes/portal.stub index f4fd6b18b..8255ef6cd 100644 --- a/app/Console/Stubs/Modules/routes/portal.stub +++ b/app/Console/Stubs/Modules/routes/portal.stub @@ -1,5 +1,7 @@ 'portal', 'middleware' => 'portal', diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 45dc16741..eb837707a 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -2,12 +2,12 @@ namespace App\Exceptions; -use Exception; use Illuminate\Auth\AuthenticationException; +use Illuminate\Database\Eloquent\ModelNotFoundException; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\Debug\Exception\FatalThrowableError; -use Illuminate\Database\Eloquent\ModelNotFoundException; +use Throwable; class Handler extends ExceptionHandler { @@ -35,10 +35,10 @@ class Handler extends ExceptionHandler * * This is a great spot to send exceptions to Sentry, Bugsnag, etc. * - * @param \Exception $exception + * @param \Throwable $exception * @return void */ - public function report(Exception $exception) + public function report(Throwable $exception) { parent::report($exception); } @@ -47,10 +47,10 @@ class Handler extends ExceptionHandler * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request - * @param \Exception $exception + * @param \Throwable $exception * @return \Illuminate\Http\Response */ - public function render($request, Exception $exception) + public function render($request, Throwable $exception) { if (env('APP_DEBUG') === false) { return $this->handleExceptions($request, $exception); diff --git a/app/Utilities/Overrider.php b/app/Utilities/Overrider.php index afc5f33e1..d7a831113 100644 --- a/app/Utilities/Overrider.php +++ b/app/Utilities/Overrider.php @@ -36,18 +36,18 @@ class Overrider // Email $email_protocol = setting('email.protocol', 'mail'); - config(['mail.driver' => $email_protocol]); + config(['mail.default' => $email_protocol]); config(['mail.from.name' => setting('company.name')]); config(['mail.from.address' => setting('company.email')]); if ($email_protocol == 'sendmail') { - config(['mail.sendmail' => setting('email.sendmail_path')]); + config(['mail.sendmail.path' => setting('email.sendmail_path')]); } elseif ($email_protocol == 'smtp') { - config(['mail.host' => setting('email.smtp_host')]); - config(['mail.port' => setting('email.smtp_port')]); - config(['mail.username' => setting('email.smtp_username')]); - config(['mail.password' => setting('email.smtp_password')]); - config(['mail.encryption' => setting('email.smtp_encryption')]); + config(['mail.smtp.host' => setting('email.smtp_host')]); + config(['mail.smtp.port' => setting('email.smtp_port')]); + config(['mail.smtp.username' => setting('email.smtp_username')]); + config(['mail.smtp.password' => setting('email.smtp_password')]); + config(['mail.smtp.encryption' => setting('email.smtp_encryption')]); } // Locale diff --git a/composer.json b/composer.json index f5deaa9c3..7910800bf 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "license": "GPL-3.0+", "type": "project", "require": { - "php": "^7.2", + "php": "^7.2.5", "ext-bcmath": "*", "akaunting/firewall": "1.2.*", "akaunting/language": "1.0.*", @@ -28,15 +28,16 @@ "consoletvs/charts": "6.5.*", "dingo/api": "2.4.*", "doctrine/dbal": "2.9.*", - "fideloper/proxy": "4.2.*", + "fideloper/proxy": "^4.2", + "fruitcake/laravel-cors": "^1.0", "genealabs/laravel-model-caching": "0.7.*", - "guzzlehttp/guzzle": "6.5.*", + "guzzlehttp/guzzle": "^6.5", "intervention/image": "2.5.*", "jenssegers/date": "3.5.*", "kyslik/column-sortable": "6.*", "laracasts/flash": "3.0.*", - "laravel/framework": "6.*", - "laravel/tinker": "2.0.*", + "laravel/framework": "^7.0", + "laravel/tinker": "^2.0", "laravelcollective/html": "6.0.*", "lorisleiva/laravel-search-string": "0.1.*", "maatwebsite/excel": "3.1.