From 27e21231e168e5a2a89563b2538a4f86df24e582 Mon Sep 17 00:00:00 2001 From: Willi Eggeling Date: Thu, 31 Aug 2017 00:39:15 +0200 Subject: [PATCH] added option to redirect all anonymous users to login page - new setting *force_login* added and documented - if both, *force_login* and *hide_public_links* are set to true, all requests (except for the feeds) are redirected to the login page --- application/config/ConfigManager.php | 1 + doc/md/Shaarli-configuration.md | 2 ++ index.php | 17 +++++++++++++++++ 3 files changed, 20 insertions(+) diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php index fdd5b3d7..32f6ef6d 100644 --- a/application/config/ConfigManager.php +++ b/application/config/ConfigManager.php @@ -327,6 +327,7 @@ class ConfigManager $this->setEmpty('privacy.default_private_links', false); $this->setEmpty('privacy.hide_public_links', false); + $this->setEmpty('privacy.force_login', false); $this->setEmpty('privacy.hide_timestamps', false); // default state of the 'remember me' checkbox of the login form $this->setEmpty('privacy.remember_user_default', true); diff --git a/doc/md/Shaarli-configuration.md b/doc/md/Shaarli-configuration.md index d90e95eb..37486414 100644 --- a/doc/md/Shaarli-configuration.md +++ b/doc/md/Shaarli-configuration.md @@ -90,6 +90,7 @@ _These settings should not be edited_ - **default_private_links**: Check the private checkbox by default for every new link. - **hide_public_links**: All links are hidden while logged out. +- **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page. - **hide_timestamps**: Timestamps are hidden. - **remember_user_default**: Default state of the login page's *remember me* checkbox - `true`: checked by default, `false`: unchecked by default @@ -194,6 +195,7 @@ _These settings should not be edited_ "privacy": { "default_private_links": true, "hide_public_links": false, + "force_login": false, "hide_timestamps": false, "remember_user_default": true }, diff --git a/index.php b/index.php index 218d317d..fb00a9fa 100644 --- a/index.php +++ b/index.php @@ -718,6 +718,23 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; $targetPage = Router::findPage($query, $_GET, isLoggedIn()); + if ( + // if the user isn't logged in + !isLoggedIn() && + // and Shaarli doesn't have public content... + $conf->get('privacy.hide_public_links') && + // and is configured to enforce the login + $conf->get('privacy.force_login') && + // and the current page isn't already the login page + $targetPage !== Router::$PAGE_LOGIN && + // and the user is not requesting a feed (which would lead to a different content-type as expected) + $targetPage !== Router::$PAGE_FEED_ATOM && + $targetPage !== Router::$PAGE_FEED_RSS + ) { + // force current page to be the login page + $targetPage = Router::$PAGE_LOGIN; + } + // Call plugin hooks for header, footer and includes, specifying which page will be rendered. // Then assign generated data to RainTPL. $common_hooks = array( -- 2.41.0