aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-06-21 12:21:31 +0200
committerArthurHoaro <arthur@hoa.ro>2020-07-23 21:19:21 +0200
commit764d34a7d347d653414e5f5c632e02499edaef04 (patch)
tree1e642a893beefd95bfa82c7beeb416449238b4ec
parent1b8620b1ad4e2c647ff2d032c8e7c6687b6647a1 (diff)
downloadShaarli-764d34a7d347d653414e5f5c632e02499edaef04.tar.gz
Shaarli-764d34a7d347d653414e5f5c632e02499edaef04.tar.zst
Shaarli-764d34a7d347d653414e5f5c632e02499edaef04.zip
Process token retrieve through Slim controller
Diffstat
-rw-r--r--application/front/controller/admin/TokenController.php26
-rw-r--r--assets/common/js/thumbnails-update.js2
-rw-r--r--assets/default/js/base.js2
-rw-r--r--index.php4
-rw-r--r--tests/front/controller/admin/TokenControllerTest.php41
5 files changed, 71 insertions, 4 deletions
diff --git a/application/front/controller/admin/TokenController.php b/application/front/controller/admin/TokenController.php
new file mode 100644
index 00000000..08d68d0a
--- /dev/null
+++ b/application/front/controller/admin/TokenController.php
@@ -0,0 +1,26 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Slim\Http\Request;
8use Slim\Http\Response;
9
10/**
11 * Class TokenController
12 *
13 * Endpoint used to retrieve a XSRF token. Useful for AJAX requests.
14 */
15class TokenController extends ShaarliAdminController
16{
17 /**
18 * GET /admin/token
19 */
20 public function getToken(Request $request, Response $response): Response
21 {
22 $response = $response->withHeader('Content-Type', 'text/plain');
23
24 return $response->write($this->container->sessionManager->generateToken());
25 }
26}
diff --git a/assets/common/js/thumbnails-update.js b/assets/common/js/thumbnails-update.js
index 35608169..b37a32f3 100644
--- a/assets/common/js/thumbnails-update.js
+++ b/assets/common/js/thumbnails-update.js
@@ -33,7 +33,7 @@ function updateThumb(basePath, ids, i, elements) {
33 elements.thumbnail.innerHTML = `<img src="${response.thumbnail}">`; 33 elements.thumbnail.innerHTML = `<img src="${response.thumbnail}">`;
34 } 34 }
35 if (i < ids.length) { 35 if (i < ids.length) {
36 updateThumb(ids, i, elements); 36 updateThumb(basePath, ids, i, elements);
37 } 37 }
38 } 38 }
39 }; 39 };
diff --git a/assets/default/js/base.js b/assets/default/js/base.js
index af3d650c..76e4fe2a 100644
--- a/assets/default/js/base.js
+++ b/assets/default/js/base.js
@@ -27,7 +27,7 @@ function findParent(element, tagName, attributes) {
27 */ 27 */
28function refreshToken(basePath) { 28function refreshToken(basePath) {
29 const xhr = new XMLHttpRequest(); 29 const xhr = new XMLHttpRequest();
30 xhr.open('GET', `${basePath}/?do=token`); 30 xhr.open('GET', `${basePath}/admin/token`);
31 xhr.onload = () => { 31 xhr.onload = () => {
32 const token = document.getElementById('token'); 32 const token = document.getElementById('token');
33 token.setAttribute('value', xhr.responseText); 33 token.setAttribute('value', xhr.responseText);
diff --git a/index.php b/index.php
index 1571df60..9202cb84 100644
--- a/index.php
+++ b/index.php
@@ -597,8 +597,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
597 597
598 // Get a fresh token 598 // Get a fresh token
599 if ($targetPage == Router::$GET_TOKEN) { 599 if ($targetPage == Router::$GET_TOKEN) {
600 header('Content-Type:text/plain'); 600 header('Location: ./admin/token');
601 echo $sessionManager->generateToken();
602 exit; 601 exit;
603 } 602 }
604 603
@@ -978,6 +977,7 @@ $app->group('', function () {
978 $this->post('/admin/import', '\Shaarli\Front\Controller\Admin\ImportController:import'); 977 $this->post('/admin/import', '\Shaarli\Front\Controller\Admin\ImportController:import');
979 $this->get('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:index'); 978 $this->get('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:index');
980 $this->post('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:save'); 979 $this->post('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:save');
980 $this->get('/admin/token', '\Shaarli\Front\Controller\Admin\TokenController:getToken');
981 981
982 $this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage'); 982 $this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage');
983 $this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility'); 983 $this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');
diff --git a/tests/front/controller/admin/TokenControllerTest.php b/tests/front/controller/admin/TokenControllerTest.php
new file mode 100644
index 00000000..04b0c0fa
--- /dev/null
+++ b/tests/front/controller/admin/TokenControllerTest.php
@@ -0,0 +1,41 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use PHPUnit\Framework\TestCase;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11class TokenControllerTest extends TestCase
12{
13 use FrontAdminControllerMockHelper;
14
15 /** @var TokenController */
16 protected $controller;
17
18 public function setUp(): void
19 {
20 $this->createContainer();
21
22 $this->controller = new TokenController($this->container);
23 }
24
25 public function testGetToken(): void
26 {
27 $request = $this->createMock(Request::class);
28 $response = new Response();
29
30 $this->container->sessionManager
31 ->expects(static::once())
32 ->method('generateToken')
33 ->willReturn($token = 'token1234')
34 ;
35
36 $result = $this->controller->getToken($request, $response);
37
38 static::assertSame(200, $result->getStatusCode());
39 static::assertSame($token, (string) $result->getBody());
40 }
41}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 08:19:00 +0000