Compare commits
4 Commits
34eeb10c27
...
9fd8453f63
Author | SHA1 | Date | |
---|---|---|---|
9fd8453f63 | |||
a7d3942d1f | |||
41933ec510 | |||
e98bb28faf |
@ -10,7 +10,7 @@
|
||||
}
|
||||
],
|
||||
"require": {
|
||||
"esoko/soko-web": "0.3",
|
||||
"esoko/soko-web": "0.4",
|
||||
"firebase/php-jwt": "^6.4"
|
||||
},
|
||||
"require-dev": {
|
||||
|
8
composer.lock
generated
8
composer.lock
generated
@ -4,15 +4,15 @@
|
||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "64c21f0e5181bd39d8977af72e2aeddc",
|
||||
"content-hash": "f7786e07bcb0373560ae67549fa28f0b",
|
||||
"packages": [
|
||||
{
|
||||
"name": "esoko/soko-web",
|
||||
"version": "v0.3",
|
||||
"version": "v0.4",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://git.esoko.eu/esoko/soko-web.git",
|
||||
"reference": "014a5480967c03c00dda5ee34c7eaf4be224b96e"
|
||||
"reference": "948b36c80d324e07339a543d97b9e629487f3a45"
|
||||
},
|
||||
"require": {
|
||||
"phpmailer/phpmailer": "^6.8",
|
||||
@ -33,7 +33,7 @@
|
||||
"GNU GPL 3.0"
|
||||
],
|
||||
"description": "Lightweight web framework",
|
||||
"time": "2023-04-16T14:54:22+00:00"
|
||||
"time": "2023-04-16T18:52:06+00:00"
|
||||
},
|
||||
{
|
||||
"name": "firebase/php-jwt",
|
||||
|
@ -1,66 +1,3 @@
|
||||
<?php
|
||||
|
||||
use SokoWeb\Interfaces\Response\IRedirect;
|
||||
use SokoWeb\Interfaces\Response\IContent;
|
||||
use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
|
||||
use SokoWeb\Interfaces\Authorization\ISecured;
|
||||
use SokoWeb\Response\Redirect;
|
||||
use SokoWeb\Response\HtmlContent;
|
||||
use SokoWeb\Response\JsonContent;
|
||||
|
||||
require '../web.php';
|
||||
|
||||
$method = strtolower($_SERVER['REQUEST_METHOD']);
|
||||
$url = substr($_SERVER['REQUEST_URI'], strlen('/'));
|
||||
if (($pos = strpos($url, '?')) !== false) {
|
||||
$url = substr($url, 0, $pos);
|
||||
}
|
||||
$url = rawurldecode($url);
|
||||
|
||||
$match = Container::$routeCollection->match($method, $url == '' ? [] : explode('/', $url));
|
||||
|
||||
if ($match !== null) {
|
||||
list($route, $params) = $match;
|
||||
|
||||
Container::$request->setParsedRouteParams($params);
|
||||
|
||||
$handler = $route->getHandler();
|
||||
$controller = new $handler[0](Container::$request);
|
||||
|
||||
if (
|
||||
$controller instanceof IAuthenticationRequired &&
|
||||
$controller->isAuthenticationRequired() &&
|
||||
Container::$request->user() === null
|
||||
) {
|
||||
Container::$request->session()->set('redirect_after_login', substr($_SERVER['REQUEST_URI'], strlen('/')));
|
||||
$response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY);
|
||||
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
||||
return;
|
||||
}
|
||||
|
||||
if ($method === 'post' && !in_array($url, $antiCsrfTokenExceptions) && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
|
||||
$content = new JsonContent(['error' => 'no_valid_anti_csrf_token']);
|
||||
header('Content-Type: text/html; charset=UTF-8', true, 403);
|
||||
$content->render();
|
||||
return;
|
||||
}
|
||||
|
||||
if (
|
||||
!($controller instanceof ISecured) ||
|
||||
$controller->authorize()
|
||||
) {
|
||||
$response = call_user_func([$controller, $handler[1]]);
|
||||
if ($response instanceof IContent) {
|
||||
header('Content-Type: ' . $response->getContentType() . '; charset=UTF-8');
|
||||
$response->render();
|
||||
return;
|
||||
} elseif ($response instanceof IRedirect) {
|
||||
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$content = new HtmlContent('error/404');
|
||||
header('Content-Type: text/html; charset=UTF-8', true, 404);
|
||||
$content->render();
|
||||
|
@ -186,7 +186,7 @@ class CommunityController implements IAuthenticationRequired
|
||||
}
|
||||
|
||||
return new JsonContent([
|
||||
'redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])]
|
||||
'redirect' => ['target' => \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])]
|
||||
]);
|
||||
}
|
||||
|
||||
|
@ -47,7 +47,7 @@ class LoginController
|
||||
return new Redirect($this->redirectUrl, IRedirect::TEMPORARY);
|
||||
}
|
||||
|
||||
return new HtmlContent('login/login', ['redirectUrl' => '/' . $this->redirectUrl]);
