5 files changed, 172 insertions, 0 deletions
diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php
new file mode 100644
index 00000000..fa6c6467
--- /dev/null
+++ b/application/front/ShaarliMiddleware.php
@@ -0,0 +1,57 @@
+<?php
+namespace Shaarli\Front;
+use Shaarli\Container\ShaarliContainer;
+use Shaarli\Front\Exception\ShaarliException;
+use Slim\Http\Request;
+use Slim\Http\Response;
+/**
+ * Class ShaarliMiddleware
+ *
+ * This will be called before accessing any Shaarli controller.
+ */
+class ShaarliMiddleware
+{
+    /** @var ShaarliContainer contains all Shaarli DI */
+    protected $container;
+    public function __construct(ShaarliContainer $container)
+    {
+        $this->container = $container;
+    }
+    /**
+     * Middleware execution:
+     *   - execute the controller
+     *   - return the response
+     *
+     * In case of error, the error template will be displayed with the exception message.
+     *
+     * @param  Request  $request  Slim request
+     * @param  Response $response Slim response
+     * @param  callable $next     Next action
+     *
+     * @return Response response.
+     */
+    public function __invoke(Request $request, Response $response, callable $next)
+    {
+        try {
+            $response = $next($request, $response);
+        } catch (ShaarliException $e) {
+            $this->container->pageBuilder->assign('message', $e->getMessage());
+            if ($this->container->conf->get('dev.debug', false)) {
+                $this->container->pageBuilder->assign(
+                    'stacktrace',
+                    nl2br(get_class($this) .': '. $e->getTraceAsString())
+                );
+            }
+            $response = $response->withStatus($e->getCode());
+            $response = $response->write($this->container->pageBuilder->render('error'));
+        }
+        return $response;
+    }
+}
diff --git a/application/front/controllers/LoginController.php b/application/front/controllers/LoginController.php
new file mode 100644
index 00000000..47fa3ee3
--- /dev/null
+++ b/application/front/controllers/LoginController.php
@@ -0,0 +1,46 @@
+<?php
+declare(strict_types=1);
+namespace Shaarli\Front\Controller;
+use Shaarli\Front\Exception\LoginBannedException;
+use Slim\Http\Request;
+use Slim\Http\Response;
+/**
+ * Class LoginController
+ *
+ * Slim controller used to render the login page.
+ *
+ * The login page is not available if the user is banned
+ * or if open shaarli setting is enabled.
+ *
+ * @package Front\Controller
+ */
+class LoginController extends ShaarliController
+{
+    public function index(Request $request, Response $response): Response
+    {
+        if ($this->ci->loginManager->isLoggedIn() || $this->ci->conf->get('security.open_shaarli', false)) {
+            return $response->withRedirect('./');
+        }
+        $userCanLogin = $this->ci->loginManager->canLogin($request->getServerParams());
+        if ($userCanLogin !== true) {
+            throw new LoginBannedException();
+        }
+        if ($request->getParam('username') !== null) {
+            $this->assignView('username', escape($request->getParam('username')));
+        }
+        $this
+            ->assignView('returnurl', escape($request->getServerParam('HTTP_REFERER')))
+            ->assignView('remember_user_default', $this->ci->conf->get('privacy.remember_user_default', true))
+            ->assignView('pagetitle', t('Login') .' - '. $this->ci->conf->get('general.title', 'Shaarli'))
+        ;
+        return $response->write($this->ci->pageBuilder->render('loginform'));
+    }
+}
diff --git a/application/front/controllers/ShaarliController.php b/application/front/controllers/ShaarliController.php
new file mode 100644
index 00000000..2a166c3c
--- /dev/null
+++ b/application/front/controllers/ShaarliController.php
@@ -0,0 +1,31 @@
+<?php
+declare(strict_types=1);
+namespace Shaarli\Front\Controller;
+use Shaarli\Container\ShaarliContainer;
+abstract class ShaarliController
+{
+    /** @var ShaarliContainer */
+    protected $ci;
+    /** @param ShaarliContainer $ci Slim container (extended for attribute completion). */
+    public function __construct(ShaarliContainer $ci)
+    {
+        $this->ci = $ci;
+    }
+    /**
+     * Assign variables to RainTPL template through the PageBuilder.
+     *
+     * @param mixed $value Value to assign to the template
+     */
+    protected function assignView(string $name, $value): self
+    {
+        $this->ci->pageBuilder->assign($name, $value);
+        return $this;
+    }
+}
diff --git a/application/front/exceptions/LoginBannedException.php b/application/front/exceptions/LoginBannedException.php
new file mode 100644
index 00000000..b31a4a14
--- /dev/null
+++ b/application/front/exceptions/LoginBannedException.php
@@ -0,0 +1,15 @@
+<?php
+declare(strict_types=1);
+namespace Shaarli\Front\Exception;
+class LoginBannedException extends ShaarliException
+{
+    public function __construct()
+    {
+        $message = t('You have been banned after too many failed login attempts. Try again later.');
+        parent::__construct($message, 401);
+    }
+}
diff --git a/application/front/exceptions/ShaarliException.php b/application/front/exceptions/ShaarliException.php
new file mode 100644
index 00000000..800bfbec
--- /dev/null
+++ b/application/front/exceptions/ShaarliException.php
@@ -0,0 +1,23 @@
+<?php
+declare(strict_types=1);
+namespace Shaarli\Front\Exception;
+use Throwable;
+/**
+ * Class ShaarliException
+ *
+ * Abstract exception class used to defined any custom exception thrown during front rendering.
+ *
+ * @package Front\Exception
+ */
+abstract class ShaarliException extends \Exception
+{
+    /** Override parent constructor to force $message and $httpCode parameters to be set. */
+    public function __construct(string $message, int $httpCode, Throwable $previous = null)
+    {
+        parent::__construct($message, $httpCode, $previous);
+    }
+}

diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php new file mode 100644 index 00000000..fa6c6467 --- /dev/null +++ b/application/front/ShaarliMiddleware.php
@@ -0,0 +1,57 @@
	1	<?php
	2
	3	namespace Shaarli\Front;
	4
	5	use Shaarli\Container\ShaarliContainer;
	6	use Shaarli\Front\Exception\ShaarliException;
	7	use Slim\Http\Request;
	8	use Slim\Http\Response;
	9
	10	/**
	11	* Class ShaarliMiddleware
	12	*
	13	* This will be called before accessing any Shaarli controller.
	14	*/
	15	class ShaarliMiddleware
	16	{
	17	/** @var ShaarliContainer contains all Shaarli DI */
	18	protected $container;
	19
	20	public function __construct(ShaarliContainer $container)
	21	{
	22	$this->container = $container;
	23	}
	24
	25	/**
	26	* Middleware execution:
	27	* - execute the controller
	28	* - return the response
	29	*
	30	* In case of error, the error template will be displayed with the exception message.
	31	*
	32	* @param Request $request Slim request
	33	* @param Response $response Slim response
	34	* @param callable $next Next action
	35	*
	36	* @return Response response.
	37	*/
	38	public function __invoke(Request $request, Response $response, callable $next)
	39	{
	40	try {
	41	$response = $next($request, $response);
	42	} catch (ShaarliException $e) {
	43	$this->container->pageBuilder->assign('message', $e->getMessage());
	44	if ($this->container->conf->get('dev.debug', false)) {
	45	$this->container->pageBuilder->assign(
	46	'stacktrace',
	47	nl2br(get_class($this) .': '. $e->getTraceAsString())
	48	);
	49	}
	50
	51	$response = $response->withStatus($e->getCode());
	52	$response = $response->write($this->container->pageBuilder->render('error'));
	53	}
	54
	55	return $response;
	56	}
	57	}


