close #676 Fixed: Unique link not working.

2018-12-11 18:31:23 +03:00 · 2018-12-11 18:31:23 +03:00 · 8c312ad6cb
commit 8c312ad6cb
parent 6ba3c1f8bc
5 changed files with 97 additions and 2 deletions
--- a/app/Http/Controllers/Customers/Invoices.php
+++ b/app/Http/Controllers/Customers/Invoices.php
@ -184,7 +184,9 @@ class Invoices extends Controller
    public function link(Invoice $invoice, Request $request)
    {
-        session(['company_id' => $invoice->company_id]);
+        if (empty($invoice)) {
            redirect()->route('login');
        }
        $paid = 0;
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -73,6 +73,11 @@ class Kernel extends HttpKernel
            'company.settings',
            'company.currencies',
        ],
        'signed' => [
            'signed-url',
            'signed-url.company',
        ]
    ];
    /**
@ -100,5 +105,6 @@ class Kernel extends HttpKernel
        'company.currencies' => \App\Http\Middleware\LoadCurrencies::class,
        'dateformat' => \App\Http\Middleware\DateFormat::class,
        'money' => \App\Http\Middleware\Money::class,
        'signed-url.company' => \App\Http\Middleware\SignedUrlCompany::class,
    ];
 }
--- a/app/Http/Middleware/SignedUrlCompany.php
+++ b/app/Http/Middleware/SignedUrlCompany.php
@ -0,0 +1,33 @@
 <?php
 namespace App\Http\Middleware;
 use Closure;
 class SignedUrlCompany
 {
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $company_id = $request->get('company_id');
        if (empty($company_id)) {
            return $next($request);
        }
        // Set company id
        session(['company_id' => $company_id]);
        // Set the company settings
        setting()->setExtraColumns(['company_id' => $company_id]);
        setting()->load(true);
        return $next($request);
    }
 }
--- a/app/Overrides/Akaunting/SignedUrl.php
+++ b/app/Overrides/Akaunting/SignedUrl.php
@ -0,0 +1,54 @@
 <?php
 namespace Akaunting\SignedUrl;
 use Spatie\UrlSigner\MD5UrlSigner;
 class SignedUrl extends MD5UrlSigner
 {
    /**
     * The key that is used to generate secure signatures.
     *
     * @var string
     */
    protected $signatureKey;
    /**
     * The URL's query parameter name for the expiration.
     *
     * @var string
     */
    protected $expiresParameter;
    /**
     * The URL's query parameter name for the signature.
     *
     * @var string
     */
    protected $signatureParameter;
    public function __construct()
    {
        $this->signatureKey = config('signed-url.signatureKey');
        $this->expiresParameter = config('signed-url.parameters.expires');
        $this->signatureParameter = config('signed-url.parameters.signature');
    }
    /**
     * Get a secure URL to a controller action.
     *
     * @param string             $url
     * @param \DateTime|int|null $expiration Defaults to the config value
     *
     * @return string
     */
    public function sign($url, $expiration = null)
    {
        $url .= '?company_id=' . session('company_id');
        $expiration = $expiration ? $expiration : config('signed-url.default_expiration_time_in_days');
        return parent::sign($url, $expiration);
    }
 }
--- a/routes/web.php
+++ b/routes/web.php
@ -237,7 +237,7 @@ Route::group(['middleware' => 'language'], function () {
        });
    });
-    Route::group(['middleware' => 'signed-url'], function () {
+    Route::group(['middleware' => 'signed'], function () {
        Route::group(['prefix' => 'links'], function () {
            Route::get('invoices/{invoice}', 'Customers\Invoices@link');
            Route::get('invoices/{invoice}/print', 'Customers\Invoices@printInvoice');