|
||||
return new HtmlContent('login/login', ['redirectUrl' => $this->redirectUrl]);
|
||||
}
|
||||
|
||||
public function getGoogleLoginRedirect(): IRedirect
|
||||
@ -61,7 +61,7 @@ class LoginController
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$url = $oAuth->getDialogUrl(
|
||||
$state,
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
|
||||
$nonce
|
||||
);
|
||||
|
||||
@ -99,7 +99,7 @@ class LoginController
|
||||
|
||||
$user = $this->userRepository->getById($resetter->getUserId());
|
||||
|
||||
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => '/' . $this->redirectUrl]);
|
||||
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => $this->redirectUrl]);
|
||||
}
|
||||
|
||||
public function login(): IContent
|
||||
@ -141,7 +141,7 @@ class LoginController
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$tokenData = $oAuth->getToken(
|
||||
$this->request->query('code'),
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||
);
|
||||
|
||||
if (!isset($tokenData['id_token'])) {
|
||||
@ -183,7 +183,7 @@ class LoginController
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . $this->redirectUrl
|
||||
'target' => $this->redirectUrl
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -247,7 +247,7 @@ class LoginController
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . $this->redirectUrl
|
||||
'target' => $this->redirectUrl
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -258,7 +258,7 @@ class LoginController
|
||||
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
||||
return new JsonContent([
|
||||
'redirect' => [
|
||||
'target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
|
||||
'target' => \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -299,7 +299,7 @@ class LoginController
|
||||
$mail->setSubject($_ENV['APP_NAME'] . ' - Password reset');
|
||||
$mail->setBodyFromTemplate('password-reset', [
|
||||
'EMAIL' => $email,
|
||||
'RESET_LINK' => $this->request->getBase() . '/' .
|
||||
'RESET_LINK' => $this->request->getBase() .
|
||||
\Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]),
|
||||
'EXPIRES' => $expires->format('Y-m-d H:i T')
|
||||
]);
|
||||
|
@ -108,10 +108,10 @@ class OAuthController
|
||||
{
|
||||
return new JsonContent([
|
||||
'issuer' => $_ENV['APP_URL'],
|
||||
'authorization_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(),
|
||||
'token_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-token')->generateLink(),
|
||||
'userinfo_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(),
|
||||
'jwks_uri' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(),
|
||||
'authorization_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(),
|
||||
'token_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-token')->generateLink(),
|
||||
'userinfo_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(),
|
||||
'jwks_uri' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(),
|
||||
'response_types_supported' =>
|
||||
[
|
||||
'code',
|
||||
|
@ -62,7 +62,7 @@ class UserController implements IAuthenticationRequired
|
||||
|
||||
$url = $oAuth->getDialogUrl(
|
||||
$state,
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
|
||||
$nonce,
|
||||
$user->getEmail()
|
||||
);
|
||||
@ -84,7 +84,7 @@ class UserController implements IAuthenticationRequired
|
||||
$oAuth = new GoogleOAuth(new Request());
|
||||
$tokenData = $oAuth->getToken(
|
||||
$this->request->query('code'),
|
||||
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
|
||||
$this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
|
||||
);
|
||||
|
||||
if (!isset($tokenData['id_token'])) {
|
||||
|
@ -5,7 +5,7 @@
|
||||
@section(main)
|
||||
<h2>Account</h2>
|
||||
<div class="box">
|
||||
<form id="accountForm" action="/<?= Container::$routeCollection->getRoute('account-action')->generateLink() ?>" method="post" data-reload-on-success="true" data-observe-inputs="email,username,password_new,password_new_confirm,nickname,phone,id_number">
|
||||
<form id="accountForm" action="<?= Container::$routeCollection->getRoute('account-action')->generateLink() ?>" method="post" data-reload-on-success="true" data-observe-inputs="email,username,password_new,password_new_confirm,nickname,phone,id_number">
