diff options
Diffstat (limited to 'services/app/src/Middlewares')
6 files changed, 298 insertions, 0 deletions
diff --git a/services/app/src/Middlewares/AdminRequiredMiddleware.php b/services/app/src/Middlewares/AdminRequiredMiddleware.php new file mode 100644 index 0000000..dc81b42 --- /dev/null +++ b/services/app/src/Middlewares/AdminRequiredMiddleware.php @@ -0,0 +1,43 @@ +<?php + +declare(strict_types=1); + +namespace Nsfisis\Albatross\Middlewares; + +use LogicException; +use Nsfisis\Albatross\Models\User; +use Psr\Http\Message\ResponseFactoryInterface; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Slim\App; + +final class AdminRequiredMiddleware implements MiddlewareInterface +{ + private function __construct( + private readonly ResponseFactoryInterface $responseFactory, + ) { + } + + public static function create(App $app): self + { + return new self($app->getResponseFactory()); + } + + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $current_user = $request->getAttribute('current_user'); + if (!$current_user instanceof User) { + throw new LogicException('The route that has this middleware must have the CurrentUserMiddleware before this one'); + } + + if (!$current_user->is_admin) { + $response = $this->responseFactory->createResponse(403); + $response->getBody()->write('Forbidden'); + return $response->withHeader('Content-Type', 'text/plain'); + } + + return $handler->handle($request); + } +} diff --git a/services/app/src/Middlewares/AuthRequiredMiddleware.php b/services/app/src/Middlewares/AuthRequiredMiddleware.php new file mode 100644 index 0000000..1985a0c --- /dev/null +++ b/services/app/src/Middlewares/AuthRequiredMiddleware.php @@ -0,0 +1,43 @@ +<?php + +declare(strict_types=1); + +namespace Nsfisis\Albatross\Middlewares; + +use Psr\Http\Message\ResponseFactoryInterface; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Slim\App; + +final class AuthRequiredMiddleware implements MiddlewareInterface +{ + private function __construct( + private readonly ResponseFactoryInterface $responseFactory, + private readonly string $loginPath, + ) { + } + + public static function create( + App $app, + string $loginRouteName, + ): self { + return new self( + $app->getResponseFactory(), + $app->getRouteCollector()->getRouteParser()->urlFor($loginRouteName), + ); + } + + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $current_user = $request->getAttribute('current_user'); + if ($current_user === null) { + return $this->responseFactory + ->createResponse(302) + ->withHeader('Location', $this->loginPath . "?to=" . urlencode($request->getUri()->getPath())); + } + + return $handler->handle($request); + } +} diff --git a/services/app/src/Middlewares/CacheControlPrivateMiddleware.php b/services/app/src/Middlewares/CacheControlPrivateMiddleware.php new file mode 100644 index 0000000..4372d5c --- /dev/null +++ b/services/app/src/Middlewares/CacheControlPrivateMiddleware.php @@ -0,0 +1,23 @@ +<?php + +declare(strict_types=1); + +namespace Nsfisis\Albatross\Middlewares; + +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; + +final class CacheControlPrivateMiddleware implements MiddlewareInterface +{ + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $response = $handler->handle($request); + if ($request->getAttribute('current_user') !== null) { + return $response->withHeader('Cache-Control', 'private'); + } else { + return $response; + } + } +} diff --git a/services/app/src/Middlewares/CurrentUserMiddleware.php b/services/app/src/Middlewares/CurrentUserMiddleware.php new file mode 100644 index 0000000..a58a327 --- /dev/null +++ b/services/app/src/Middlewares/CurrentUserMiddleware.php @@ -0,0 +1,43 @@ +<?php + +declare(strict_types=1); + +namespace Nsfisis\Albatross\Middlewares; + +use Nsfisis\Albatross\Repositories\UserRepository; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; + +final class CurrentUserMiddleware implements MiddlewareInterface +{ + public function __construct( + private UserRepository $userRepo, + ) { + } + + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $request = $this->setCurrentUserAttribute($request); + return $handler->handle($request); + } + + private function setCurrentUserAttribute(ServerRequestInterface $request): ServerRequestInterface + { + if (session_status() !