From e98bb28faf86c3dca5c420b2a4ee26fde318af8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C5=91cze=20Bence?= Date: Sun, 16 Apr 2023 20:54:29 +0200 Subject: [PATCH 1/3] adapt to soko-web 0.4 --- public/index.php | 63 ------------------------- src/Controller/CommunityController.php | 2 +- src/Controller/LoginController.php | 16 +++---- src/Controller/OAuthController.php | 8 ++-- src/Controller/UserController.php | 4 +- views/account/account.php | 4 +- views/communities/community.php | 4 +- views/communities/community_edit.php | 2 +- views/communities/community_members.php | 8 ++-- views/error/404.php | 2 +- views/home.php | 4 +- views/login/login.php | 6 +-- views/login/password_reset_request.php | 2 +- views/login/reset_password.php | 4 +- views/templates/layout_normal.php | 6 +-- web.php | 25 +++++++--- 16 files changed, 54 insertions(+), 106 deletions(-) diff --git a/public/index.php b/public/index.php index 81dfb54..14996a8 100644 --- a/public/index.php +++ b/public/index.php @@ -1,66 +1,3 @@ match($method, $url == '' ? [] : explode('/', $url)); - -if ($match !== null) { - list($route, $params) = $match; - - Container::$request->setParsedRouteParams($params); - - $handler = $route->getHandler(); - $controller = new $handler[0](Container::$request); - - if ( - $controller instanceof IAuthenticationRequired && - $controller->isAuthenticationRequired() && - Container::$request->user() === null - ) { - Container::$request->session()->set('redirect_after_login', substr($_SERVER['REQUEST_URI'], strlen('/'))); - $response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY); - header('Location: ' . $response->getUrl(), true, $response->getHttpCode()); - return; - } - - if ($method === 'post' && !in_array($url, $antiCsrfTokenExceptions) && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) { - $content = new JsonContent(['error' => 'no_valid_anti_csrf_token']); - header('Content-Type: text/html; charset=UTF-8', true, 403); - $content->render(); - return; - } - - if ( - !($controller instanceof ISecured) || - $controller->authorize() - ) { - $response = call_user_func([$controller, $handler[1]]); - if ($response instanceof IContent) { - header('Content-Type: ' . $response->getContentType() . '; charset=UTF-8'); - $response->render(); - return; - } elseif ($response instanceof IRedirect) { - header('Location: ' . $response->getUrl(), true, $response->getHttpCode()); - return; - } - } -} - -$content = new HtmlContent('error/404'); -header('Content-Type: text/html; charset=UTF-8', true, 404); -$content->render(); diff --git a/src/Controller/CommunityController.php b/src/Controller/CommunityController.php index 30b6e11..b7a6d0f 100644 --- a/src/Controller/CommunityController.php +++ b/src/Controller/CommunityController.php @@ -186,7 +186,7 @@ class CommunityController implements IAuthenticationRequired } return new JsonContent([ - 'redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])] + 'redirect' => ['target' => \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])] ]); } diff --git a/src/Controller/LoginController.php b/src/Controller/LoginController.php index 346822e..a723817 100644 --- a/src/Controller/LoginController.php +++ b/src/Controller/LoginController.php @@ -47,7 +47,7 @@ class LoginController return new Redirect($this->redirectUrl, IRedirect::TEMPORARY); } - return new HtmlContent('login/login', ['redirectUrl' => '/' . $this->redirectUrl]); + return new HtmlContent('login/login', ['redirectUrl' => $this->redirectUrl]); } public function getGoogleLoginRedirect(): IRedirect @@ -61,7 +61,7 @@ class LoginController $oAuth = new GoogleOAuth(new Request()); $url = $oAuth->getDialogUrl( $state, - $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink(), + $this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink(), $nonce ); @@ -99,7 +99,7 @@ class LoginController $user = $this->userRepository->getById($resetter->getUserId()); - return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => '/' . $this->redirectUrl]); + return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => $this->redirectUrl]); } public function login(): IContent @@ -141,7 +141,7 @@ class LoginController $oAuth = new GoogleOAuth(new Request()); $tokenData = $oAuth->getToken( $this->request->query('code'), - $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink() + $this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink() ); if (!isset($tokenData['id_token'])) { @@ -183,7 +183,7 @@ class LoginController $this->deleteRedirectUrl(); return new JsonContent([ 'redirect' => [ - 'target' => '/' . $this->redirectUrl + 'target' => $this->redirectUrl ] ]); } @@ -247,7 +247,7 @@ class LoginController $this->deleteRedirectUrl(); return new JsonContent([ 'redirect' => [ - 'target' => '/' . $this->redirectUrl + 'target' => $this->redirectUrl ] ]); } @@ -258,7 +258,7 @@ class LoginController if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) { return new JsonContent([ 'redirect' => [ - 'target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]) + 'target' => \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]) ] ]); } @@ -299,7 +299,7 @@ class LoginController $mail->setSubject($_ENV['APP_NAME'] . ' - Password reset'); $mail->setBodyFromTemplate('password-reset', [ 'EMAIL' => $email, - 'RESET_LINK' => $this->request->getBase() . '/' . + 'RESET_LINK' => $this->request->getBase() . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]), 'EXPIRES' => $expires->format('Y-m-d H:i T') ]); diff --git a/src/Controller/OAuthController.php b/src/Controller/OAuthController.php index 0666fe7..9c26391 100644 --- a/src/Controller/OAuthController.php +++ b/src/Controller/OAuthController.php @@ -108,10 +108,10 @@ class OAuthController { return new JsonContent([ 'issuer' => $_ENV['APP_URL'], - 'authorization_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(), - 'token_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-token')->generateLink(), - 'userinfo_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(), - 'jwks_uri' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(), + 'authorization_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(), + 'token_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-token')->generateLink(), + 'userinfo_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(), + 'jwks_uri' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(), 'response_types_supported' => [ 'code', diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php index 43605b2..89edd12 100644 --- a/src/Controller/UserController.php +++ b/src/Controller/UserController.php @@ -62,7 +62,7 @@ class UserController implements IAuthenticationRequired $url = $oAuth->getDialogUrl( $state, - $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(), + $this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(), $nonce, $user->getEmail() ); @@ -84,7 +84,7 @@ class UserController implements IAuthenticationRequired $oAuth = new GoogleOAuth(new Request()); $tokenData = $oAuth->getToken( $this->request->query('code'), - $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink() + $this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink() ); if (!isset($tokenData['id_token'])) { diff --git a/views/account/account.php b/views/account/account.php index 27e6dcc..f414387 100644 --- a/views/account/account.php +++ b/views/account/account.php @@ -5,7 +5,7 @@ @section(main)