|
||||
<?php if ($user['password'] !== null && $user['google_sub'] !== null): ?>
|
||||
<p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p>
|
||||
<div class="inputWithButton">
|
||||
@ -42,6 +42,6 @@
|
||||
|
||||
@section(pageScript)
|
||||
<script>
|
||||
var googleAuthenticateUrl = '/<?= Container::$routeCollection->getRoute('account.googleAuthenticate')->generateLink() ?>';
|
||||
var googleAuthenticateUrl = '<?= Container::$routeCollection->getRoute('account.googleAuthenticate')->generateLink() ?>';
|
||||
</script>
|
||||
@endsection
|
||||
|
@ -1,7 +1,7 @@
|
||||
@extends(templates/layout_normal)
|
||||
|
||||
@section(main)
|
||||
<h2><?= $community->getName() ?> <span class="small">[<a href="/<?= Container::$routeCollection->getRoute('community-edit')->generateLink(['communityId' => $community->getId()]) ?>">edit</a>]</span></h2>
|
||||
<h2><?= $community->getName() ?> <span class="small">[<a href="<?= Container::$routeCollection->getRoute('community-edit')->generateLink(['communityId' => $community->getId()]) ?>">edit</a>]</span></h2>
|
||||
|
||||
<div class="gridContainer marginTop">
|
||||
<div>
|
||||
@ -11,7 +11,7 @@
|
||||
<?php endforeach; ?>
|
||||
<?php if ($editPermission): ?>
|
||||
<hr>
|
||||
<p><a href="/<?= Container::$routeCollection->getRoute('community-members')->generateLink(['communityId' => $community->getId()]) ?>">Edit members</a></p>
|
||||
<p><a href="<?= Container::$routeCollection->getRoute('community-members')->generateLink(['communityId' => $community->getId()]) ?>">Edit members</a></p>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<div>
|
||||
|
@ -8,7 +8,7 @@
|
||||
Container::$routeCollection->getRoute('community-edit-action')->generateLink(['communityId' => $community->getId()]) :
|
||||
Container::$routeCollection->getRoute('community-new-action')->generateLink();
|
||||
?>
|
||||
<form id="communityForm" action="/<?= $formAction ?>" method="post" data-redirect-on-success="true">
|
||||
<form id="communityForm" action="<?= $formAction ?>" method="post" data-redirect-on-success="true">
|
||||
<input type="text" class="text big fullWidth" name="name" placeholder="Name" value="<?= isset($community) ? $community->getName() : '' ?>" required>
|
||||
<input type="text" class="text big fullWidth marginTop" name="currency" value="<?= isset($community) ? $community->getCurrency() : '' ?>" placeholder="Default currency" maxlength="3" required>
|
||||
<p id="accountFormError" class="formError justify marginTop"></p>
|
||||
|
@ -34,9 +34,9 @@
|
||||
|
||||
@section(pageScript)
|
||||
<script>
|
||||
var searchUserUrl = '/<?= Container::$routeCollection->getRoute('searchUser')->generateLink(['q' => 'QUERY']) ?>';
|
||||
var newMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-new')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
var editMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-edit')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
var deleteMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-delete')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
var searchUserUrl = '<?= Container::$routeCollection->getRoute('searchUser')->generateLink(['q' => 'QUERY']) ?>';
|
||||
var newMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-new')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
var editMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-edit')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
var deleteMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-delete')->generateLink(['communityId' => $community->getId()]) ?>';
|
||||
</script>
|
||||
@endsection
|
||||
|
@ -2,5 +2,5 @@
|
||||
|
||||
@section(main)
|
||||
<h2>404 | Page not found</h2>
|
||||
<p>The requested URL was not found on this server. <a href="/" title="<?= $_ENV['APP_NAME'] ?>">Back to start.</a></p>
|
||||
<p>The requested URL was not found on this server. <a href="<?= Container::$routeCollection->getRoute('home')->generateLink() ?>" title="<?= $_ENV['APP_NAME'] ?>">Back to start.</a></p>
|
||||
@endsection
