mirror of
https://github.com/flarum/core.git
synced 2025-10-15 00:44:40 +02:00
merges 5.5 and master into next-back
This commit is contained in:
Daniël Klabbers
@@ -20,10 +20,7 @@ use Zend\Stratigility\MiddlewareInterface;
|
||||
|
||||
class AuthenticateWithHeader implements MiddlewareInterface
|
||||
{
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
protected $prefix = 'Token ';
|
||||
const TOKEN_PREFIX = 'Token ';
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
@@ -34,13 +31,14 @@ class AuthenticateWithHeader implements MiddlewareInterface
|
||||
|
||||
$parts = explode(';', $headerLine);
|
||||
|
||||
if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) {
|
||||
$id = substr($parts[0], strlen($this->prefix));
|
||||
if (isset($parts[0]) && starts_with($parts[0], self::TOKEN_PREFIX)) {
|
||||
$id = substr($parts[0], strlen(self::TOKEN_PREFIX));
|
||||
|
||||
if (isset($parts[1])) {
|
||||
if (ApiKey::find($id)) {
|
||||
if ($key = ApiKey::find($id)) {
|
||||
$actor = $this->getUser($parts[1]);
|
||||
|
||||
$request = $request->withAttribute('apiKey', $key);
|
||||
$request = $request->withAttribute('bypassFloodgate', true);
|
||||
}
|
||||
} elseif ($token = AccessToken::find($id)) {
|
||||
|
||||
@@ -12,38 +12,55 @@
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Exception;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Franzl\Middleware\Whoops\ErrorMiddleware as WhoopsMiddleware;
|
||||
use Illuminate\Contracts\View\Factory as ViewFactory;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\Translation\TranslatorInterface;
|
||||
use Zend\Diactoros\Response\HtmlResponse;
|
||||
|
||||
class HandleErrors
|
||||
{
|
||||
/**
|
||||
* @var string
|
||||
* @var ViewFactory
|
||||
*/
|
||||
protected $templateDir;
|
||||
protected $view;
|
||||
|
||||
/**
|
||||
* @var LoggerInterface
|
||||
*/
|
||||
protected $logger;
|
||||
|
||||
/**
|
||||
* @var TranslatorInterface
|
||||
*/
|
||||
protected $translator;
|
||||
|
||||
/**
|
||||
* @var SettingsRepositoryInterface
|
||||
*/
|
||||
protected $settings;
|
||||
|
||||
/**
|
||||
* @var bool
|
||||
*/
|
||||
protected $debug;
|
||||
|
||||
/**
|
||||
* @param string $templateDir
|
||||
* @param ViewFactory $view
|
||||
* @param LoggerInterface $logger
|
||||
* @param TranslatorInterface $translator
|
||||
* @param SettingsRepositoryInterface $settings
|
||||
* @param bool $debug
|
||||
*/
|
||||
public function __construct($templateDir, LoggerInterface $logger, $debug = false)
|
||||
public function __construct(ViewFactory $view, LoggerInterface $logger, TranslatorInterface $translator, SettingsRepositoryInterface $settings, $debug = false)
|
||||
{
|
||||
$this->templateDir = $templateDir;
|
||||
$this->view = $view;
|
||||
$this->logger = $logger;
|
||||
$this->translator = $translator;
|
||||
$this->settings = $settings;
|
||||
$this->debug = $debug;
|
||||
}
|
||||
|
||||
@@ -75,7 +92,7 @@ class HandleErrors
|
||||
$status = $errorCode;
|
||||
}
|
||||
|
||||
if ($this->debug && ! in_array($errorCode, [403, 404])) {
|
||||
if ($this->debug) {
|
||||
$whoops = new WhoopsMiddleware;
|
||||
|
||||
return $whoops($error, $request, $response, $out);
|
||||
@@ -84,21 +101,33 @@ class HandleErrors
|
||||
// Log the exception (with trace)
|
||||
$this->logger->debug($error);
|
||||
|
||||
$errorPage = $this->getErrorPage($status);
|
||||
|
||||
return new HtmlResponse($errorPage, $status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $status
|
||||
* @return string
|
||||
*/
|
||||
protected function getErrorPage($status)
|
||||
{
|
||||
if (! file_exists($errorPage = $this->templateDir."/$status.html")) {
|
||||
$errorPage = $this->templateDir.'/500.html';
|
||||
if (! $this->view->exists($name = 'flarum.forum::error.'.$status)) {
|
||||
$name = 'flarum.forum::error.default';
|
||||
}
|
||||
|
