2020-06-13 20:42:07 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
require 'main.php';
|
|
|
|
|
|
|
|
|
|
if (!empty($_ENV['DEV'])) {
|
|
|
|
|
error_reporting(E_ALL);
|
|
|
|
|
|
|
|
|
|
ini_set('display_errors', '1');
|
|
|
|
|
} else {
|
|
|
|
|
ini_set('display_errors', '0');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Container::$routeCollection = new MapGuesser\Routing\RouteCollection();
|
|
|
|
|
|
2020-06-23 20:41:28 +02:00
|
|
|
Container::$routeCollection->get('index', '', [MapGuesser\Controller\MapsController::class, 'getMaps']);
|
2020-06-25 14:01:17 +02:00
|
|
|
Container::$routeCollection->get('startSession', 'startSession.json', [MapGuesser\Controller\HomeController::class, 'startSession']);
|
2020-06-21 15:43:49 +02:00
|
|
|
Container::$routeCollection->group('login', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('login', '', [MapGuesser\Controller\LoginController::class, 'getLoginForm']);
|
|
|
|
|
$routeCollection->post('login-action', '', [MapGuesser\Controller\LoginController::class, 'login']);
|
|
|
|
|
$routeCollection->get('login-google', 'google', [MapGuesser\Controller\LoginController::class, 'getGoogleLoginRedirect']);
|
|
|
|
|
$routeCollection->get('login-google-action', 'google/code', [MapGuesser\Controller\LoginController::class, 'loginWithGoogle']);
|
|
|
|
|
});
|
|
|
|
|
Container::$routeCollection->group('signup', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('signup', '', [MapGuesser\Controller\LoginController::class, 'getSignupForm']);
|
|
|
|
|
$routeCollection->post('signup-action', '', [MapGuesser\Controller\LoginController::class, 'signup']);
|
|
|
|
|
$routeCollection->get('signup-google', 'google', [MapGuesser\Controller\LoginController::class, 'getSignupWithGoogleForm']);
|
|
|
|
|
$routeCollection->post('signup-google-action', 'google', [MapGuesser\Controller\LoginController::class, 'signupWithGoogle']);
|
|
|
|
|
$routeCollection->post('signup.reset', 'reset', [MapGuesser\Controller\LoginController::class, 'resetSignup']);
|
|
|
|
|
$routeCollection->post('signup-google.reset', 'google/reset', [MapGuesser\Controller\LoginController::class, 'resetGoogleSignup']);
|
|
|
|
|
$routeCollection->get('signup.success', 'success', [MapGuesser\Controller\LoginController::class, 'getSignupSuccess']);
|
|
|
|
|
$routeCollection->get('signup.activate', 'activate/{token}', [MapGuesser\Controller\LoginController::class, 'activate']);
|
|
|
|
|
$routeCollection->get('signup.cancel', 'cancel/{token}', [MapGuesser\Controller\LoginController::class, 'cancel']);
|
|
|
|
|
});
|
2020-07-05 00:09:02 +02:00
|
|
|
Container::$routeCollection->group('password', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('password-requestReset', 'requestReset', [MapGuesser\Controller\LoginController::class, 'getRequestPasswordResetForm']);
|
|
|
|
|
$routeCollection->post('password-requestReset-action', 'requestReset', [MapGuesser\Controller\LoginController::class, 'requestPasswordReset']);
|
|
|
|
|
$routeCollection->get('password-requestReset.success', 'requestReset/success', [MapGuesser\Controller\LoginController::class, 'getRequestPasswordResetSuccess']);
|
|
|
|
|
$routeCollection->get('password-reset', 'reset/{token}', [MapGuesser\Controller\LoginController::class, 'getResetPasswordForm']);
|
|
|
|
|
$routeCollection->post('password-reset.action', 'reset/{token}', [MapGuesser\Controller\LoginController::class, 'resetPassword']);
|
|
|
|
|
});
|
2020-06-13 20:42:07 +02:00
|
|
|
Container::$routeCollection->get('logout', 'logout', [MapGuesser\Controller\LoginController::class, 'logout']);
|
2020-06-25 16:44:34 +02:00
|
|
|