|
||||
|
@ -6,13 +6,13 @@
|
||||
<h3 class="marginBottom">Communities</h3>
|
||||
<?php if (count($communities) > 0): ?>
|
||||
<?php foreach ($communities as $community): ?>
|
||||
<p><a href="/<?= Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()]) ?>"><?= $community->getName() ?></a></p>
|
||||
<p><a href="<?= Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()]) ?>"><?= $community->getName() ?></a></p>
|
||||
<?php endforeach; ?>
|
||||
<?php else: ?>
|
||||
<p>You have no community.</p>
|
||||
<?php endif; ?>
|
||||
<hr>
|
||||
<p><a href="/<?= Container::$routeCollection->getRoute('community-new')->generateLink() ?>">New community</a></p>
|
||||
<p><a href="<?= Container::$routeCollection->getRoute('community-new')->generateLink() ?>">New community</a></p>
|
||||
</div>
|
||||
<div>
|
||||
<h3 class="marginBottom">Upcoming events</h3>
|
||||
|
@ -3,17 +3,17 @@
|
||||
@section(main)
|
||||
<h2>Login</h2>
|
||||
<div class="box">
|
||||
<form id="loginForm" action="/<?= Container::$routeCollection->getRoute('login-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<form id="loginForm" action="<?= Container::$routeCollection->getRoute('login-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<input type="text" class="text big fullWidth" name="email" placeholder="Email address / Username" required autofocus>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6">
|
||||
<p id="loginFormError" class="formError justify marginTop"></p>
|
||||
<div class="right marginTop">
|
||||
<button type="submit">Login</button>
|
||||
</div>
|
||||
<p class="center marginTop"><a href="/<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">Forgot your password?</a></p>
|
||||
<p class="center marginTop"><a href="<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">Forgot your password?</a></p>
|
||||
<hr>
|
||||
<div class="center">
|
||||
<a class="button yellow" href="/<?= Container::$routeCollection->getRoute('login-google')->generateLink() ?>" title="Login with Google">Login with Google</a>
|
||||
<a class="button yellow" href="<?= Container::$routeCollection->getRoute('login-google')->generateLink() ?>" title="Login with Google">Login with Google</a>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
@ -5,7 +5,7 @@
|
||||
@section(main)
|
||||
<h2>Request password reset</h2>
|
||||
<div class="box">
|
||||
<form id="passwordResetForm" action="/<?= Container::$routeCollection->getRoute('password-requestReset-action')->generateLink() ?>" method="post" data-redirect-on-success="/<?= Container::$routeCollection->getRoute('password-requestReset.success')->generateLink() ?>">
|
||||
<form id="passwordResetForm" action="<?= Container::$routeCollection->getRoute('password-requestReset-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= Container::$routeCollection->getRoute('password-requestReset.success')->generateLink() ?>">
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= isset($email) ? $email : '' ?>" required autofocus>
|
||||
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
|
||||
<div class="marginTop">
|
||||
|
@ -4,7 +4,7 @@
|
||||
<h2>Reset password</h2>
|
||||
<div class="box">
|
||||
<?php if ($success) : ?>
|
||||
<form id="resetPasswordForm" action="/<?= Container::$routeCollection->getRoute('password-reset.action')->generateLink(['token' => $token]) ?>"" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<form id="resetPasswordForm" action="<?= Container::$routeCollection->getRoute('password-reset.action')->generateLink(['token' => $token]) ?>"" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6" autofocus>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" required minlength="6">
|
||||
@ -14,7 +14,7 @@
|
||||
</div>
|
||||
</form>
|
||||
<?php else: ?>
|
||||
<p class="error justify">Confirming your identity failed. Please check the link you entered, or retry <a href="/<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">requesting password reset</a>!</p>
|
||||
<p class="error justify">Confirming your identity failed. Please check the link you entered, or retry <a href="<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">requesting password reset</a>!</p>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
