mirror/php-rss-bridge
1
0
Fork 0
mirror of https://github.com/RSS-Bridge/rss-bridge.git synced 2025-08-01 06:10:22 +02:00
Code Issues Releases Wiki Activity

refactor: prepare for introduction of token based authentication (#3921)

Browse Source
This commit is contained in:
Dag
2024-01-24 23:06:23 +01:00
committed by GitHub
parent 1262cc982c
commit 06b299e627
10 changed files with 240 additions and 291 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
actions/DisplayAction.php
View File

@@ -13,13 +13,6 @@ class DisplayAction implements ActionInterface
public function execute(array $request)
{
if (Configuration::getConfig('system', 'enable_maintenance_mode')) {
return new Response(render(__DIR__ . '/../templates/error.html.php', [
'title' => '503 Service Unavailable',
'message' => 'RSS-Bridge is down for maintenance.',
]), 503);
}
$cacheKey = 'http_' . json_encode($request);
/** @var Response $cachedResponse */
$cachedResponse = $this->cache->get($cacheKey);
@@ -118,6 +111,7 @@ class DisplayAction implements ActionInterface
}
$feed = $bridge->getFeed();
} catch (\Exception $e) {
// Probably an exception inside a bridge
if ($e instanceof HttpException) {
// Reproduce (and log) these responses regardless of error output and report limit
if ($e->getCode() === 429) {

25
actions/SetBridgeCacheAction.php
View File

@@ -11,9 +11,30 @@ class SetBridgeCacheAction implements ActionInterface
public function execute(array $request)
{
$authenticationMiddleware = new ApiAuthenticationMiddleware();
$authenticationMiddleware($request);
// Authentication
$accessTokenInConfig = Configuration::getConfig('authentication', 'access_token');
if (!$accessTokenInConfig) {
return new Response('Access token is not set in this instance', 403, ['content-type' => 'text/plain']);
}
if (isset($request['access_token'])) {
$accessTokenGiven = $request['access_token'];
} else {
$header = trim($_SERVER['HTTP_AUTHORIZATION'] ?? '');
$position = strrpos($header, 'Bearer ');
if ($position !== false) {
$accessTokenGiven = substr($header, $position + 7);
} else {
$accessTokenGiven = '';
}
}
if (!$accessTokenGiven) {
return new Response('No access token given', 403, ['content-type' => 'text/plain']);
}
if (! hash_equals($accessTokenInConfig, $accessTokenGiven)) {
return new Response('Incorrect access token', 403, ['content-type' => 'text/plain']);
}
// Begin actual work
$key = $request['key'] ?? null;
if (!$key) {
returnClientError('You must specify key!');