*", @@ -50,11 +51,11 @@ }, "require-dev": { "beyondcode/laravel-dump-server": "^1.0", - "facade/ignition": "^1.4", - "fzaninotto/faker": "^1.9", - "mockery/mockery": "^1.0", - "nunomaduro/collision": "^3.0", - "phpunit/phpunit": "^8.0" + "facade/ignition": "^2.0", + "fzaninotto/faker": "^1.9.1", + "mockery/mockery": "^1.3", + "nunomaduro/collision": "^4.1", + "phpunit/phpunit": "^8.5" }, "extra": { "laravel": { diff --git a/config/app.php b/config/app.php index d25fe957e..9c7db1d99 100644 --- a/config/app.php +++ b/config/app.php @@ -212,6 +212,7 @@ return [ 'File' => Illuminate\Support\Facades\File::class, 'Gate' => Illuminate\Support\Facades\Gate::class, 'Hash' => Illuminate\Support\Facades\Hash::class, + 'Http' => Illuminate\Support\Facades\Http::class, 'Lang' => Illuminate\Support\Facades\Lang::class, 'Log' => Illuminate\Support\Facades\Log::class, 'Mail' => Illuminate\Support\Facades\Mail::class, diff --git a/config/auth.php b/config/auth.php index 3d598a337..3e7a5aedd 100644 --- a/config/auth.php +++ b/config/auth.php @@ -97,7 +97,21 @@ return [ 'provider' => 'users', 'table' => 'password_resets', 'expire' => 60, + 'throttle' => 60, ], - ], + ],, + + /* + |-------------------------------------------------------------------------- + | Password Confirmation Timeout + |-------------------------------------------------------------------------- + | + | Here you may define the amount of seconds before a password confirmation + | times out and the user is prompted to re-enter their password via the + | confirmation screen. By default, the timeout lasts for three hours. + | + */ + + 'password_timeout' => 10800, ]; diff --git a/config/cors.php b/config/cors.php new file mode 100644 index 000000000..5c9de8972 --- /dev/null +++ b/config/cors.php @@ -0,0 +1,34 @@ + ['api/*'], + + 'allowed_methods' => ['*'], + + 'allowed_origins' => ['*'], + + 'allowed_origins_patterns' => [], + + 'allowed_headers' => ['*'], + + 'exposed_headers' => false, + + 'max_age' => false, + + 'supports_credentials' => false, + +]; diff --git a/config/database.php b/config/database.php index c0b39b4f8..7705047d0 100644 --- a/config/database.php +++ b/config/database.php @@ -138,16 +138,16 @@ return [ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), 'password' => env('REDIS_PASSWORD', null), - 'port' => env('REDIS_PORT', 6379), - 'database' => env('REDIS_DB', 0), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_DB', '0'), ], 'cache' => [ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), 'password' => env('REDIS_PASSWORD', null), - 'port' => env('REDIS_PORT', 6379), - 'database' => env('REDIS_CACHE_DB', 1), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_CACHE_DB', '1'), ], ], diff --git a/config/filesystems.php b/config/filesystems.php index 0574b64ef..367054dae 100644 --- a/config/filesystems.php +++ b/config/filesystems.php @@ -85,9 +85,24 @@ return [ 'secret' => env('AWS_SECRET_ACCESS_KEY'), 'region' => env('AWS_DEFAULT_REGION'), 'bucket' => env('AWS_BUCKET'), - 'url' => app()->runningInConsole() ? '' : url('/'), + 'url' => env('AWS_URL'), ], + ],, + + /* + |-------------------------------------------------------------------------- + | Symbolic Links + |-------------------------------------------------------------------------- + | + | Here you may configure the symbolic links that will be created when the + | `storage:link` Artisan command is executed. The array keys should be + | the locations of the links and the values should be their targets. + | + */ + + 'links' => [ + public_path('storage') => storage_path('app/public'), ], ]; diff --git a/config/logging.php b/config/logging.php index 22d3baf43..83bcc69f1 100644 --- a/config/logging.php +++ b/config/logging.php @@ -96,6 +96,10 @@ return [ 'handler' => NullHandler::class, ], + 'emergency' => [ + 'path' => storage_path('logs/laravel.log'), + ], + ], ]; diff --git a/config/mail.php b/config/mail.php index 3c65eb3fb..e1664d48f 100644 --- a/config/mail.php +++ b/config/mail.php @@ -4,45 +4,67 @@ return [ /* |-------------------------------------------------------------------------- - | Mail Driver + | Default Mailer |-------------------------------------------------------------------------- | - | Laravel supports both SMTP and PHP's "mail" function as drivers for the - | sending of e-mail. You may specify which one you're using throughout - | your application here. By default, Laravel is setup for SMTP mail. + | This option controls the default mailer that is used to send any email + | messages sent by your application. Alternative mailers may be setup + | and used as needed; however, this mailer will be used by default. + | + */ + + 'default' => env('MAIL_MAILER', 'smtp'), + + /* + |-------------------------------------------------------------------------- + | Mailer Configurations + |-------------------------------------------------------------------------- + | + | Here you may configure all of the mailers used by your application plus + | their respective settings. Several examples have been configured for + | you and you are free to add your own as your application requires. + | + | Laravel supports a variety of mail "transport" drivers to be used while + | sending an e-mail. You will specify which one you are using for your + | mailers below. You are free to add additional mailers as required. | | Supported: "smtp", "sendmail", "mailgun", "ses", - | "postmark", "log", "array" + | "postmark", "log", "array", "mail" | */ - 'driver' => env('MAIL_DRIVER', 'smtp'), + 'mailers' => [ + 'smtp' => [ + 'transport' => 'smtp', + 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), + 'port' => env('MAIL_PORT', 587), + 'encryption' => env('MAIL_ENCRYPTION', 'tls'), + 'username' => env('MAIL_USERNAME'), + 'password' => env('MAIL_PASSWORD'), + ], - /* - |-------------------------------------------------------------------------- - | SMTP Host Address - |-------------------------------------------------------------------------- - | - | Here you may provide the host address of the SMTP server used by your - | applications. A default option is provided that is compatible with - | the Mailgun mail service which will provide reliable deliveries. - | - */ + 'ses' => [ + 'transport' => 'ses', + ], - 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), + 'sendmail' => [ + 'transport' => 'sendmail', + 'path' => '/usr/sbin/sendmail -bs', + ], - /* - |-------------------------------------------------------------------------- - | SMTP Host Port - |-------------------------------------------------------------------------- - | - | This is the SMTP port used by your application to deliver e-mails to - | users of the application. Like the host we have set this value to - | stay compatible with the Mailgun e-mail application by default. - | - */ + 'log' => [ + 'transport' => 'log', + 'channel' => env('MAIL_LOG_CHANNEL'), + ], - 'port' => env('MAIL_PORT', 587), + 'array' => [ + 'transport' => 'array', + ], + + 'mail' => [ + 'transport' => 'mail', + ], + ], /* |-------------------------------------------------------------------------- @@ -60,47 +82,6 @@ return [ 'name' => env('MAIL_FROM_NAME', 'Example'), ], - /* - |-------------------------------------------------------------------------- - | E-Mail Encryption Protocol - |-------------------------------------------------------------------------- - | - | Here you may specify the encryption protocol that should be used when - | the application send e-mail messages. A sensible default using the - | transport layer security protocol should provide great security. - | - */ - - 'encryption' => env('MAIL_ENCRYPTION', 'tls'), - - /* - |-------------------------------------------------------------------------- - | SMTP Server Username - |-------------------------------------------------------------------------- - | - | If your SMTP server requires a username for authentication, you should - | set it here. This will get used to authenticate