@endsection
|
||||
|
@ -3,21 +3,21 @@
|
||||
@section(content)
|
||||
<header>
|
||||
<h1>
|
||||
<a href="/" title="<?= $_ENV['APP_NAME'] ?>">
|
||||
<a href="<?= Container::$routeCollection->getRoute('home')->generateLink() ?>" title="<?= $_ENV['APP_NAME'] ?>">
|
||||
<img class="inline" width="1em" height="1em" src="<?= $_ENV['STATIC_ROOT'] ?>/img/icon.svg?rev=<?= REVISION ?>" alt="<?= $_ENV['APP_NAME'] ?>"><!--
|
||||
--><span><?= $_ENV['APP_NAME'] ?></span>
|
||||
</a>
|
||||
</h1>
|
||||
<p>
|
||||
<?php if (Container::$request->user()) : ?>
|
||||
<span><a href="/<?= Container::$routeCollection->getRoute('account')->generateLink() ?>" title="Account">
|
||||
<span><a href="<?= Container::$routeCollection->getRoute('account')->generateLink() ?>" title="Account">
|
||||
<?php /* Copyright (c) 2019 The Bootstrap Authors. License can be found in 'USED_SOFTWARE' in section 'Bootstrap Icons'. */ ?>
|
||||
<svg class="inline" width="1em" height="1em" viewBox="0 0 16 16" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
|
||||
<path fill-rule="evenodd" d="M3 14s-1 0-1-1 1-4 6-4 6 3 6 4-1 1-1 1H3zm5-6a3 3 0 1 0 0-6 3 3 0 0 0 0 6z"/>
|
||||
</svg><!--
|
||||
--><?= Container::$request->user()->getDisplayName() ?><!--
|
||||
--></a></span><!--
|
||||
--><span><a href="/<?= Container::$routeCollection->getRoute('logout')->generateLink() ?>" title="Logout">Logout</a></span>
|
||||
--><span><a href="<?= Container::$routeCollection->getRoute('logout')->generateLink() ?>" title="Logout">Logout</a></span>
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
</header>
|
||||
|
119
web.php
119
web.php
@ -1,5 +1,19 @@
|
||||
<?php
|
||||
|
||||
use Container;
|
||||
use SokoWeb\Response\HttpResponse;
|
||||
use SokoWeb\Routing\RouteCollection;
|
||||
use SokoWeb\Session\DatabaseSessionHandler;
|
||||
use SokoWeb\Request\Request;
|
||||
use RVR\Controller\HomeController;
|
||||
use RVR\Controller\LoginController;
|
||||
use RVR\Controller\OAuthAuthController;
|
||||
use RVR\Controller\OAuthController;
|
||||
use RVR\Controller\UserController;
|
||||
use RVR\Controller\UserSearchController;
|
||||
use RVR\Controller\CommunityController;
|
||||
use RVR\Repository\UserRepository;
|
||||
|
||||
require 'app.php';
|
||||
|
||||
if (!empty($_ENV['DEV'])) {
|
||||
@ -10,53 +24,53 @@ if (!empty($_ENV['DEV'])) {
|
||||
ini_set('display_errors', '0');
|
||||
}
|
||||
|
||||
Container::$routeCollection = new SokoWeb\Routing\RouteCollection();
|
||||
Container::$routeCollection = new RouteCollection();
|
||||
|
||||
Container::$routeCollection->get('home', '', [RVR\Controller\HomeController::class, 'getHome']);
|
||||
Container::$routeCollection->get('startSession', 'startSession.json', [RVR\Controller\HomeController::class, 'startSession']);
|
||||
Container::$routeCollection->group('login', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('login', '', [RVR\Controller\LoginController::class, 'getLoginForm']);
|
||||
$routeCollection->post('login-action', '', [RVR\Controller\LoginController::class, 'login']);
|
||||
$routeCollection->get('login-google', 'google', [RVR\Controller\LoginController::class, 'getGoogleLoginRedirect']);
|
||||
$routeCollection->get('login-google-action', 'google/code', [RVR\Controller\LoginController::class, 'loginWithGoogle']);
|
||||
Container::$routeCollection->get('home', '', [HomeController::class, 'getHome']);
|
||||
Container::$routeCollection->get('startSession', 'startSession.json', [HomeController::class, 'startSession']);
|
||||
Container::$routeCollection->group('login', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('login', '', [LoginController::class, 'getLoginForm']);
|
||||
$routeCollection->post('login-action', '', [LoginController::class, 'login']);
|
||||
$routeCollection->get('login-google', 'google', [LoginController::class, 'getGoogleLoginRedirect']);
|
||||
$routeCollection->get('login-google-action', 'google/code', [LoginController::class, 'loginWithGoogle']);
|
||||
});
|
||||