Account

-
+

Please confirm your identity with your password or with Google to modify your account.

@@ -42,6 +42,6 @@ @section(pageScript) @endsection diff --git a/views/communities/community.php b/views/communities/community.php index 97f9340..6ce29dc 100644 --- a/views/communities/community.php +++ b/views/communities/community.php @@ -1,7 +1,7 @@ @extends(templates/layout_normal) @section(main) -

getName() ?> [edit]

+

getName() ?> [edit]

@@ -11,7 +11,7 @@
-

Edit members

+

Edit members

diff --git a/views/communities/community_edit.php b/views/communities/community_edit.php index 2d80483..dba2f97 100644 --- a/views/communities/community_edit.php +++ b/views/communities/community_edit.php @@ -8,7 +8,7 @@ Container::$routeCollection->getRoute('community-edit-action')->generateLink(['communityId' => $community->getId()]) : Container::$routeCollection->getRoute('community-new-action')->generateLink(); ?> - +

diff --git a/views/communities/community_members.php b/views/communities/community_members.php index 5db0fbb..ddb9d12 100644 --- a/views/communities/community_members.php +++ b/views/communities/community_members.php @@ -34,9 +34,9 @@ @section(pageScript) @endsection diff --git a/views/error/404.php b/views/error/404.php index 0baa91e..c35d138 100644 --- a/views/error/404.php +++ b/views/error/404.php @@ -2,5 +2,5 @@ @section(main)

404 | Page not found

-

The requested URL was not found on this server. Back to start.

+

The requested URL was not found on this server. Back to start.

