mirror of
https://github.com/grocy/grocy.git
synced 2025-09-16 09:51:30 +00:00
Applied EditorConfig settings to all files
This commit is contained in:
Bernd Bestel
@@ -10,67 +10,67 @@ use Grocy\Services\ApiKeyService;
|
||||
|
||||
class ApiKeyAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName');
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName');
|
||||
}
|
||||
|
||||
protected $ApiKeyHeaderName;
|
||||
protected $ApiKeyHeaderName;
|
||||
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
|
||||
$validApiKey = true;
|
||||
$usedApiKey = null;
|
||||
$validApiKey = true;
|
||||
$usedApiKey = null;
|
||||
|
||||
$apiKeyService = new ApiKeyService();
|
||||
$apiKeyService = new ApiKeyService();
|
||||
|
||||
// First check of the API key in the configured header
|
||||
if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = false;
|
||||
}
|
||||
else
|
||||
{
|
||||
$usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName);
|
||||
}
|
||||
// First check of the API key in the configured header
|
||||
if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = false;
|
||||
}
|
||||
else
|
||||
{
|
||||
$usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName);
|
||||
}
|
||||
|
||||
// Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header)
|
||||
if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = true;
|
||||
$usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName);
|
||||
}
|
||||
// Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header)
|
||||
if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = true;
|
||||
$usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName);
|
||||
}
|
||||
|
||||
// Handling of special purpose API keys
|
||||
if (!$validApiKey)
|
||||
{
|
||||
if ($routeName === 'calendar-ical')
|
||||
{
|
||||
if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
|
||||
{
|
||||
$validApiKey = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
// Handling of special purpose API keys
|
||||
if (!$validApiKey)
|
||||
{
|
||||
if ($routeName === 'calendar-ical')
|
||||
{
|
||||
if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
|
||||
{
|
||||
$validApiKey = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($validApiKey)
|
||||
{
|
||||
return $apiKeyService->GetUserByApiKey($usedApiKey);
|
||||
if ($validApiKey)
|
||||
{
|
||||
return $apiKeyService->GetUserByApiKey($usedApiKey);
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,73 +12,73 @@ use Grocy\Services\SessionService;
|
||||
|
||||
abstract class AuthMiddleware extends BaseMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->ResponseFactory = $responseFactory;
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->ResponseFactory = $responseFactory;
|
||||
}
|
||||
|
||||
protected $ResponseFactory;
|
||||
protected $ResponseFactory;
|
||||
|
||||
public function __invoke(Request $request, RequestHandler $handler): Response
|
||||
{
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
public function __invoke(Request $request, RequestHandler $handler): Response
|
||||
{
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
|
||||
if ($routeName === 'root')
|
||||
{
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else if ($routeName === 'login')
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
||||
{
|
||||
$sessionService = SessionService::getInstance();
|
||||
$user = $sessionService->GetDefaultUser();
|
||||
if ($routeName === 'root')
|
||||
{
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else if ($routeName === 'login')
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
||||
{
|
||||
$sessionService = SessionService::getInstance();
|
||||
$user = $sessionService->GetDefaultUser();
|
||||
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = $this->authenticate($request);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = $this->authenticate($request);
|
||||
|
||||
if ($user === null)
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
if ($user === null)
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
|
||||
$response = $this->ResponseFactory->createResponse();
|
||||
if ($isApiRoute)
|
||||
{
|
||||
return $response->withStatus(401);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_ID', $user->id);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
$response = $this->ResponseFactory->createResponse();
|
||||
if ($isApiRoute)
|
||||
{
|
||||
return $response->withStatus(401);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_ID', $user->id);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
|
||||
return $response = $handler->handle($request);
|
||||
}
|
||||
}
|
||||
}
|
||||
return $response = $handler->handle($request);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param Request $request
|
||||
* @return mixed|null the user row or null if the request is not authenticated
|
||||
* @throws \Exception Throws an \Exception if config is invalid.
|
||||
*/
|
||||
protected abstract function authenticate(Request $request);
|
||||
/**
|
||||
* @param Request $request
|
||||
* @return mixed|null the user row or null if the request is not authenticated
|
||||
* @throws \Exception Throws an \Exception if config is invalid.
|
||||
*/
|
||||
protected abstract function authenticate(Request $request);
|
||||
}
|
||||
|
||||
@@ -6,19 +6,19 @@ use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
class DefaultAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
protected function authenticate(Request $request)
|
||||
{
|
||||
// First try to authenticate by API key
|
||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
if ($user !== null)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
protected function authenticate(Request $request)
|
||||
{
|
||||
// First try to authenticate by API key
|
||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
if ($user !== null)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
|
||||
// Then by session cookie
|
||||
$auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
return $user;
|
||||
}
|
||||
// Then by session cookie
|
||||
$auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
return $user;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,32 +9,32 @@ use Grocy\Services\UsersService;
|
||||
|
||||
class ReverseProxyAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
||||
}
|
||||
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
|
||||
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
|
||||
|
||||
if (count($username) !== 1)
|
||||
{
|
||||
// Invalid configuration of Proxy
|
||||
throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username));
|
||||
}
|
||||
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
|
||||
|
||||
$username = $username[0];
|
||||
if (count($username) !== 1)
|
||||
{
|
||||
// Invalid configuration of Proxy
|
||||
throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username));
|
||||
}
|
||||
|
||||
$user = $db->users()->where('username', $username)->fetch();
|
||||
|
||||
if ($user == null)
|
||||
{
|
||||
$user = UsersService::getInstance()->CreateUser($username, '', '', '');
|
||||
}
|
||||
$username = $username[0];
|
||||
|
||||
return $user;
|
||||
}
|
||||
$user = $db->users()->where('username', $username)->fetch();
|
||||
|
||||
if ($user == null)
|
||||
{
|
||||
$user = UsersService::getInstance()->CreateUser($username, '', '', '');
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,29 +10,29 @@ use Grocy\Services\SessionService;
|
||||
|
||||
class SessionAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
|
||||
}
|
||||
|
||||
protected $SessionCookieName;
|
||||
protected $SessionCookieName;
|
||||
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
|
||||
$sessionService = SessionService::getInstance();
|
||||
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
}
|
||||
}
|
||||
$sessionService = SessionService::getInstance();
|
||||
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user