Remove homemade Log solution, add support log-viewer (#1846)

* remove anything related to logs
* fix tests
* User must be authenticated before we give them access
* fix phpstan
* use old URL + enable by default
* fix secure headers
* allow Notice to have their own file
* improve comments

Author: ildyria

.env.example

@@ -6,8 +6,12 @@ APP_URL=http://localhost
 APP_FORCE_HTTPS=false
 
 # enable or disable debug bar. By default it is disabled.
+# Do note that this disable CSP!!
 DEBUGBAR_ENABLED=false
 
+# enable or disable log viewer. By default it is enabled.
+LOG_VIEWER_ENABLED=true
+
 ##############################################################################
 # IMPORTANT: To migrate from Lychee v3 you *MUST* use the same MySQL/MariaDB #
 #            server as v3.                                                   #

app/Actions/InstallUpdate/Pipes/AllowMigrationCheck.php

@@ -3,14 +3,14 @@
 namespace App\Actions\InstallUpdate\Pipes;
 
 use App\Models\Configs;
-use App\Models\Logs;
 use Illuminate\Support\Facades\Config;
+use Illuminate\Support\Facades\Log;
 
 class AllowMigrationCheck extends AbstractUpdateInstallerPipe
 {
 	public const ERROR_MSG =
 		/* @lang text */
-		'Update not applied: `APP_ENV` in `.env` is `production` and `force_migration_in_production` is set to `0`.';
+		' Update not applied: `APP_ENV` in `.env` is `production` and `force_migration_in_production` is set to `0`.';
 
 	/**
 	 * {@inheritDoc}
@@ -24,13 +24,13 @@ public function handle(array &$output, \Closure $next): array
 		// @codeCoverageIgnoreStart
 		// we cannot code cov this part. APP_ENV is `testing` in testing mode.
 		if (Configs::getValueAsBool('force_migration_in_production')) {
-			Logs::warning(__METHOD__, __LINE__, 'Force update is production.');
+			Log::warning(__METHOD__ . ':' . __LINE__ . ' Force update is production.');
 
 			return $next($output);
 		}
 
 		$output[] = self::ERROR_MSG;
-		Logs::warning(__METHOD__, __LINE__, self::ERROR_MSG);
+		Log::warning(__METHOD__ . ':' . __LINE__ . self::ERROR_MSG);
 
 		return $output;
 		// @codeCoverageIgnoreEnd

app/Actions/InstallUpdate/Pipes/ComposerCall.php

@@ -5,7 +5,7 @@
 use App\Facades\Helpers;
 use App\Metadata\Versions\InstalledVersion;
 use App\Models\Configs;
-use App\Models\Logs;
+use Illuminate\Support\Facades\Log;
 use function Safe\chdir;
 use function Safe\exec;
 use function Safe\putenv;
@@ -28,7 +28,7 @@ public function handle(array &$output, \Closure $next): array
 		if (Helpers::isExecAvailable()) {
 			if (Configs::getValueAsBool('apply_composer_update')) {
 				// @codeCoverageIgnoreStart
-				Logs::warning(__METHOD__, __LINE__, 'Composer is called on update.');
+				Log::warning(__METHOD__ . ':' . __LINE__ . ' Composer is called on update.');
 
 				// Composer\Factory::getHomeDir() method
 				// needs COMPOSER_HOME environment variable set

app/Actions/Photo/Strategies/AddDuplicateStrategy.php

@@ -5,9 +5,9 @@
 use App\Exceptions\ModelDBException;
 use App\Exceptions\PhotoResyncedException;
 use App\Exceptions\PhotoSkippedException;
-use App\Models\Logs;
 use App\Models\Photo;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Support\Facades\Log;
 
 class AddDuplicateStrategy extends AbstractAddStrategy
 {
@@ -30,7 +30,7 @@ public function do(): Photo
 		if ($this->parameters->importMode->shallResyncMetadata()) {
 			$this->hydrateMetadata();
 			if ($this->photo->isDirty()) {
-				Logs::notice(__METHOD__, __LINE__, 'Updating metadata of existing photo.');
+				Log::notice(__METHOD__ . ':' . __LINE__ . ' Updating metadata of existing photo.');
 				$this->photo->save();
 				$hasBeenReSynced = true;
 			}

app/Actions/Settings/UpdateLogin.php

@@ -8,10 +8,10 @@
 use App\Exceptions\ModelDBException;
 use App\Exceptions\UnauthenticatedException;
 use App\Models\Configs;
-use App\Models\Logs;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Log;
 
 class UpdateLogin
 {
@@ -36,7 +36,7 @@ public function do(?string $username, string $password, string $oldPassword, str
 		$user = Auth::user() ?? throw new UnauthenticatedException();
 
 		if (!Hash::check($oldPassword, $user->password)) {
-			Logs::notice(__METHOD__, __LINE__, sprintf('User (%s) tried to change their identity from %s', $user->username, $ip));
+			Log::channel('login')->notice(__METHOD__ . ':' . __LINE__ . sprintf('User (%s) tried to change their identity from %s', $user->username, $ip));
 