Container::$routeCollection->group('account', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('account', '', [MapGuesser\Controller\UserController::class, 'getAccount']);
|
|
|
|
|
$routeCollection->post('account-action', '', [MapGuesser\Controller\UserController::class, 'saveAccount']);
|
2020-06-25 20:26:33 +02:00
|
|
|
$routeCollection->get('account.delete', 'delete', [MapGuesser\Controller\UserController::class, 'getDeleteAccount']);
|
|
|
|
|
$routeCollection->post('account.delete-action', 'delete', [MapGuesser\Controller\UserController::class, 'deleteAccount']);
|
2020-06-28 03:18:51 +02:00
|
|
|
$routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [MapGuesser\Controller\UserController::class, 'getGoogleAuthenticateRedirect']);
|
|
|
|
|
$routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [MapGuesser\Controller\UserController::class, 'authenticateWithGoogle']);
|
2020-06-21 15:43:49 +02:00
|
|
|
});
|
2020-06-23 20:41:28 +02:00
|
|
|
//Container::$routeCollection->get('maps', 'maps', [MapGuesser\Controller\MapsController::class, 'getMaps']);
|
2020-06-13 20:42:07 +02:00
|
|
|
Container::$routeCollection->group('game', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('game', '{mapId}', [MapGuesser\Controller\GameController::class, 'getGame']);
|
|
|
|
|
$routeCollection->get('game-json', '{mapId}/json', [MapGuesser\Controller\GameController::class, 'getGameJson']);
|
|
|
|
|
$routeCollection->get('newPlace-json', '{mapId}/newPlace.json', [MapGuesser\Controller\GameFlowController::class, 'getNewPlace']);
|
|
|
|
|
$routeCollection->post('guess-json', '{mapId}/guess.json', [MapGuesser\Controller\GameFlowController::class, 'evaluateGuess']);
|
|
|
|
|
});
|
|
|
|
|
Container::$routeCollection->group('admin', function (MapGuesser\Routing\RouteCollection $routeCollection) {
|
|
|
|
|
$routeCollection->get('admin.mapEditor', 'mapEditor/{mapId?}', [MapGuesser\Controller\MapAdminController::class, 'getMapEditor']);
|
|
|
|
|
$routeCollection->get('admin.place', 'place.json/{placeId}', [MapGuesser\Controller\MapAdminController::class, 'getPlace']);
|
|
|
|
|
$routeCollection->post('admin.saveMap', 'saveMap/{mapId}/json', [MapGuesser\Controller\MapAdminController::class, 'saveMap']);
|
2020-06-14 02:36:23 +02:00
|
|
|
$routeCollection->post('admin.deleteMap', 'deleteMap/{mapId}', [MapGuesser\Controller\MapAdminController::class, 'deleteMap']);
|
2020-06-13 20:42:07 +02:00
|
|
|
});
|
|
|
|
|
|
2020-06-24 21:37:58 +02:00
|
|
|
if (isset($_COOKIE['COOKIES_CONSENT'])) {
|
|
|
|
|
Container::$sessionHandler = new MapGuesser\Session\DatabaseSessionHandler();
|
2020-06-13 20:42:07 +02:00
|
|
|
|
2020-06-24 21:37:58 +02:00
|
|
|
session_set_save_handler(Container::$sessionHandler, true);
|
|
|
|
|
session_start([
|
|
|
|
|
'gc_maxlifetime' => 604800,
|
2020-07-05 16:48:37 +02:00
|
|
|
'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
|
|
|
|
|
'cookie_lifetime' => 604800, // TODO: cookie is not renewed so session can be lost
|
2020-06-24 21:37:58 +02:00
|
|
|
'cookie_httponly' => true,
|
|
|
|
|
'cookie_samesite' => 'Lax'
|
|
|
|
|
]);
|
2020-07-05 12:25:25 +02:00
|
|
|
|
|
|
|
|
// this is needed to handle old type of session IDs
|
|
|
|
|
if (!Container::$sessionHandler->validateId(session_id())) {
|
|
|
|
|
session_regenerate_id(true);
|
|
|
|
|
}
|
2020-06-24 21:37:58 +02:00
|
|
|
} else {
|
|
|
|
|
$_SESSION = [];
|
|
|
|
|
}
|
2020-06-13 22:38:30 +02:00
|
|
|
|
2020-06-14 17:11:48 +02:00
|
|
|
Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION);
|
|
|
|
|
|
|
|
|
|
if (!Container::$request->session()->has('anti_csrf_token')) {
|
2020-07-05 12:25:25 +02:00
|
|
|
Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
|
2020-06-13 22:38:30 +02:00
|
|
|
}
|