@endsection diff --git a/views/home.php b/views/home.php index 1a44cec..cc3a6a6 100644 --- a/views/home.php +++ b/views/home.php @@ -6,13 +6,13 @@

Communities

0): ?> -

getName() ?>

+

getName() ?>

You have no community.


-

New community

+

New community

Upcoming events

diff --git a/views/login/login.php b/views/login/login.php index 3573a1d..5b27647 100644 --- a/views/login/login.php +++ b/views/login/login.php @@ -3,17 +3,17 @@ @section(main)

Login

diff --git a/views/login/password_reset_request.php b/views/login/password_reset_request.php index 466606b..7ae9410 100644 --- a/views/login/password_reset_request.php +++ b/views/login/password_reset_request.php @@ -5,7 +5,7 @@ @section(main)

Request password reset

-
+
diff --git a/views/login/reset_password.php b/views/login/reset_password.php index 49714f1..098ae77 100644 --- a/views/login/reset_password.php +++ b/views/login/reset_password.php @@ -4,7 +4,7 @@

Reset password

- + @@ -14,7 +14,7 @@
-

Confirming your identity failed. Please check the link you entered, or retry requesting password reset!

+

Confirming your identity failed. Please check the link you entered, or retry requesting password reset!

@endsection diff --git a/views/templates/layout_normal.php b/views/templates/layout_normal.php index aa33e81..cb3a248 100644 --- a/views/templates/layout_normal.php +++ b/views/templates/layout_normal.php @@ -3,21 +3,21 @@ @section(content)