with your server on - | connection. You may also set the "password" value below this one. - | - */ - - 'username' => env('MAIL_USERNAME'), - - 'password' => env('MAIL_PASSWORD'), - - /* - |-------------------------------------------------------------------------- - | Sendmail System Path - |-------------------------------------------------------------------------- - | - | When using the "sendmail" driver to send e-mails, we will need to know - | the path to where Sendmail lives on this server. A default path has - | been provided here, which will work well on most of your systems. - | - */ - - 'sendmail' => '/usr/sbin/sendmail -bs', - /* |-------------------------------------------------------------------------- | Markdown Mail Settings @@ -120,17 +101,4 @@ return [ ], ], - /* - |-------------------------------------------------------------------------- - | Log Channel - |-------------------------------------------------------------------------- - | - | If you are using the "log" driver, you may specify the logging channel - | if you prefer to keep mail messages separate from other log entries - | for simpler reading. Otherwise, the default channel will be used. - | - */ - - 'log_channel' => env('MAIL_LOG_CHANNEL'), - ]; diff --git a/config/session.php b/config/session.php index b6dac2588..c4fc9a13a 100644 --- a/config/session.php +++ b/config/session.php @@ -163,7 +163,7 @@ return [ | */ - 'secure' => env('SESSION_SECURE_COOKIE', false), + 'secure' => env('SESSION_SECURE_COOKIE', null), /* |-------------------------------------------------------------------------- @@ -187,10 +187,10 @@ return [ | take place, and can be used to mitigate CSRF attacks. By default, we | do not enable this as other CSRF protection services are in place. | - | Supported: "lax", "strict" + | Supported: "lax", "strict", "none" | */ - 'same_site' => null, + 'same_site' => 'lax', ]; diff --git a/config/view.php b/config/view.php index 22b8a18d3..1b3162f3a 100644 --- a/config/view.php +++ b/config/view.php @@ -33,4 +33,18 @@ return [ realpath(storage_path('framework/views')) ), + + /* + |-------------------------------------------------------------------------- + | Blade View Modification Checking + |-------------------------------------------------------------------------- + | + | On every request the framework will check to see if a view has expired + | to determine if it needs to be recompiled. If you are in production + | and precompiling views this feature may be disabled to save time. + | + */ + + 'expires' => env('VIEW_CHECK_EXPIRATION', true), + ]; diff --git a/database/seeds/SampleData.php b/database/seeds/SampleData.php index 21af5cac1..c5df96240 100755 --- a/database/seeds/SampleData.php +++ b/database/seeds/SampleData.php @@ -22,7 +22,7 @@ class SampleData extends Seeder { Model::reguard(); - config(['mail.driver' => 'log']); + config(['mail.default' => 'log']); $count = (int) $this->command->option('count'); $acc_count = ($count <= 10) ? $count : 10; diff --git a/index.php b/index.php index 8eddadea6..a05b18516 100644 --- a/index.php +++ b/index.php @@ -7,7 +7,7 @@ */ // Define minimum supported PHP version -define('AKAUNTING_PHP', '7.2.0'); +define('AKAUNTING_PHP', '7.2.5'); // Check PHP version if (version_compare(PHP_VERSION, AKAUNTING_PHP, '<')) { diff --git a/resources/lang/en-GB/passwords.php b/resources/lang/en-GB/passwords.php index e5544d201..eb0c3ad21 100644 --- a/resources/lang/en-GB/passwords.php +++ b/resources/lang/en-GB/passwords.php @@ -18,5 +18,6 @@ return [ 'sent' => 'We have e-mailed your password reset link!', 'token' => 'This password reset token is invalid.', 'user' => "We can't find a user with that e-mail address.", + 'throttle' => 'Please wait before retrying.', ]; diff --git a/routes/admin.php b/routes/admin.php index 5c7b4fd83..2166f273b 100644 --- a/routes/admin.php +++ b/routes/admin.php @@ -1,5 +1,7 @@