snipe-it/app/Http/Kernel.php

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\FrameGuard::class,
        \App\Http\Middleware\XssProtectHeader::class,
        \App\Http\Middleware\ReferrerPolicyHeader::class,
        \App\Http\Middleware\ContentSecurityPolicyHeader::class,
        \App\Http\Middleware\NosniffGuard::class,
        \Fideloper\Proxy\TrustProxies::class,
        \App\Http\Middleware\CheckForSetup::class,
        \App\Http\Middleware\CheckForDebug::class,
       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \App\Http\Middleware\CheckLocale::class,
            \App\Http\Middleware\CheckForTwoFactor::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
        ],

        'api' => [
            'throttle:60,1',
            'auth:api',
        ],
    ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'authorize' => \App\Http\Middleware\CheckPermissions::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    ];
}
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`<?php`

			`namespace App\Http;`

			`use Illuminate\Foundation\Http\Kernel as HttpKernel;`

			`class Kernel extends HttpKernel`
			`{`
			`/**`
			`* The application's global HTTP middleware stack.`
			`*`
			`* These middleware are run during every request to your application.`
			`*`
			`* @var array`
			`*/`
			`protected $middleware = [`
Updated maintenance views 2016-12-14 07:56:01 -08:00			`\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`\Illuminate\Session\Middleware\StartSession::class,`
			`\Illuminate\View\Middleware\ShareErrorsFromSession::class,`
			`\App\Http\Middleware\FrameGuard::class,`
			`\App\Http\Middleware\XssProtectHeader::class,`
Added referrer-policy header 2017-09-28 17:12:58 -07:00			`\App\Http\Middleware\ReferrerPolicyHeader::class,`
Added content security middleware 2017-09-28 19:45:15 -07:00			`\App\Http\Middleware\ContentSecurityPolicyHeader::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`\App\Http\Middleware\NosniffGuard::class,`
Fix reverse proxy support Reintroducing trusted proxies via fideloper/proxy: * Upgraded fideloper/proxy to 3.1 * Added fideloper/proxy to Http/Kernel.php * Added fideloper/proxy to config/app.php * Added environment variable APP_TRUSTED_PROXIES to env (with '*' being the default fallback) 2016-06-16 02:44:38 -07:00			`\Fideloper\Proxy\TrustProxies::class,`
fix middleware priority: handle trusted proxies prior setup check From @plexorama 2018-07-05 15:36:59 -07:00			`\App\Http\Middleware\CheckForSetup::class,`
Add red banner if app is in production mode and debugging is turned on 2016-11-29 00:08:20 -08:00			`\App\Http\Middleware\CheckForDebug::class,`
Comment out the nullable middleware until we have a chance to check all model validators 2017-10-02 16:36:43 -07:00			`// \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`];`

			`/**`
			`* The application's route middleware groups.`
			`*`
			`* @var array`
			`*/`
			`protected $middlewareGroups = [`
			`'web' => [`
			`\App\Http\Middleware\EncryptCookies::class,`
			`\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,`
			`\App\Http\Middleware\VerifyCsrfToken::class,`
			`\App\Http\Middleware\CheckLocale::class,`
Fixes #106 - adds Google Authenticator support (#2842) * refactor to clean up LDAP login, and make the login method easier to handle. * Login refactor cleanup * Google 2FA package * Adds Google Authenticator two-factor * Removed unused blade * Added optin setting in profile * Removed dumb comments * Made lock_passwords check more consistent * Additional two factor strings * Lock passwords check * Display feature disabled text if in demo mode * Two factor admin reset options * Translation strings 2016-10-29 05:50:55 -07:00			`\App\Http\Middleware\CheckForTwoFactor::class,`
Add Passport API token generator 2016-12-14 10:53:01 -08:00			`\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`],`

			`'api' => [`
			`'throttle:60,1',`
Updated auth:api in kernel 2017-01-11 14:54:11 -08:00			`'auth:api',`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`],`
			`];`

			`/**`
			`* The application's route middleware.`
			`*`
			`* These middleware may be assigned to groups or used individually.`
			`*`
			`* @var array`
			`*/`
			`protected $routeMiddleware = [`
Updated auth:api in kernel 2017-01-11 14:54:11 -08:00			`'auth' => \Illuminate\Auth\Middleware\Authenticate::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`'authorize' => \App\Http\Middleware\CheckPermissions::class,`
			`'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,`
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. 2016-12-19 11:04:28 -08:00			`'can' => \Illuminate\Auth\Middleware\Authorize::class,`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,`
			`'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,`
			`];`
			`}`