feature/adapt-to-new-soko-web #59
@ -1,66 +1,3 @@
|
||||
<?php
|
||||
|
||||
use SokoWeb\Interfaces\Response\IRedirect;
|
||||
use SokoWeb\Interfaces\Response\IContent;
|
||||
use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
|
||||
use SokoWeb\Interfaces\Authorization\ISecured;
|
||||
use SokoWeb\Response\Redirect;
|
||||
use SokoWeb\Response\HtmlContent;
|
||||
use SokoWeb\Response\JsonContent;
|
||||
|
||||
require '../web.php';
|
||||
|
||||
$method = strtolower($_SERVER['REQUEST_METHOD']);
|
||||
$url = substr($_SERVER['REQUEST_URI'], strlen('/'));
|
||||
if (($pos = strpos($url, '?')) !== false) {
|
||||
$url = substr($url, 0, $pos);
|
||||
}
|
||||
$url = rawurldecode($url);
|
||||
|
||||
$match = Container::$routeCollection->match($method, $url == '' ? [] : explode('/', $url));
|
||||
|
||||
if ($match !== null) {
|
||||
list($route, $params) = $match;
|
||||
|
||||
Container::$request->setParsedRouteParams($params);
|
||||
|
||||
$handler = $route->getHandler();
|
||||
$controller = new $handler[0](Container::$request);
|
||||
|
||||
if (
|
||||
$controller instanceof IAuthenticationRequired &&
|
||||
$controller->isAuthenticationRequired() &&
|
||||
Container::$request->user() === null
|
||||
) {
|
||||
Container::$request->session()->set('redirect_after_login', substr($_SERVER['REQUEST_URI'], strlen('/')));
|
||||
$response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY);
|
||||
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
||||
return;
|
||||
}
|
||||
|
||||
if ($method === 'post' && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
|
||||
$content = new JsonContent(['error' => 'no_valid_anti_csrf_token']);
|
||||
header('Content-Type: text/html; charset=UTF-8', true, 403);
|
||||
$content->render();
|
||||
return;
|
||||
}
|
||||
|
||||
if (
|
||||
!($controller instanceof ISecured) ||
|
||||
$controller->authorize()
|
||||
) {
|
||||
$response = call_user_func([$controller, $handler[1]]);
|
||||
if ($response instanceof IContent) {
|
||||
header('Content-Type: ' . $response->getContentType() . '; charset=UTF-8');
|
||||
$response->render();
|
||||
return;
|
||||
} elseif ($response instanceof IRedirect) {
|
||||
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$content = new HtmlContent('error/404');
|
||||
header('Content-Type: text/html; charset=UTF-8', true, 404);
|
||||
$content->render();
|
||||
|
||||
@ -58,7 +58,7 @@ class LoginController
|
||||
return new Redirect($this->redirectUrl, IRedirect::TEMPORARY);
|
||||
}
|
||||
|
||||
return new HtmlContent('login/login', ['redirectUrl' => '/' . $this->redirectUrl]);
|
||||
return new HtmlContent('login/login', ['redirectUrl' => $this->redirectUrl]);
|
||||
}
|
||||
|
||||
public function getGoogleLoginRedirect(): IRedirect
|
||||
@ -72,7 +72,7 @@ class LoginController
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$url = $oAuth->getDialogUrl(
|
||||
$state,
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
|
||||
$nonce
|
||||
);
|
||||
|
||||
@ -117,7 +117,7 @@ class LoginController
|
||||
|
||||
$user = $this->userRepository->getByEmail($userData['email']);
|
||||
|
||||
return new HtmlContent('login/google_signup', ['found' => $user !== null, 'email' => $userData['email'], 'redirectUrl' => '/' . $this->redirectUrl]);
|
||||
return new HtmlContent('login/google_signup', ['found' => $user !== null, 'email' => $userData['email'], 'redirectUrl' => $this->redirectUrl]);
|
||||
}
|
||||
|
||||
public function getRequestPasswordResetForm()
|
||||
@ -151,7 +151,7 @@ class LoginController
|
||||
|
||||
$user = $this->userRepository->getById($resetter->getUserId());
|
||||
|
||||
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => '/' . $this->redirectUrl]);
|
||||
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => $this->redirectUrl]);
|
||||
}
|
||||
|
||||
public function login(): IContent
|
||||
@ -182,7 +182,7 @@ class LoginController
|
||||
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . \Container::$routeCollection->getRoute('signup')->generateLink()
|
||||
'target' => \Container::$routeCollection->getRoute('signup')->generateLink()
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -227,7 +227,7 @@ class LoginController
