aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
Diffstat (limited to 'application')
-rw-r--r--application/container/ContainerBuilder.php77
-rw-r--r--application/container/ShaarliContainer.php28
-rw-r--r--application/front/ShaarliMiddleware.php57
-rw-r--r--application/front/controllers/LoginController.php46
-rw-r--r--application/front/controllers/ShaarliController.php31
-rw-r--r--application/front/exceptions/LoginBannedException.php15
-rw-r--r--application/front/exceptions/ShaarliException.php23
-rw-r--r--application/render/PageBuilder.php17
-rw-r--r--application/security/SessionManager.php6
9 files changed, 300 insertions, 0 deletions
diff --git a/application/container/ContainerBuilder.php b/application/container/ContainerBuilder.php
new file mode 100644
index 00000000..ff29825c
--- /dev/null
+++ b/application/container/ContainerBuilder.php
@@ -0,0 +1,77 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Container;
6
7use Shaarli\Bookmark\BookmarkFileService;
8use Shaarli\Bookmark\BookmarkServiceInterface;
9use Shaarli\Config\ConfigManager;
10use Shaarli\History;
11use Shaarli\Plugin\PluginManager;
12use Shaarli\Render\PageBuilder;
13use Shaarli\Security\LoginManager;
14use Shaarli\Security\SessionManager;
15
16/**
17 * Class ContainerBuilder
18 *
19 * Helper used to build a Slim container instance with Shaarli's object dependencies.
20 * Note that most injected objects MUST be added as closures, to let the container instantiate
21 * only the objects it requires during the execution.
22 *
23 * @package Container
24 */
25class ContainerBuilder
26{
27 /** @var ConfigManager */
28 protected $conf;
29
30 /** @var SessionManager */
31 protected $session;
32
33 /** @var LoginManager */
34 protected $login;
35
36 public function __construct(ConfigManager $conf, SessionManager $session, LoginManager $login)
37 {
38 $this->conf = $conf;
39 $this->session = $session;
40 $this->login = $login;
41 }
42
43 public function build(): ShaarliContainer
44 {
45 $container = new ShaarliContainer();
46 $container['conf'] = $this->conf;
47 $container['sessionManager'] = $this->session;
48 $container['loginManager'] = $this->login;
49 $container['plugins'] = function (ShaarliContainer $container): PluginManager {
50 return new PluginManager($container->conf);
51 };
52
53 $container['history'] = function (ShaarliContainer $container): History {
54 return new History($container->conf->get('resource.history'));
55 };
56
57 $container['bookmarkService'] = function (ShaarliContainer $container): BookmarkServiceInterface {
58 return new BookmarkFileService(
59 $container->conf,
60 $container->history,
61 $container->loginManager->isLoggedIn()
62 );
63 };
64
65 $container['pageBuilder'] = function (ShaarliContainer $container): PageBuilder {
66 return new PageBuilder(
67 $container->conf,
68 $container->sessionManager->getSession(),
69 $container->bookmarkService,
70 $container->sessionManager->generateToken(),
71 $container->loginManager->isLoggedIn()
72 );
73 };
74
75 return $container;
76 }
77}
diff --git a/application/container/ShaarliContainer.php b/application/container/ShaarliContainer.php
new file mode 100644
index 00000000..f5483d5e
--- /dev/null
+++ b/application/container/ShaarliContainer.php
@@ -0,0 +1,28 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Container;
6
7use Shaarli\Bookmark\BookmarkServiceInterface;
8use Shaarli\Config\ConfigManager;
9use Shaarli\History;
10use Shaarli\Render\PageBuilder;
11use Shaarli\Security\LoginManager;
12use Shaarli\Security\SessionManager;
13use Slim\Container;
14
15/**
16 * Extension of Slim container to document the injected objects.
17 *
18 * @property ConfigManager $conf
19 * @property SessionManager $sessionManager
20 * @property LoginManager $loginManager
21 * @property History $history
22 * @property BookmarkServiceInterface $bookmarkService
23 * @property PageBuilder $pageBuilder
24 */
25class ShaarliContainer extends Container
26{
27
28}
diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php
new file mode 100644
index 00000000..fa6c6467
--- /dev/null
+++ b/application/front/ShaarliMiddleware.php
@@ -0,0 +1,57 @@
1<?php
2
3namespace Shaarli\Front;
4
5use Shaarli\Container\ShaarliContainer;
6use Shaarli\Front\Exception\ShaarliException;
7use Slim\Http\Request;
8use Slim\Http\Response;
9
10/**
11 * Class ShaarliMiddleware
12 *
13 * This will be called before accessing any Shaarli controller.
14 */
15class ShaarliMiddleware
16{
17 /** @var ShaarliContainer contains all Shaarli DI */
18 protected $container;
19
20 public function __construct(ShaarliContainer $container)
21 {
22 $this->container = $container;
23 }
24
25 /**
26 * Middleware execution:
27 * - execute the controller
28 * - return the response
29 *
30 * In case of error, the error template will be displayed with the exception message.
31 *
32 * @param Request $request Slim request
33 * @param Response $response Slim response
34 * @param callable $next Next action
35 *
36 * @return Response response.