== PHP_SESSION_ACTIVE) { + return $request; + } + $user_id = $_SESSION['user_id'] ?? null; + if ($user_id === null) { + return $request; + } + assert(is_int($user_id) || (is_string($user_id) && is_numeric($user_id))); + $user_id = (int) $user_id; + $user = $this->userRepo->findById($user_id); + if ($user === null) { + return $request; + } + return $request->withAttribute('current_user', $user); + } +} diff --git a/services/app/src/Middlewares/TrailingSlash.php b/services/app/src/Middlewares/TrailingSlash.php new file mode 100644 index 0000000..cd0f333 --- /dev/null +++ b/services/app/src/Middlewares/TrailingSlash.php @@ -0,0 +1,113 @@ +<?php + +declare(strict_types=1); + +// phpcs:disable +/* + * Based on https://github.com/middlewares/trailing-slash + * + * Original license: + * + * The MIT License (MIT) + * + * Copyright (c) 2019 + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +// phpcs:enable + +namespace Nsfisis\Albatross\Middlewares; + +use Psr\Http\Message\ResponseFactoryInterface; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; + +class TrailingSlash implements MiddlewareInterface +{ + /** + * @var bool Add or remove the slash + */ + private $trailingSlash; + + /** + * @var ResponseFactoryInterface|null + */ + private $responseFactory; + + /** + * Configure whether add or remove the slash. + */ + public function __construct(bool $trailingSlash = false) + { + $this->trailingSlash = $trailingSlash; + } + + /** + * Whether returns a 301 response to the new path. + */ + public function redirect(ResponseFactoryInterface $responseFactory): self + { + $this->responseFactory = $responseFactory; + + return $this; + } + + /** + * Process a request and return a response. + */ + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $uri = $request->getUri(); + $path = $this->normalize($uri->getPath()); + + if (isset($this->responseFactory) && ($uri->getPath() !== $path)) { + return $this->responseFactory->createResponse(301) + ->withHeader('Location', $path); + } + + return $handler->handle($request->withUri($uri->withPath($path))); + } + + /** + * Normalize the trailing slash. + */ + private function normalize(string $path): string + { + if ($path === '') { + return '/'; + } + if (str_contains($path, '/api/')) { + return $path; + } + + if (strlen($path) > 1) { + if ($this->trailingSlash) { + if (substr($path, -1) !== '/' && pathinfo($path, PATHINFO_EXTENSION) === '') { + return $path . '/'; + } + } else { + return rtrim($path, '/'); + } + } + + return $path; + } +} diff --git a/services/app/src/Middlewares/TwigMiddleware.php b/services/app/src/Middlewares/TwigMiddleware.php new file mode 100644 index 0000000..5b950ce --- /dev/null +++ b/services/app/src/Middlewares/TwigMiddleware.php @@ -0,0 +1,33 @@ +<?php + +declare(strict_types=1); + +namespace Nsfisis\Albatross\Middlewares; + +use Nsfisis\Albatross\Twig\CsrfExtension; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Slim\App; +use Slim\Views\Twig; +use Slim\Views\TwigMiddleware as SlimTwigMiddleware; + +final class TwigMiddleware implements MiddlewareInterface +{ + private readonly SlimTwigMiddleware $wrapped; + + public function __construct(App $app, CsrfExtension $csrf_extension) + { + // TODO: + // $twig = Twig::create(__DIR__ . '/../../templates', ['cache' => __DIR__ . '/../../twig-cache']); + $twig = Twig::create(__DIR__ . '/../../templates', ['cache' => false]); + $twig->addExtension($csrf_extension); + $this->wrapped = SlimTwigMiddleware::create($app, $twig); + } + + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + return $this->wrapped->process($request, $handler); + } +} |