Fixes for throttle middle ware in web.php

2026-03-03 03:07:01 +00:00 · 2026-01-26 09:25:21 +11:00
parent 8381896392
commit 33bdd69801
5 changed files with 45 additions and 10 deletions
--- a/app/DataMapper/QuickbooksSettings.php
+++ b/app/DataMapper/QuickbooksSettings.php
@@ -67,4 +67,30 @@ class QuickbooksSettings implements Castable
            'settings' => $this->settings->toArray(),
        ];
    }
+
+    /**
+     * Check if this QuickbooksSettings instance represents actual data or is just a default empty object.
+     * 
+     * @return bool True if this has actual QuickBooks connection data, false if it's just defaults
+     */
+    public function isConfigured(): bool
+    {
+        // If accessTokenKey is set, we have a connection
+        return !empty($this->accessTokenKey);
+    }
+
+    /**
+     * Check if this QuickbooksSettings instance is empty (default values only).
+     * 
+     * @return bool True if this is an empty/default instance
+     */
+    public function isEmpty(): bool
+    {
+        return empty($this->accessTokenKey) 
+            && empty($this->refresh_token) 
+            && empty($this->realmID)
+            && $this->accessTokenExpiresAt === 0
+            && $this->refreshTokenExpiresAt === 0
+            && empty($this->baseURL);
+    }
 }
--- a/app/Enum/SyncDirection.php
+++ b/app/Enum/SyncDirection.php
@@ -17,4 +17,5 @@ enum SyncDirection: string
    case PUSH = 'push'; // only creates and updates records created by Invoice Ninja.
    case PULL = 'pull'; // creates and updates record from QB.
    case BIDIRECTIONAL = 'bidirectional'; // creates and updates records created by Invoice Ninja and from QB.
+    case NONE = 'none'; // no sync.
 }
--- a/app/Transformers/CompanyTransformer.php
+++ b/app/Transformers/CompanyTransformer.php
@@ -223,10 +223,18 @@ class CompanyTransformer extends EntityTransformer
            'smtp_local_domain' => (string) $company->smtp_local_domain ?? '',
            'smtp_verify_peer' => (bool) $company->smtp_verify_peer,
            'e_invoice' => $company->e_invoice ?: new \stdClass(),
-            'has_quickbooks_token' => $company->quickbooks ? true : false,
-            'is_quickbooks_token_active' => $company->quickbooks?->accessTokenKey ?? false,
            'legal_entity_id' =>  $company->legal_entity_id ? (int) $company->legal_entity_id : null,
        ];
+
+        // Only include QuickBooks flags if column is not null AND has actual connection data
+        // This prevents API bloat for users who don't use QuickBooks
+        $quickbooksRaw = $company->getRawOriginal('quickbooks');
+        if (!is_null($quickbooksRaw) && $company->quickbooks->isConfigured()) {
+            $data['has_quickbooks_token'] = true;
+            $data['is_quickbooks_token_active'] = (bool) $company->quickbooks->accessTokenKey;
+        }
+
+        return $data;
    }

    private function isLarge(Company $company): bool
--- a/routes/web.php
+++ b/routes/web.php
@@ -21,17 +21,17 @@ use Illuminate\Support\Facades\Route;
 Route::get('/', [BaseController::class, 'flutterRoute'])->middleware('guest');

 Route::get('setup', [SetupController::class, 'index'])->middleware('guest');
-Route::post('setup', [SetupController::class, 'doSetup'])->throttle(10, 1)->middleware('guest');
-Route::get('update', [SetupController::class, 'update'])->throttle(10, 1)->middleware('guest');
+Route::post('setup', [SetupController::class, 'doSetup'])->middleware('throttle:10,1')->middleware('guest');
+Route::get('update', [SetupController::class, 'update'])->middleware('throttle:10,1')->middleware('guest');

-Route::post('setup/check_db', [SetupController::class, 'checkDB'])->throttle(10, 1)->middleware('guest');
-Route::post('setup/check_mail', [SetupController::class, 'checkMail'])->throttle(10, 1)->middleware('guest');
-Route::post('setup/check_pdf', [SetupController::class, 'checkPdf'])->throttle(10, 1)->middleware('guest');
+Route::post('setup/check_db', [SetupController::class, 'checkDB'])->middleware('throttle:10,1')->middleware('guest');
+Route::post('setup/check_mail', [SetupController::class, 'checkMail'])->middleware('throttle:10,1')->middleware('guest');
+Route::post('setup/check_pdf', [SetupController::class, 'checkPdf'])->middleware('throttle:10,1')->middleware('guest');

 Route::get('password/reset', [ForgotPasswordController::class, 'showLinkRequestForm'])->middleware('domain_db')->name('password.request');
-Route::post('password/email', [ForgotPasswordController::class, 'sendResetLinkEmail'])->throttle(10, 1)->name('password.email');
+Route::post('password/email', [ForgotPasswordController::class, 'sendResetLinkEmail'])->middleware('throttle:10,1')->name('password.email');
 Route::get('password/reset/{token}', [ResetPasswordController::class, 'showResetForm'])->middleware(['domain_db', 'email_db'])->name('password.reset');
-Route::post('password/reset', [ResetPasswordController::class, 'reset'])->throttle(10, 1)->middleware('email_db')->name('password.update');
+Route::post('password/reset', [ResetPasswordController::class, 'reset'])->middleware('throttle:10,1')->middleware('email_db')->name('password.update');

 Route::get('auth/{provider}', [LoginController::class, 'redirectToProvider']);