37 */
38 public function __invoke(Request $request, Response $response, callable $next)
39 {
40 try {
41 $response = $next($request, $response);
42 } catch (ShaarliException $e) {
43 $this->container->pageBuilder->assign('message', $e->getMessage());
44 if ($this->container->conf->get('dev.debug', false)) {
45 $this->container->pageBuilder->assign(
46 'stacktrace',
47 nl2br(get_class($this) .': '. $e->getTraceAsString())
48 );
49 }
50
51 $response = $response->withStatus($e->getCode());
52 $response = $response->write($this->container->pageBuilder->render('error'));
53 }
54
55 return $response;
56 }
57}
diff --git a/application/front/controllers/LoginController.php b/application/front/controllers/LoginController.php
new file mode 100644
index 00000000..47fa3ee3
--- /dev/null
+++ b/application/front/controllers/LoginController.php
@@ -0,0 +1,46 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller;
6
7use Shaarli\Front\Exception\LoginBannedException;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Class LoginController
13 *
14 * Slim controller used to render the login page.
15 *
16 * The login page is not available if the user is banned
17 * or if open shaarli setting is enabled.
18 *
19 * @package Front\Controller
20 */
21class LoginController extends ShaarliController
22{
23 public function index(Request $request, Response $response): Response
24 {
25 if ($this->ci->loginManager->isLoggedIn() || $this->ci->conf->get('security.open_shaarli', false)) {
26 return $response->withRedirect('./');
27 }
28
29 $userCanLogin = $this->ci->loginManager->canLogin($request->getServerParams());
30 if ($userCanLogin !== true) {
31 throw new LoginBannedException();
32 }
33
34 if ($request->getParam('username') !== null) {
35 $this->assignView('username', escape($request->getParam('username')));
36 }
37
38 $this
39 ->assignView('returnurl', escape($request->getServerParam('HTTP_REFERER')))
40 ->assignView('remember_user_default', $this->ci->conf->get('privacy.remember_user_default', true))
41 ->assignView('pagetitle', t('Login') .' - '. $this->ci->conf->get('general.title', 'Shaarli'))
42 ;
43
44 return $response->write($this->ci->pageBuilder->render('loginform'));
45 }
46}
diff --git a/application/front/controllers/ShaarliController.php b/application/front/controllers/ShaarliController.php
new file mode 100644
index 00000000..2a166c3c
--- /dev/null
+++ b/application/front/controllers/ShaarliController.php
@@ -0,0 +1,31 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller;
6
7use Shaarli\Container\ShaarliContainer;
8
9abstract class ShaarliController
10{
11 /** @var ShaarliContainer */
12 protected $ci;
13
14 /** @param ShaarliContainer $ci Slim container (extended for attribute completion). */
15 public function __construct(ShaarliContainer $ci)
16 {
17 $this->ci = $ci;
18 }
19
20 /**
21 * Assign variables to RainTPL template through the PageBuilder.
22 *
23 * @param mixed $value Value to assign to the template
24 */
25 protected function assignView(string $name, $value): self
26 {
27 $this->ci->pageBuilder->assign($name, $value);
28
29 return $this;
30 }
31}
diff --git a/application/front/exceptions/LoginBannedException.php b/application/front/exceptions/LoginBannedException.php
new file mode 100644
index 00000000..b31a4a14
--- /dev/null
+++ b/application/front/exceptions/LoginBannedException.php
@@ -0,0 +1,15 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7class LoginBannedException extends ShaarliException
8{
9 public function __construct()
10 {
11 $message = t('You have been banned after too many failed login attempts. Try again later.');
12
13 parent::__construct($message, 401);
14 }
15}
diff --git a/application/front/exceptions/ShaarliException.php b/application/front/exceptions/ShaarliException.php
new file mode 100644
index 00000000..800bfbec
--- /dev/null
+++ b/application/front/exceptions/ShaarliException.php
@@ -0,0 +1,23 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7use Throwable;
8
9/**
10 * Class ShaarliException
11 *
12 * Abstract exception class used to defined any custom exception thrown during front rendering.
13 *
14 * @package Front\Exception
15 */
16abstract class ShaarliException extends \Exception
17{
18 /** Override parent constructor to force $message and $httpCode parameters to be set. */
19 public function __construct(string $message, int $httpCode, Throwable $previous = null)
20 {
21 parent::__construct($message, $httpCode, $previous);
22 }
23}
diff --git a/application/render/PageBuilder.php b/application/render/PageBuilder.php
index 65e85aaf..f4fefda8 100644
--- a/application/render/PageBuilder.php
+++ b/application/render/PageBuilder.php
@@ -200,6 +200,23 @@ class PageBuilder
200 } 200 }
201 201
202 /** 202 /**
203 * Render a specific page as string (using a template file).
204 * e.g. $pb->render('picwall');
205 *
206 * @param string $page Template filename (without extension).
207 *
208 * @return string Processed template content
209 */
210 public function render(string $page): string
211 {
212 if ($this->tpl === false) {
213 $this->initialize();
214 }
215
216 return $this->tpl->draw($page, true);
217 }
218
219 /**
203 * Render a 404 page (uses the template : tpl/404.tpl) 220 * Render a 404 page (uses the template : tpl/404.tpl)
204 * usage: $PAGE->render404('The link was deleted') 221 * usage: $PAGE->render404('The link was deleted')
205 * 222 *
diff --git a/application/security/SessionManager.php b/application/security/SessionManager.php
index b8b8ab8d..994fcbe5 100644
--- a/application/security/SessionManager.php
+++ b/application/security/SessionManager.php
@@ -196,4 +196,10 @@ class SessionManager
196 } 196 }
197 return true; 197 return true;
198 } 198 }
199
200 /** @return array Local reference to the global $_SESSION array */
201 public function getSession(): array
202 {
203 return $this->session;
204 }
199} 205}