- + <?= $_ENV['APP_NAME'] ?>

user()) : ?> - + user()->getDisplayName() ?>Logout + -->Logout

diff --git a/web.php b/web.php index 1d35292..0438ea9 100644 --- a/web.php +++ b/web.php @@ -1,5 +1,7 @@ validateId(session_id())) { - session_regenerate_id(true); -} - Container::$request = new SokoWeb\Request\Request( $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, @@ -95,5 +92,19 @@ if (!Container::$request->session()->has('anti_csrf_token')) { Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16))); } -//TODO: make a nicer logic -$antiCsrfTokenExceptions = ['oauth/token']; +$appConfig = [ + 'antiCsrfTokenName' => 'anti_csrf_token', + 'antiCsrfTokenErrorResponse' => ['error' => 'no_valid_anti_csrf_token'], + 'antiCsrfTokenExceptions' => ['oauth/token'], + 'loginRouteId' => 'login', + 'error404View' => 'error/404' +]; + +$httpReponse = new HttpResponse( + Container::$request, + Container::$routeCollection, + $appConfig, + $_SERVER['REQUEST_METHOD'], + $_SERVER['REQUEST_URI'] +); +$httpReponse->render(); From 41933ec510a081e763a1d3a0798991ceaca31d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C5=91cze=20Bence?= Date: Sun, 16 Apr 2023 20:54:49 +0200 Subject: [PATCH 2/3] update soko-web to 0.4 --- composer.json | 2 +- composer.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/composer.json b/composer.json index 9575416..cf8a1b3 100644 --- a/composer.json +++ b/composer.json @@ -10,7 +10,7 @@ } ], "require": { - "esoko/soko-web": "0.3", + "esoko/soko-web": "0.4", "firebase/php-jwt": "^6.4" }, "require-dev": { diff --git a/composer.lock b/composer.lock index 5701037..bd27b77 100644 --- a/composer.lock +++ b/composer.lock @@ -4,15 +4,15 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "64c21f0e5181bd39d8977af72e2aeddc", + "content-hash": "f7786e07bcb0373560ae67549fa28f0b", "packages": [ { "name": "esoko/soko-web", - "version": "v0.3", + "version": "v0.4", "source": { "type": "git", "url": "https://git.esoko.eu/esoko/soko-web.git", - "reference": "014a5480967c03c00dda5ee34c7eaf4be224b96e" + "reference": "948b36c80d324e07339a543d97b9e629487f3a45" }, "require": { "phpmailer/phpmailer": "^6.8", @@ -33,7 +33,7 @@ "GNU GPL 3.0" ], "description": "Lightweight web framework", - "time": "2023-04-16T14:54:22+00:00" + "time": "2023-04-16T18:52:06+00:00" }, { "name": "firebase/php-jwt", From a7d3942d1f887db205ce613107f99d636239cd41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C5=91cze=20Bence?= Date: Sun, 16 Apr 2023 21:14:56 +0200 Subject: [PATCH 3/3] use classes at beginning of web.php --- web.php | 94 ++++++++++++++++++++++++++++++++------------------------- 1 file changed, 53 insertions(+), 41 deletions(-) diff --git a/web.php b/web.php index 0438ea9..3cd456b 100644 --- a/web.php +++ b/web.php @@ -1,6 +1,18 @@ get('home', '', [RVR\Controller\HomeController::class, 'getHome']); -Container::$routeCollection->get('startSession', 'startSession.json', [RVR\Controller\HomeController::class, 'startSession']); -Container::$routeCollection->group('login', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('login', '', [RVR\Controller\LoginController::class, 'getLoginForm']); - $routeCollection->post('login-action', '', [RVR\Controller\LoginController::class, 'login']); - $routeCollection->get('login-google', 'google', [RVR\Controller\LoginController::class, 'getGoogleLoginRedirect']); - $routeCollection->get('login-google-action', 'google/code', [RVR\Controller\LoginController::class, 'loginWithGoogle']); +Container::$routeCollection->get('home', '', [HomeController::class, 'getHome']); +Container::$routeCollection->get('startSession', 'startSession.json', [HomeController::class, 'startSession']); +Container::$routeCollection->group('login', function (RouteCollection $routeCollection) { + $routeCollection->get('login', '', [LoginController::class, 'getLoginForm']); + $routeCollection->post('login-action', '', [LoginController::class, 'login']); + $routeCollection->get('login-google', 'google', [LoginController::class, 'getGoogleLoginRedirect']); + $routeCollection->get('login-google-action', 'google/code', [LoginController::class, 'loginWithGoogle']); }); -Container::$routeCollection->group('oauth', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('oauth-auth', 'auth', [RVR\Controller\OAuthAuthController::class, 'auth']); - $routeCollection->post('oauth-token', 'token', [RVR\Controller\OAuthController::class, 'getToken']); - $routeCollection->get('oauth-userinfo', 'userinfo', [RVR\Controller\OAuthController::class, 'getUserInfo']); - $routeCollection->get('oauth-config', '.well-known/openid-configuration', [RVR\Controller\OAuthController::class, 'getConfig']); - $routeCollection->get('oauth-certs', 'certs', [RVR\Controller\OAuthController::class, 'getCerts']); +Container::$routeCollection->group('oauth', function (RouteCollection $routeCollection) { + $routeCollection->get('oauth-auth', 'auth', [OAuthAuthController::class, 'auth']); + $routeCollection->post('oauth-token', 'token', [OAuthController::class, 'getToken']); + $routeCollection->get('oauth-userinfo', 'userinfo', [OAuthController::class, 'getUserInfo']); + $routeCollection->get('oauth-config', '.well-known/openid-configuration', [OAuthController::class, 'getConfig']); + $routeCollection->get('oauth-certs', 'certs', [OAuthController::class, 'getCerts']); }); -Container::$routeCollection->group('password', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('password-requestReset', 'requestReset', [RVR\Controller\LoginController::class, 'getRequestPasswordResetForm']); - $routeCollection->post('password-requestReset-action', 