 			throw new UnauthenticatedException('Previous password is invalid');
 		}
@@ -69,12 +69,12 @@ public function do(?string $username, string $password, string $oldPassword, str
 	private function updateUsername(User &$user, string $username, string $ip): void
 	{
 		if (User::query()->where('username', '=', $username)->where('id', '!=', $user->id)->count() !== 0) {
-			Logs::notice(__METHOD__, __LINE__, sprintf('User (%s) tried to change their identity to (%s) from %s', $user->username, $username, $ip));
+			Log::channel('login')->warning(__METHOD__ . ':' . __LINE__ . sprintf('User (%s) tried to change their identity to (%s) from %s', $user->username, $username, $ip));
 			throw new ConflictingPropertyException('Username already exists.');
 		}
 
 		if ($username !== $user->username) {
-			Logs::notice(__METHOD__, __LINE__, sprintf('User (%s) changed their identity for (%s) from %s', $user->username, $username, $ip));
+			Log::channel('login')->notice(__METHOD__ . ':' . __LINE__ . sprintf('User (%s) changed their identity for (%s) from %s', $user->username, $username, $ip));
 			$user->username = $username;
 		}
 	}

app/Console/Commands/ShowLogs.php

@@ -10,14 +10,14 @@
 use App\Exceptions\Handlers\InstallationHandler;
 use App\Exceptions\Handlers\MigrationHandler;
 use App\Exceptions\Handlers\NoEncryptionKey;
-use App\Models\Logs;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Contracts\Container\BindingResolutionException;
 use Illuminate\Contracts\Container\Container;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use Illuminate\Http\Request;
 use Illuminate\Session\TokenMismatchException;
 use Illuminate\Support\Arr;
+use Illuminate\Support\Facades\Log;
 use Psr\Container\ContainerExceptionInterface;
 use Psr\Container\NotFoundExceptionInterface;
 use Symfony\Component\HttpFoundation\Response as SymfonyResponse;
@@ -82,7 +82,7 @@ class Handler extends ExceptionHandler
 		PhotoSkippedException::class => SeverityType::WARNING,
 		ImportCancelledException::class => SeverityType::NOTICE,
 		ConfigurationException::class => SeverityType::NOTICE,
-		LocationDecodingFailed::class => SeverityType::WARNING,
+		LocationDecodingFailed::class => SeverityType::ERROR,
 	];
 
 	/**
@@ -383,15 +383,14 @@ public function report(\Throwable $e): void
 
 		do {
 			$cause = $this->findCause($e);
-
 			if (count($cause) === 2) {
-				Logs::log($severity, $cause[1]->getMethodBeautified(), $cause[1]->getLine(), $e->getMessage() . '; caused by');
+				Log::log($severity->value, $cause[1]->getMethodBeautified() . ':' . $cause[1]->getLine() . ' ' . $e->getMessage() . '; caused by');
 			}
 
 			if ($e->getPrevious() !== null) {
-				Logs::log($severity, $cause[0]->getMethodBeautified(), $cause[0]->getLine(), $e->getMessage() . '; caused by');
+				Log::log($severity->value, $cause[0]->getMethodBeautified() . ':' . $cause[0]->getLine() . ' ' . $e->getMessage() . '; caused by');
 			} else {
-				Logs::log($severity, $cause[0]->getMethodBeautified(), $cause[0]->getLine(), $e->getMessage());
+				Log::log($severity->value, $cause[0]->getMethodBeautified() . ':' . $cause[0]->getLine() . ' ' . $e->getMessage());
 			}
 		} while ($e = $e->getPrevious());
 	}

app/Exceptions/Handler.php

@@ -11,10 +11,10 @@
 use App\Http\Requests\Session\LoginRequest;
 use App\Http\Resources\InitResource;
 use App\Legacy\AdminAuthentication;
-use App\Models\Logs;
 use Illuminate\Contracts\Container\BindingResolutionException;
 use Illuminate\Routing\Controller;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Session;
 
 class SessionController extends Controller
@@ -59,13 +59,13 @@ public function login(LoginRequest $request): void
 		}
 
 		if (Auth::attempt(['username' => $request->username(), 'password' => $request->password()])) {
-			Logs::notice(__METHOD__, __LINE__, 'User (' . $request->username() . ') has logged in from ' . $request->ip());
+			Log::channel('login')->notice(__METHOD__ . ':' . __LINE__ . ' -- User (' . $request->username() . ') has logged in from ' . $request->ip());
 
 			return;
 		}
 
 		// TODO: We could avoid this separate log entry and let the exception handler to all the logging, if we would add "context" (see Laravel docs) to those exceptions which need it.
-		Logs::error(__METHOD__, __LINE__, 'User (' . $request->username() . ') has tried to log in from ' . $request->ip());
+		Log::channel('login')->error(__METHOD__ . ':' . __LINE__ . ' -- User (' . $request->username() . ') has tried to log in from ' . $request->ip());
 
 		throw new UnauthenticatedException('Unknown user or invalid password');
 	}
@@ -77,6 +77,9 @@ public function login(LoginRequest $request): void
 	 */
 	public function logout(): void
 	{
+		/** @var \App\Models\User $user */
+		$user = Auth::user();
+		Log::channel('login')->info(__METHOD__ . ':' . __LINE__ . ' -- User (' . $user->username . ') has logged out.');
 		Auth::logout();
 		Session::flush();
 	}