Consider the case where a Grocy user wants to use reverse proxy
authentication OR authentication with an API key.
By default, authenticating reverse proxy will unconditionally perform
user authentication, before allowing a request to be passed to Grocy
which will verify an API key, rendering them virtually useless.
So the proxy needs to be configured not to perform authentication in
certain cases, for example the presence of the `Grocy-Api-Key` HTTP
header, or the path being a subdirectory of `/api/`.
It can however be tricky to configure this though. For example, nginx
does not allow conditional authentication, or conditional header
setting. In those cases, when the condition is met, the username header
would still be returned, albeit empty. Grocy will then create an user
with empty username (not normally possible). It default to having all
permissions, and while most are removable, reading chores/stock/etc.
do not seem to be, and would thus be public.
This returns an error when the username is empty, to accomodate for
those cases.
* Added support for reading auth header from env variable
* Check if variable is set, more accurate error description
* Formatting
Co-authored-by: Bernd Bestel <bernd@berrnd.de>
Always execute migration 9999 (can be used to fix things manually)
Optimized meal plan navigation / date range filtering
Prepared next release
Pulled translations from Transifex
Various code optimizations
* Locales: use http-accept-language or "language"-cookie
* Add user-setting "locale"
Rename CULTURE to DEFAULT_LOCALE
* Use LocaleMiddleware also in dev mode
* CORS: don't require authentication on OPTIONS
* Use a standard user-settings-control and start a new generic user settings page, not a separate page for the locale setting
* Fixed (broken by myself) link-return handling
* Clarify language settings
* Removed unneeded files
* Better user settings icon
* Added localization hints
Co-authored-by: Bernd Bestel <bernd@berrnd.de>
* use singletons to reduce need to recreate the same objects
* unable to make the constructor private
* comment out debug printing to log file
* correct typo of treating self() as a var instead of a function
* utilise Localisation service as a singleton
* fix errent line that should have been commented
* remove phpinfo
* correct mistake in stock controller
* try storing app in apcu
* serialise inside the app closures
* get timings for db-changed-time
* get timings for db-changed-time
* store localisation service in apcu
* stor translations in apcu instead of localisation service (due to database connection)
* correct syntax error
* forgot to uncomment instance map
* correct indentation and variable out of scope
* more timings for app execution time
* try apc caching for views
* correct scope for Pot variable
* remove additional fopen
* correct timings for app build time
* correct timings for app object build time
* correct timings for app route build time
* get timings for routing timings
* get more in depth timings for routing loading
* fix more in depth timings for routing loading
* start investigating session auth middleware creation
* start investigating session auth middleware creation
* start investigating Login controller time
* start investigating Login controller time
* in depth look at Logincontroller timings
* comment out debug printing
* lazily obtain valus for page rendering
* correct syntax error
* correct scope of variable
* correct visibiity of methds inherited from BaseController
* missing use for Userfieldsservice
* lazy loading of open api spec
* lazy loading of users service
* lazy loading of batteries service
* lazy loading of services in controllers
* lazy loading of services in services
* correct mistake
* fix userservice
* fix userservice
* fix userfieldservice
* fix chores service
* fix calendar service
* remove Dockerfile used for development
* Remove docker compose file used for development
* Clean up app.php
* remove last diff
* Clean up base controller
* Clean up controllers
* lean up middleware
* Clean up and tuen all services into singletons
* remove debug from routes.php
* remove acpu from localisation
* Complete removal of acpu from localisation
* fixes for things broken
* More fixes following merge
* Fix for start up bug. Re factoring singleton code had brroken due to scope of clas var.
* fix bug where getUsersService is declared twice
* bug fixes following merge
* bug fixes following merge
* bug fixes following merge
* bug fixes following merge
* bug fixes following merge
* Fix all the not working things...
* Deleted off-topic files
* Deleted off-topic files
Co-authored-by: Bernd Bestel <bernd@berrnd.de>