Container::$routeCollection->group('oauth', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('oauth-auth', 'auth', [RVR\Controller\OAuthAuthController::class, 'auth']);
|
||||
$routeCollection->post('oauth-token', 'token', [RVR\Controller\OAuthController::class, 'getToken']);
|
||||
$routeCollection->get('oauth-userinfo', 'userinfo', [RVR\Controller\OAuthController::class, 'getUserInfo']);
|
||||
$routeCollection->get('oauth-config', '.well-known/openid-configuration', [RVR\Controller\OAuthController::class, 'getConfig']);
|
||||
$routeCollection->get('oauth-certs', 'certs', [RVR\Controller\OAuthController::class, 'getCerts']);
|
||||
Container::$routeCollection->group('oauth', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('oauth-auth', 'auth', [OAuthAuthController::class, 'auth']);
|
||||
$routeCollection->post('oauth-token', 'token', [OAuthController::class, 'getToken']);
|
||||
$routeCollection->get('oauth-userinfo', 'userinfo', [OAuthController::class, 'getUserInfo']);
|
||||
$routeCollection->get('oauth-config', '.well-known/openid-configuration', [OAuthController::class, 'getConfig']);
|
||||
$routeCollection->get('oauth-certs', 'certs', [OAuthController::class, 'getCerts']);
|
||||
});
|
||||
Container::$routeCollection->group('password', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('password-requestReset', 'requestReset', [RVR\Controller\LoginController::class, 'getRequestPasswordResetForm']);
|
||||
$routeCollection->post('password-requestReset-action', 'requestReset', [RVR\Controller\LoginController::class, 'requestPasswordReset']);
|
||||
$routeCollection->get('password-requestReset.success', 'requestReset/success', [RVR\Controller\LoginController::class, 'getRequestPasswordResetSuccess']);
|
||||
$routeCollection->get('password-reset', 'reset/{token}', [RVR\Controller\LoginController::class, 'getResetPasswordForm']);
|
||||
$routeCollection->post('password-reset.action', 'reset/{token}', [RVR\Controller\LoginController::class, 'resetPassword']);
|
||||
Container::$routeCollection->group('password', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('password-requestReset', 'requestReset', [LoginController::class, 'getRequestPasswordResetForm']);
|
||||
$routeCollection->post('password-requestReset-action', 'requestReset', [LoginController::class, 'requestPasswordReset']);
|
||||
$routeCollection->get('password-requestReset.success', 'requestReset/success', [LoginController::class, 'getRequestPasswordResetSuccess']);
|
||||
$routeCollection->get('password-reset', 'reset/{token}', [LoginController::class, 'getResetPasswordForm']);
|
||||
$routeCollection->post('password-reset.action', 'reset/{token}', [LoginController::class, 'resetPassword']);
|
||||
});
|
||||
Container::$routeCollection->get('logout', 'logout', [RVR\Controller\LoginController::class, 'logout']);
|
||||
Container::$routeCollection->group('account', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('account', '', [RVR\Controller\UserController::class, 'getAccount']);
|
||||
$routeCollection->post('account-action', '', [RVR\Controller\UserController::class, 'saveAccount']);
|
||||
$routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [RVR\Controller\UserController::class, 'getGoogleAuthenticateRedirect']);
|
||||
$routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [RVR\Controller\UserController::class, 'authenticateWithGoogle']);
|
||||
Container::$routeCollection->get('logout', 'logout', [LoginController::class, 'logout']);
|
||||
Container::$routeCollection->group('account', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('account', '', [UserController::class, 'getAccount']);
|
||||
$routeCollection->post('account-action', '', [UserController::class, 'saveAccount']);
|
||||
$routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [UserController::class, 'getGoogleAuthenticateRedirect']);
|
||||
$routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [UserController::class, 'authenticateWithGoogle']);
|
||||
});
|
||||
Container::$routeCollection->get('searchUser', 'searchUser', [RVR\Controller\UserSearchController::class, 'searchUser']);
|
||||