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$tokenData = $oAuth->getToken(
|
||||
$this->request->query('code'),
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||
);
|
||||
|
||||
if (!isset($tokenData['id_token'])) {
|
||||
@ -270,7 +270,7 @@ class LoginController
|
||||
{
|
||||
if ($this->request->user() !== null) {
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent(['redirect' => ['target' => '/' . $this->redirectUrl]]);
|
||||
return new JsonContent(['redirect' => ['target' => $this->redirectUrl]]);
|
||||
}
|
||||
|
||||
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
||||
@ -290,7 +290,7 @@ class LoginController
|
||||
$this->request->setUser($user);
|
||||
|
||||
$this->deleteRedirectUrl();
|
||||
$data = ['redirect' => ['target' => '/' . $this->redirectUrl]];
|
||||
$data = ['redirect' => ['target' => $this->redirectUrl]];
|
||||
} else {
|
||||
$data = [
|
||||
'error' => [
|
||||
@ -485,7 +485,7 @@ class LoginController
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . $this->redirectUrl
|
||||
'target' => $this->redirectUrl
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -563,7 +563,7 @@ class LoginController
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . $this->redirectUrl
|
||||
'target' => $this->redirectUrl
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -574,7 +574,7 @@ class LoginController
|
||||
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
|
||||
'target' => \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -615,9 +615,9 @@ class LoginController
|
||||
$mail->setSubject('Welcome to ' . $_ENV['APP_NAME'] . ' - Activate your account');
|
||||
$mail->setBodyFromTemplate('signup', [
|
||||
'EMAIL' => $email,
|
||||
'ACTIVATE_LINK' => $this->request->getBase() . '/' .
|
||||
'ACTIVATE_LINK' => $this->request->getBase() .
|
||||
\Container::$routeCollection->getRoute('signup.activate')->generateLink(['token' => $token]),
|
||||
'CANCEL_LINK' => $this->request->getBase() . '/' .
|
||||
'CANCEL_LINK' => $this->request->getBase() .
|
||||
\Container::$routeCollection->getRoute('signup.cancel')->generateLink(['token' => $token]),
|
||||
'ACTIVATABLE_UNTIL' => (clone $created)->add(new DateInterval('P1D'))->format('Y-m-d H:i T')
|
||||
]);
|
||||
@ -659,7 +659,7 @@ class LoginController
|
||||
$mail->setSubject($_ENV['APP_NAME'] . ' - Password reset');
|
||||
$mail->setBodyFromTemplate('password-reset', [
|
||||
'EMAIL' => $email,
|
||||
'RESET_LINK' => $this->request->getBase() . '/' .
|
||||
'RESET_LINK' => $this->request->getBase() .
|
||||
\Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]),
|
||||
'EXPIRES' => $expires->format('Y-m-d H:i T')
|
||||
]);
|
||||
|
||||
@ -78,7 +78,7 @@ class UserController implements IAuthenticationRequired
|
||||
|
||||
$url = $oAuth->getDialogUrl(
|
||||
$state,
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
|
||||
$nonce,
|
||||
$user->getEmail()
|
||||
);
|
||||
@ -100,7 +100,7 @@ class UserController implements IAuthenticationRequired
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$tokenData = $oAuth->getToken(
|
||||
$this->request->query('code'),
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
|
||||
);
|
||||
|
||||
if (!isset($tokenData['id_token'])) {
|
||||
|
||||
19
web.php
19
web.php
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
use SokoWeb\Response\HttpResponse;
|
||||
|
||||
require 'main.php';
|
||||
|
||||
if (!empty($_ENV['DEV'])) {
|
||||
@ -118,3 +120,20 @@ Container::$request = new SokoWeb\Request\Request(
|
||||
if (!Container::$request->session()->has('anti_csrf_token')) {
|
||||
Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
|
||||
}
|
||||
|
||||
$appConfig = [
|
||||
'antiCsrfTokenName' => 'anti_csrf_token',
|
||||
'antiCsrfTokenErrorResponse' => ['error' => 'no_valid_anti_csrf_token'],
|
||||
'antiCsrfTokenExceptions' => [],
|
||||
'loginRouteId' => 'login',
|
||||
'error404View' => 'error/404'
|
||||
];
|
||||
|
||||
$httpReponse = new HttpResponse(
|
||||
Container::$request,
|
||||
Container::$routeCollection,
|
||||
$appConfig,
|
||||
$_SERVER['REQUEST_METHOD'],
|
||||
$_SERVER['REQUEST_URI']
|
||||
);
|
||||
$httpReponse->render();
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user