'requestReset', [RVR\Controller\LoginController::class, 'requestPasswordReset']); - $routeCollection->get('password-requestReset.success', 'requestReset/success', [RVR\Controller\LoginController::class, 'getRequestPasswordResetSuccess']); - $routeCollection->get('password-reset', 'reset/{token}', [RVR\Controller\LoginController::class, 'getResetPasswordForm']); - $routeCollection->post('password-reset.action', 'reset/{token}', [RVR\Controller\LoginController::class, 'resetPassword']); +Container::$routeCollection->group('password', function (RouteCollection $routeCollection) { + $routeCollection->get('password-requestReset', 'requestReset', [LoginController::class, 'getRequestPasswordResetForm']); + $routeCollection->post('password-requestReset-action', 'requestReset', [LoginController::class, 'requestPasswordReset']); + $routeCollection->get('password-requestReset.success', 'requestReset/success', [LoginController::class, 'getRequestPasswordResetSuccess']); + $routeCollection->get('password-reset', 'reset/{token}', [LoginController::class, 'getResetPasswordForm']); + $routeCollection->post('password-reset.action', 'reset/{token}', [LoginController::class, 'resetPassword']); }); -Container::$routeCollection->get('logout', 'logout', [RVR\Controller\LoginController::class, 'logout']); -Container::$routeCollection->group('account', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('account', '', [RVR\Controller\UserController::class, 'getAccount']); - $routeCollection->post('account-action', '', [RVR\Controller\UserController::class, 'saveAccount']); - $routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [RVR\Controller\UserController::class, 'getGoogleAuthenticateRedirect']); - $routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [RVR\Controller\UserController::class, 'authenticateWithGoogle']); +Container::$routeCollection->get('logout', 'logout', [LoginController::class, 'logout']); +Container::$routeCollection->group('account', function (RouteCollection $routeCollection) { + $routeCollection->get('account', '', [UserController::class, 'getAccount']); + $routeCollection->post('account-action', '', [UserController::class, 'saveAccount']); + $routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [UserController::class, 'getGoogleAuthenticateRedirect']); + $routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [UserController::class, 'authenticateWithGoogle']); }); -Container::$routeCollection->get('searchUser', 'searchUser', [RVR\Controller\UserSearchController::class, 'searchUser']); -Container::$routeCollection->group('communities', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('community-new', 'new', [RVR\Controller\CommunityController::class, 'getCommunityNew']); - $routeCollection->post('community-new-action', 'new', [RVR\Controller\CommunityController::class, 'saveCommunity']); - $routeCollection->group('{communityId}', function (SokoWeb\Routing\RouteCollection $routeCollection) { - $routeCollection->get('community', '', [RVR\Controller\CommunityController::class, 'getCommunityHome']); - $routeCollection->get('community-edit', 'edit', [RVR\Controller\CommunityController::class, 'getCommunityEdit']); - $routeCollection->post('community-edit-action', 'edit', [RVR\Controller\CommunityController::class, 'saveCommunity']); - $routeCollection->get('community-members', 'members', [RVR\Controller\CommunityController::class, 'getMembersEdit']); - $routeCollection->post('community-members-new', 'newMember', [RVR\Controller\CommunityController::class, 'newMember']); - $routeCollection->post('community-members-edit', 'editMember', [RVR\Controller\CommunityController::class, 'editMember']); - $routeCollection->post('community-members-delete', 'deleteMember', [RVR\Controller\CommunityController::class, 'deleteMember']); +Container::$routeCollection->get('searchUser', 'searchUser', [UserSearchController::class, 'searchUser']); +Container::$routeCollection->group('communities', function (RouteCollection $routeCollection) { + $routeCollection->get('community-new', 'new', [CommunityController::class, 'getCommunityNew']); + $routeCollection->post('community-new-action', 'new', [CommunityController::class, 'saveCommunity']); + $routeCollection->group('{communityId}', function (RouteCollection $routeCollection) { + $routeCollection->get('community', '', [CommunityController::class, 'getCommunityHome']); + $routeCollection->get('community-edit', 'edit', [CommunityController::class, 'getCommunityEdit']); + $routeCollection->post('community-edit-action', 'edit', [CommunityController::class, 'saveCommunity']); + $routeCollection->get('community-members', 'members', [CommunityController::class, 'getMembersEdit']); + $routeCollection->post('community-members-new', 'newMember', [CommunityController::class, 'newMember']); + $routeCollection->post('community-members-edit', 'editMember', [CommunityController::class, 'editMember']); + $routeCollection->post('community-members-delete', 'deleteMember', [CommunityController::class, 'deleteMember']); }); }); -Container::$sessionHandler = new SokoWeb\Session\DatabaseSessionHandler(); +Container::$sessionHandler = new DatabaseSessionHandler(); session_set_save_handler(Container::$sessionHandler, true); session_start([ @@ -79,13 +91,13 @@ if (isset($_COOKIE[session_name()])) { ]); } -Container::$request = new SokoWeb\Request\Request( +Container::$request = new Request( $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, getallheaders(), $_SESSION, - new RVR\Repository\UserRepository() + new UserRepository() ); if (!Container::$request->session()->has('anti_csrf_token')) {