diff --git a/application/front/controllers/LoginController.php b/application/front/controllers/LoginController.php new file mode 100644 index 00000000..47fa3ee3 --- /dev/null +++ b/application/front/controllers/LoginController.php
@@ -0,0 +1,46 @@
	1	<?php
	2
	3	declare(strict_types=1);
	4
	5	namespace Shaarli\Front\Controller;
	6
	7	use Shaarli\Front\Exception\LoginBannedException;
	8	use Slim\Http\Request;
	9	use Slim\Http\Response;
	10
	11	/**
	12	* Class LoginController
	13	*
	14	* Slim controller used to render the login page.
	15	*
	16	* The login page is not available if the user is banned
	17	* or if open shaarli setting is enabled.
	18	*
	19	* @package Front\Controller
	20	*/
	21	class LoginController extends ShaarliController
	22	{
	23	public function index(Request $request, Response $response): Response
	24	{
	25	if ($this->ci->loginManager->isLoggedIn() \|\| $this->ci->conf->get('security.open_shaarli', false)) {
	26	return $response->withRedirect('./');
	27	}
	28
	29	$userCanLogin = $this->ci->loginManager->canLogin($request->getServerParams());
	30	if ($userCanLogin !== true) {
	31	throw new LoginBannedException();
	32	}
	33
	34	if ($request->getParam('username') !== null) {
	35	$this->assignView('username', escape($request->getParam('username')));
	36	}
	37
	38	$this
	39	->assignView('returnurl', escape($request->getServerParam('HTTP_REFERER')))
	40	->assignView('remember_user_default', $this->ci->conf->get('privacy.remember_user_default', true))
	41	->assignView('pagetitle', t('Login') .' - '. $this->ci->conf->get('general.title', 'Shaarli'))
	42	;
	43
	44	return $response->write($this->ci->pageBuilder->render('loginform'));
	45	}
	46	}


diff --git a/application/front/controllers/ShaarliController.php b/application/front/controllers/ShaarliController.php new file mode 100644 index 00000000..2a166c3c --- /dev/null +++ b/application/front/controllers/ShaarliController.php
@@ -0,0 +1,31 @@
	1	<?php
	2
	3	declare(strict_types=1);
	4
	5	namespace Shaarli\Front\Controller;
	6
	7	use Shaarli\Container\ShaarliContainer;
	8
	9	abstract class ShaarliController
	10	{
	11	/** @var ShaarliContainer */
	12	protected $ci;
	13
	14	/** @param ShaarliContainer $ci Slim container (extended for attribute completion). */
	15	public function __construct(ShaarliContainer $ci)
	16	{
	17	$this->ci = $ci;
	18	}
	19
	20	/**
	21	* Assign variables to RainTPL template through the PageBuilder.
	22	*
	23	* @param mixed $value Value to assign to the template
	24	*/
	25	protected function assignView(string $name, $value): self
	26	{
	27	$this->ci->pageBuilder->assign($name, $value);
	28
	29	return $this;
	30	}
	31	}


diff --git a/application/front/exceptions/LoginBannedException.php b/application/front/exceptions/LoginBannedException.php new file mode 100644 index 00000000..b31a4a14 --- /dev/null +++ b/application/front/exceptions/LoginBannedException.php
@@ -0,0 +1,15 @@
	1	<?php
	2
	3	declare(strict_types=1);
	4
	5	namespace Shaarli\Front\Exception;
	6
	7	class LoginBannedException extends ShaarliException
	8	{
	9	public function __construct()
	10	{
	11	$message = t('You have been banned after too many failed login attempts. Try again later.');
	12
	13	parent::__construct($message, 401);
	14	}
	15	}


diff --git a/application/front/exceptions/ShaarliException.php b/application/front/exceptions/ShaarliException.php new file mode 100644 index 00000000..800bfbec --- /dev/null +++ b/application/front/exceptions/ShaarliException.php
@@ -0,0 +1,23 @@
	1	<?php
	2
	3	declare(strict_types=1);
	4
	5	namespace Shaarli\Front\Exception;
	6
	7	use Throwable;
	8
	9	/**
	10	* Class ShaarliException
	11	*
	12	* Abstract exception class used to defined any custom exception thrown during front rendering.
	13	*
	14	* @package Front\Exception
	15	*/
	16	abstract class ShaarliException extends \Exception
	17	{
	18	/** Override parent constructor to force $message and $httpCode parameters to be set. */
	19	public function __construct(string $message, int $httpCode, Throwable $previous = null)
	20	{
	21	parent::__construct($message, $httpCode, $previous);
	22	}
	23	}