/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
* @return Response
*/
public function handle(Request $request, Closure $next) : Response
{
$storage = Configuration::getInstance()->get("FileUpload/storageDirectory");
if ($storage) {
foreach ($request->files() as $file) {
if (in_array($file->mimeType(), $this->_allowedTypes) or $this->_allowedTypes == FileUploadMiddleware::ALL) {
$file->move($storage);
}
}
}
return $next($request);
}
/**
* Dispatch a request
*
* @param Request $request
* @return Response
* @throws BadRequestException
* @throws NotFoundException if if no action has been found
*/
public function dispatch(Request $request) : Response
{
$URL = $request->url();
$routes = $this->_getRoutes();
$app = AppRegistry::getInstance()->find($request->host());
$this->_request = $request;
$appName = $app->name();
if (isset($this->_appScopes[$appName])) {
$routes = array_merge($routes, $this->_appScopes[$appName]->_getRoutes());
}
$method = $_SERVER['REQUEST_METHOD'];
foreach ($routes as $route) {
if ($route->method() == $method && $route->parse($URL)) {
return $route->exec($request);
}
}
throw new NotFoundException();
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
* @return Response
* @throws InvalidCsrfTokenException
*/
public function handle(Request $request, Closure $next) : Response
{
$cookieData = $request->cookie('csrfToken');
if ($cookieData) {
$this->_token = $cookieData;
}
$createCookie = false;
if ($request->method() == 'GET' and $cookieData === null) {
$this->_token = hash('sha1', Text::uuid());
$createCookie = true;
}
if (in_array($request->method(), ['PATCH', 'PUT', 'POST', 'DELETE'])) {
$post = $request->data['_csrfToken'];
$header = $request->header('X-CSRF-Token');
if (empty($cookieData)) {
throw new InvalidCsrfTokenException('Missing CSRF token cookie');
}
if ($post !== $cookieData and $header !== $cookieData) {
throw new InvalidCsrfTokenException('CSRF token mismatch');
}
}
$response = $next($request);
if ($createCookie) {
$response->cookie('csrfToken', $this->_token);
}
return $response;
}
/**
* Get the request context for an error/exception trace.
*
* @param Request $request The request to read from.
* @return string
*/
protected function _requestContext($request)
{
$message = "\nRequest URL: " . $request->url();
$referer = $request->env('HTTP_REFERER');
if ($referer) {
$message .= "\nReferer URL: " . $referer;
}
$clientIp = $request->clientIp();
if ($clientIp && $clientIp !== '::1') {
$message .= "\nClient IP: " . $clientIp;
}
return $message;
}
/**
* Setup access for origin and methods on cross origin requests
*
* This method allow multiple ways to setup the domains, see the examples
*
* ### Full URI
* ```
* cors($request, 'http://www.cakephp.org');
* ```
*
* ### URI with wildcard
* ```
* cors($request, 'http://*.cakephp.org');
* ```
*
* ### Ignoring the requested protocol
* ```
* cors($request, 'www.cakephp.org');
* ```
*
* ### Any URI
* ```
* cors($request, '*');
* ```
*
* ### Whitelist of URIs
* ```
* cors($request, ['http://www.cakephp.org', '*.google.com', 'https://myproject.github.io']);
* ```
*
* *Note* The `$allowedDomains`, `$allowedMethods`, `$allowedHeaders` parameters are deprecated.
* Instead the builder object should be used.
*
* @param \CoreTyson\Network\Request $request Request object
* @param string|array $allowedDomains List of allowed domains, see method description for more details
* @param string|array $allowedMethods List of HTTP verbs allowed
* @param string|array $allowedHeaders List of HTTP headers allowed
* @return \CoreTyson\Network\CorsBuilder A builder object the provides a fluent interface for defining
* additional CORS headers.
*/
public function cors(Request $request, $allowedDomains = [], $allowedMethods = [], $allowedHeaders = [])
{
$origin = $request->header('Origin');
$ssl = $request->is('ssl');
$builder = new CorsBuilder($this, $origin, $ssl);
if (!$origin) {
return $builder;
}
if (empty($allowedDomains) && empty($allowedMethods) && empty($allowedHeaders)) {
return $builder;
}
$builder->allowOrigin($allowedDomains)->allowMethods((array) $allowedMethods)->allowHeaders((array) $allowedHeaders)->build();
return $builder;
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next) : Response
{
$encryption = Configuration::getInstance()->get("Cookie/Encryption/method", "rijndael");
foreach ($request->cookie() as $name => $value) {
if ($this->isExcepted($name)) {
continue;
}
$this->_cookies[$name] = $this->_decryptCookie($value, $encryption);
}
$response = $next($request);
$encryption = Configuration::getInstance()->get("Cookie/Encryption/method", "rijndael");
foreach ($response->cookie() as $name => $value) {
if ($this->isExcepted($name)) {
continue;
}
$response->cookie($name, $this->_encryptCookie($value, $encryption));
}
return $response;
}
<?php use CoreTyson\Network\Request; use CoreTyson\Router\Router; require "../config/bootstrap.php"; Router::getInstance()->dispatch(Request::createFromGlobals())->send();
/**
* Dispatch a request on the controller.
*
* @param Request $request
* @return Response
* @throws InvalidActionReturnValueException
*/
public function dispatch(Request $request) : Response
{
$action = $request->param('action');
$params = $request->params["arguments"] + ["request" => $request];
$closure = function () use($action, $params) {
return $this->callAction($action, $params);
};
$middlewares = array_reverse($this->_middlewareRegistry);
foreach ($middlewares as $middleware) {
$closure = function (Request $request) use($middleware, $closure) {
return $middleware->handle($request, $closure);
};
}
$response = $closure($request);
if (!$response instanceof Response) {
throw new InvalidActionReturnValueException([get_called_class() . '::' . $action]);
}
return $response;
}
/**
* Wrapper method to create a new request from PHP superglobals.
*
* Uses the $_GET, $_POST, $_FILES, $_COOKIE, $_SERVER ands $_ENV data to construct
* the request.
*
* @return Request
*/
public static function createFromGlobals() : Request
{
$request = new Request();
$request->_environment = $_SERVER + $_ENV;
$request->queryArgs = $_GET;
$request->_bodyStream = new LazyOpenStream('php://input', 'r+');
$data = $_POST;
$method = $request->env('REQUEST_METHOD');
if (in_array($method, ['PUT', 'DELETE', 'PATCH']) && strpos($request->contentType(), 'application/x-www-form-urlencoded') === 0) {
$data = $request->_bodyStream->getContents();
}
parse_str($data, $data);
if ($request->env('HTTP_X_HTTP_METHOD_OVERRIDE')) {
$data['_method'] = $request->env('HTTP_X_HTTP_METHOD_OVERRIDE');
}
$request->_environment['ORIGINAL_REQUEST_METHOD'] = $method;
if (isset($data['_method'])) {
$request->_environment['REQUEST_METHOD'] = $data['_method'];
unset($data['_method']);
}
$request->data = $data;
$request->_cookies = $_COOKIE;
$request->_uri = new Uri(self::_url());
foreach ($_FILES as $filename => $file) {
$fileObject = new UploadedFile($file['tmp_name'], $file['name'], $file['type'], $file['size'], $file['error']);
$request->_files[$filename] = $fileObject;
}
$request->header(getallheaders());
return $request;
}