||||
return file_get_contents($errorPage);
|
||||
$view = $this->view->make($name)
|
||||
->with('error', $error)
|
||||
->with('message', $this->getMessage($status));
|
||||
|
||||
return new HtmlResponse($view->render(), $status);
|
||||
}
|
||||
|
||||
private function getMessage($status)
|
||||
{
|
||||
if (! $translation = $this->getTranslationIfExists($status)) {
|
||||
if (! $translation = $this->getTranslationIfExists(500)) {
|
||||
$translation = 'An error occurred while trying to load this page.';
|
||||
}
|
||||
}
|
||||
|
||||
return $translation;
|
||||
}
|
||||
|
||||
private function getTranslationIfExists($status)
|
||||
{
|
||||
$key = 'core.views.error.'.$status.'_message';
|
||||
$translation = $this->translator->trans($key, ['{forum}' => $this->settings->get('forum_title')]);
|
||||
|
||||
return $translation === $key ? false : $translation;
|
||||
}
|
||||
}
|
||||
|
||||
62
src/Http/Middleware/ShareErrorsFromSession.php
Normal file
62
src/Http/Middleware/ShareErrorsFromSession.php
Normal file
@@ -0,0 +1,62 @@
|
||||
<?php
|
||||
/*
|
||||
* This file is part of Flarum.
|
||||
*
|
||||
* (c) Toby Zerner <toby.zerner@gmail.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Illuminate\Contracts\View\Factory as ViewFactory;
|
||||
use Illuminate\Support\ViewErrorBag;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Zend\Stratigility\MiddlewareInterface;
|
||||
|
||||
/**
|
||||
* Inspired by Illuminate\View\Middleware\ShareErrorsFromSession.
|
||||
*
|
||||
* @author Taylor Otwell
|
||||
*/
|
||||
class ShareErrorsFromSession implements MiddlewareInterface
|
||||
{
|
||||
/**
|
||||
* @var ViewFactory
|
||||
*/
|
||||
protected $view;
|
||||
|
||||
/**
|
||||
* @param ViewFactory $view
|
||||
*/
|
||||
public function __construct(ViewFactory $view)
|
||||
{
|
||||
$this->view = $view;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function __invoke(Request $request, Response $response, callable $out = null)
|
||||
{
|
||||
$session = $request->getAttribute('session');
|
||||
|
||||
// If the current session has an "errors" variable bound to it, we will share
|
||||
// its value with all view instances so the views can easily access errors
|
||||
// without having to bind. An empty bag is set when there aren't errors.
|
||||
$this->view->share(
|
||||
'errors', $session->get('errors', new ViewErrorBag)
|
||||
);
|
||||
|
||||
// Putting the errors in the view for every view allows the developer to just
|
||||
// assume that some errors are always available, which is convenient since
|
||||
// they don't have to continually run checks for the presence of errors.
|
||||
|
||||
$session->remove('errors');
|
||||
|
||||
return $out ? $out($request, $response) : $response;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,13 +22,14 @@ use Zend\Stratigility\MiddlewareInterface;
|
||||
|
||||
class StartSession implements MiddlewareInterface
|
||||
{
|
||||
const COOKIE_NAME = 'session';
|
||||
|
||||
/**
|
||||
* @var CookieFactory
|
||||
*/
|
||||
protected $cookie;
|
||||
|
||||
/**
|
||||
* Rememberer constructor.
|
||||
* @param CookieFactory $cookie
|
||||
*/
|
||||
public function __construct(CookieFactory $cookie)
|
||||
@@ -56,7 +57,7 @@ class StartSession implements MiddlewareInterface
|
||||
{
|
||||
$session = new Session;
|
||||
|
||||
$session->setName('flarum_session');
|
||||
$session->setName($this->cookie->getName(self::COOKIE_NAME));
|
||||
$session->start();
|
||||
|
||||
if (! $session->has('csrf_token')) {
|
||||
@@ -79,7 +80,7 @@ class StartSession implements MiddlewareInterface
|
||||
{
|
||||
return FigResponseCookies::set(
|
||||
$response,
|
||||
$this->cookie->make($session->getName(), $session->getId())
|
||||
$this->cookie->make(self::COOKIE_NAME, $session->getId())
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user