Fixed private mode not working as expected with the router.
This commit is contained in:
parent
fa80803dd2
commit
42fc65abbc
5 changed files with 38 additions and 18 deletions
41
misuzu.php
41
misuzu.php
|
|
@ -228,31 +228,38 @@ if($authToken->isValid()) {
|
||||||
CSRF::setGlobalSecretKey(Config::get('csrf.secret', Config::TYPE_STR, 'soup'));
|
CSRF::setGlobalSecretKey(Config::get('csrf.secret', Config::TYPE_STR, 'soup'));
|
||||||
CSRF::setGlobalIdentity(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : IPAddress::remote());
|
CSRF::setGlobalIdentity(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : IPAddress::remote());
|
||||||
|
|
||||||
if(Config::get('private.enabled', Config::TYPE_BOOL)) {
|
function mszLockdown(): void {
|
||||||
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
global $misuzuBypassLockdown, $userDisplayInfo;
|
||||||
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
|
||||||
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
|
||||||
|
|
||||||
if(!$misuzuBypassLockdown) {
|
if(Config::get('private.enabled', Config::TYPE_BOOL)) {
|
||||||
if(UserSession::hasCurrent()) {
|
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
||||||
$privatePermCat = Config::get('private.perm.cat', Config::TYPE_STR);
|
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
||||||
$privatePermVal = Config::get('private.perm.val', Config::TYPE_INT);
|
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
||||||
|
|
||||||
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
if(!$misuzuBypassLockdown) {
|
||||||
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
if(UserSession::hasCurrent()) {
|
||||||
// au revoir
|
$privatePermCat = Config::get('private.perm.cat', Config::TYPE_STR);
|
||||||
unset($userDisplayInfo);
|
$privatePermVal = Config::get('private.perm.val', Config::TYPE_INT);
|
||||||
UserSession::unsetCurrent();
|
|
||||||
User::unsetCurrent();
|
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
||||||
|
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
||||||
|
// au revoir
|
||||||
|
unset($userDisplayInfo);
|
||||||
|
UserSession::unsetCurrent();
|
||||||
|
User::unsetCurrent();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
} elseif(!$onLoginPage && !($onPasswordPage && Config::get('private.allow_password_reset', Config::TYPE_BOOL, true))) {
|
||||||
|
url_redirect('auth-login');
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
} elseif(!$onLoginPage && !($onPasswordPage && Config::get('private.allow_password_reset', Config::TYPE_BOOL, true))) {
|
|
||||||
url_redirect('auth-login');
|
|
||||||
exit;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) !== '/index.php')
|
||||||
|
mszLockdown();
|
||||||
|
|
||||||
// delete these
|
// delete these
|
||||||
if(!empty($userDisplayInfo))
|
if(!empty($userDisplayInfo))
|
||||||
Template::set('current_user', $userDisplayInfo);
|
Template::set('current_user', $userDisplayInfo);
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,7 @@ final class AssetsHandler extends Handler {
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
$GLOBALS['misuzuBypassLockdown'] = true;
|
$GLOBALS['misuzuBypassLockdown'] = true;
|
||||||
|
parent::__construct();
|
||||||
}
|
}
|
||||||
|
|
||||||
private static function recurse(string $dir): string {
|
private static function recurse(string $dir): string {
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,11 @@ use HttpResponse;
|
||||||
use HttpRequest;
|
use HttpRequest;
|
||||||
|
|
||||||
final class AuthHandler extends Handler {
|
final class AuthHandler extends Handler {
|
||||||
|
public function __construct() {
|
||||||
|
$GLOBALS['misuzuBypassLockdown'] = true;
|
||||||
|
parent::__construct();
|
||||||
|
}
|
||||||
|
|
||||||
public static function legacy(HttpResponse $response, HttpRequest $request): void {
|
public static function legacy(HttpResponse $response, HttpRequest $request): void {
|
||||||
$mode = $request->getQueryParam('m', FILTER_SANITIZE_STRING);
|
$mode = $request->getQueryParam('m', FILTER_SANITIZE_STRING);
|
||||||
$destination = [
|
$destination = [
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu\Http\Handlers;
|
namespace Misuzu\Http\Handlers;
|
||||||
|
|
||||||
abstract class Handler {}
|
abstract class Handler {
|
||||||
|
public function __construct() {
|
||||||
|
\Misuzu\mszLockdown();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -52,6 +52,9 @@ final class SockChatHandler extends Handler {
|
||||||
|
|
||||||
if(is_file($hashKeyPath))
|
if(is_file($hashKeyPath))
|
||||||
$this->hashKey = file_get_contents($hashKeyPath);
|
$this->hashKey = file_get_contents($hashKeyPath);
|
||||||
|
|
||||||
|
$GLOBALS['misuzuBypassLockdown'] = true;
|
||||||
|
parent::__construct();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function phpFile(HttpResponse $response, HttpRequest $request) {
|
public function phpFile(HttpResponse $response, HttpRequest $request) {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue