Pőcze Bence
96b9ef6a72
Some checks failed
rvr-nextgen/pipeline/pr-master There was a failure building this commit
99 lines
5.8 KiB
PHP
99 lines
5.8 KiB
PHP
<?php
|
|
|
|
require 'app.php';
|
|
|
|
if (!empty($_ENV['DEV'])) {
|
|
error_reporting(E_ALL);
|
|
|
|
ini_set('display_errors', '1');
|
|
} else {
|
|
ini_set('display_errors', '0');
|
|
}
|
|
|
|
Container::$routeCollection = new SokoWeb\Routing\RouteCollection();
|
|
|
|
Container::$routeCollection->get('home', '', [RVR\Controller\HomeController::class, 'getHome']);
|
|
Container::$routeCollection->get('startSession', 'startSession.json', [RVR\Controller\HomeController::class, 'startSession']);
|
|
Container::$routeCollection->group('login', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('login', '', [RVR\Controller\LoginController::class, 'getLoginForm']);
|
|
$routeCollection->post('login-action', '', [RVR\Controller\LoginController::class, 'login']);
|
|
$routeCollection->get('login-google', 'google', [RVR\Controller\LoginController::class, 'getGoogleLoginRedirect']);
|
|
$routeCollection->get('login-google-action', 'google/code', [RVR\Controller\LoginController::class, 'loginWithGoogle']);
|
|
});
|
|
Container::$routeCollection->group('oauth', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('oauth-auth', 'auth', [RVR\Controller\OAuthAuthController::class, 'auth']);
|
|
$routeCollection->post('oauth-token', 'token', [RVR\Controller\OAuthController::class, 'getToken']);
|
|
$routeCollection->get('oauth-userinfo', 'userinfo', [RVR\Controller\OAuthController::class, 'getUserInfo']);
|
|
$routeCollection->get('oauth-config', '.well-known/openid-configuration', [RVR\Controller\OAuthController::class, 'getConfig']);
|
|
$routeCollection->get('oauth-certs', 'certs', [RVR\Controller\OAuthController::class, 'getCerts']);
|
|
});
|
|
Container::$routeCollection->group('password', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('password-requestReset', 'requestReset', [RVR\Controller\LoginController::class, 'getRequestPasswordResetForm']);
|
|
$routeCollection->post('password-requestReset-action', 'requestReset', [RVR\Controller\LoginController::class, 'requestPasswordReset']);
|
|
$routeCollection->get('password-requestReset.success', 'requestReset/success', [RVR\Controller\LoginController::class, 'getRequestPasswordResetSuccess']);
|
|
$routeCollection->get('password-reset', 'reset/{token}', [RVR\Controller\LoginController::class, 'getResetPasswordForm']);
|
|
$routeCollection->post('password-reset.action', 'reset/{token}', [RVR\Controller\LoginController::class, 'resetPassword']);
|
|
});
|
|
Container::$routeCollection->get('logout', 'logout', [RVR\Controller\LoginController::class, 'logout']);
|
|
Container::$routeCollection->group('account', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('account', '', [RVR\Controller\UserController::class, 'getAccount']);
|
|
$routeCollection->post('account-action', '', [RVR\Controller\UserController::class, 'saveAccount']);
|
|
$routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [RVR\Controller\UserController::class, 'getGoogleAuthenticateRedirect']);
|
|
$routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [RVR\Controller\UserController::class, 'authenticateWithGoogle']);
|
|
});
|
|
Container::$routeCollection->get('searchUser', 'searchUser', [RVR\Controller\UserSearchController::class, 'searchUser']);
|
|
Container::$routeCollection->group('communities', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('community-new', 'new', [RVR\Controller\CommunityController::class, 'getCommunityNew']);
|
|
$routeCollection->post('community-new-action', 'new', [RVR\Controller\CommunityController::class, 'saveCommunity']);
|
|
$routeCollection->group('{communityId}', function (SokoWeb\Routing\RouteCollection $routeCollection) {
|
|
$routeCollection->get('community', '', [RVR\Controller\CommunityController::class, 'getCommunityHome']);
|
|
$routeCollection->get('community-edit', 'edit', [RVR\Controller\CommunityController::class, 'getCommunityEdit']);
|
|
$routeCollection->post('community-edit-action', 'edit', [RVR\Controller\CommunityController::class, 'saveCommunity']);
|
|
$routeCollection->get('community-members', 'members', [RVR\Controller\CommunityController::class, 'getMembersEdit']);
|
|
$routeCollection->post('community-members-new', 'newMember', [RVR\Controller\CommunityController::class, 'newMember']);
|
|
$routeCollection->post('community-members-edit', 'editMember', [RVR\Controller\CommunityController::class, 'editMember']);
|
|
$routeCollection->post('community-members-delete', 'deleteMember', [RVR\Controller\CommunityController::class, 'deleteMember']);
|
|
});
|
|
});
|
|
|
|
Container::$sessionHandler = new SokoWeb\Session\DatabaseSessionHandler();
|
|
|
|
session_set_save_handler(Container::$sessionHandler, true);
|
|
session_start([
|
|
'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
|
|
'cookie_lifetime' => 604800,
|
|
'cookie_path' => '/',
|
|
'cookie_httponly' => true,
|
|
'cookie_samesite' => 'Lax'
|
|
]);
|
|
|
|
if (isset($_COOKIE[session_name()])) {
|
|
// extend session cookie lifetime is cookie already exists
|
|
setcookie(session_name(), session_id(), [
|
|
'expires' => time() + 604800,
|
|
'path' => '/',
|
|
'httponly' => true,
|
|
'samesite' => 'Lax'
|
|
]);
|
|
}
|
|
|
|
// this is needed to handle old type of session IDs
|
|
if (!Container::$sessionHandler->validateId(session_id())) {
|
|
session_regenerate_id(true);
|
|
}
|
|
|
|
Container::$request = new SokoWeb\Request\Request(
|
|
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'],
|
|
$_GET,
|
|
$_POST,
|
|
$_SESSION,
|
|
new RVR\Repository\UserRepository()
|
|
);
|
|
|
|
if (!Container::$request->session()->has('anti_csrf_token')) {
|
|
Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
|
|
}
|
|
|
|
//TODO: make a nicer logic
|
|
$antiCsrfTokenExceptions = ['oauth/token'];
|