Container::$routeCollection->group('communities', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('community-new', 'new', [RVR\Controller\CommunityController::class, 'getCommunityNew']);
|
||||
$routeCollection->post('community-new-action', 'new', [RVR\Controller\CommunityController::class, 'saveCommunity']);
|
||||
$routeCollection->group('{communityId}', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
||||
$routeCollection->get('community', '', [RVR\Controller\CommunityController::class, 'getCommunityHome']);
|
||||
$routeCollection->get('community-edit', 'edit', [RVR\Controller\CommunityController::class, 'getCommunityEdit']);
|
||||
$routeCollection->post('community-edit-action', 'edit', [RVR\Controller\CommunityController::class, 'saveCommunity']);
|
||||
$routeCollection->get('community-members', 'members', [RVR\Controller\CommunityController::class, 'getMembersEdit']);
|
||||
$routeCollection->post('community-members-new', 'newMember', [RVR\Controller\CommunityController::class, 'newMember']);
|
||||
$routeCollection->post('community-members-edit', 'editMember', [RVR\Controller\CommunityController::class, 'editMember']);
|
||||
$routeCollection->post('community-members-delete', 'deleteMember', [RVR\Controller\CommunityController::class, 'deleteMember']);
|
||||
Container::$routeCollection->get('searchUser', 'searchUser', [UserSearchController::class, 'searchUser']);
|
||||
Container::$routeCollection->group('communities', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('community-new', 'new', [CommunityController::class, 'getCommunityNew']);
|
||||
$routeCollection->post('community-new-action', 'new', [CommunityController::class, 'saveCommunity']);
|
||||
$routeCollection->group('{communityId}', function (RouteCollection $routeCollection) {
|
||||
$routeCollection->get('community', '', [CommunityController::class, 'getCommunityHome']);
|
||||
$routeCollection->get('community-edit', 'edit', [CommunityController::class, 'getCommunityEdit']);
|
||||
$routeCollection->post('community-edit-action', 'edit', [CommunityController::class, 'saveCommunity']);
|
||||
$routeCollection->get('community-members', 'members', [CommunityController::class, 'getMembersEdit']);
|
||||
$routeCollection->post('community-members-new', 'newMember', [CommunityController::class, 'newMember']);
|
||||
$routeCollection->post('community-members-edit', 'editMember', [CommunityController::class, 'editMember']);
|
||||
$routeCollection->post('community-members-delete', 'deleteMember', [CommunityController::class, 'deleteMember']);
|
||||
});
|
||||
});
|
||||
|
||||
Container::$sessionHandler = new SokoWeb\Session\DatabaseSessionHandler();
|
||||
Container::$sessionHandler = new DatabaseSessionHandler();
|
||||
|
||||
session_set_save_handler(Container::$sessionHandler, true);
|
||||
session_start([
|
||||
@ -77,23 +91,32 @@ if (isset($_COOKIE[session_name()])) {
|
||||
]);
|
||||
}
|
||||
|
||||
// this is needed to handle old type of session IDs
|
||||
if (!Container::$sessionHandler->validateId(session_id())) {
|
||||
session_regenerate_id(true);
|
||||
}
|
||||
|
||||
Container::$request = new SokoWeb\Request\Request(
|
||||
Container::$request = new Request(
|
||||
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'],
|
||||
$_GET,
|
||||
$_POST,
|
||||
getallheaders(),
|
||||
$_SESSION,
|
||||
new RVR\Repository\UserRepository()
|
||||
new UserRepository()
|
||||
);
|
||||
|
||||
if (!Container::$request->session()->has('anti_csrf_token')) {
|
||||
Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
|
||||
}
|
||||
|
||||
//TODO: make a nicer logic
|
||||
$antiCsrfTokenExceptions = ['oauth/token'];
|
||||
$appConfig = [
|
||||
'antiCsrfTokenName' => 'anti_csrf_token',
|
||||
'antiCsrfTokenErrorResponse' => ['error' => 'no_valid_anti_csrf_token'],
|
||||
'antiCsrfTokenExceptions' => ['oauth/token'],
|
||||
'loginRouteId' => 'login',
|
||||
'error404View' => 'error/404'
|
||||
];
|
||||
|
||||
$httpReponse = new HttpResponse(
|
||||
Container::$request,
|
||||
Container::$routeCollection,
|
||||
$appConfig,
|
||||
$_SERVER['REQUEST_METHOD'],
|
||||
$_SERVER['REQUEST_URI']
|
||||
);
|
||||
$httpReponse->render();
|
||||
|
Loading…
Reference in New Issue
Block a user