public function getHandler($conn)
{
Context::clear();
$app = \Slim\Slim::getInstance();
$credentials = $conn->WebSocket->request->getQuery()->toArray();
//
// Aparently, this doesn't work as expected.
//
// set x-auth-token
if (isset($credentials['X-Auth-Token'])) {
$app->request->headers->set('X-Auth-Token', $credentials['X-Auth-Token']);
unset($credentials['X-Auth-Token']);
}
// remove "/" and possible "ws/" from resource path
$resource = str_replace("ws/", "", substr($conn->WebSocket->request->getPath(), 1));
$hash = md5($resource . join(",", array_values($credentials)));
if (!isset($this->handlers[$hash])) {
if ($key = Model\AppKey::where('app_id', $credentials['X-App-Id'])->where('key', $credentials['X-App-Key'])->first()) {
Context::setKey($key);
$channel = Model\Module::channel($resource);
if ($channel) {
$this->handlers[$hash] = $channel->compile();
}
}
}
return isset($this->handlers[$hash]) ? $this->handlers[$hash] : null;
}
public function testHelpers()
{
Config::set('repository.url', 'https://github.com/doubleleft/hook');
Config::set('repository.author', 'doubleleft');
$string = Module::template("{{ config 'repository.url' }} by {{config 'repository.author'}}.")->compile();
$this->assertTrue($string == "https://github.com/doubleleft/hook by doubleleft.");
$string = Module::template("{{ public_url }}")->compile();
$this->assertTrue($string == "http://localhost/");
}
/**
* Create a new Message.
*
* @param string $template_body path or data to be attached
* @param string $options
*
* @return Swift_Mime_Attachment
*/
public static function message($template_body = null, $options = array())
{
$message = new Message();
MailHelper::setMessage($message);
if ($template_body) {
$template = Module::template($template_body);
$message->body($template->compile($options));
}
return $message;
}
public static function loadObserver($table)
{
// Compile observer only if it isn't compiled yet.
if (!isset(static::$observers[$table])) {
// Register default events (DynamicModel)
static::registerDefaultEvents($table);
if ($module = Module::observer($table)) {
$observer = $module->compile();
static::$observers[$table] = $observer;
static::observe($observer);
} else {
// Cache observer as not available
static::$observers[$table] = false;
}
}
}
protected function getTemplate($name)
{
if (is_null($this->template_string)) {
$this->setTemplateString(Module::template($name)->getCode());
}
return $this->template_string;
// foreach ($this->directories as $dir) {
// foreach ($this->extensions as $ext) {
// $path = $dir . DIRECTORY_SEPARATOR . ltrim($name . $ext, DIRECTORY_SEPARATOR);
// if (file_exists($path)) {
// return file_get_contents($path);
// }
// }
// }
// throw new NotFoundException("Template not found.");
}
/**
* Trigger 'forgot password' email
*/
public function forgotPassword()
{
$data = $this->getData();
$auth = Auth::where('email', $data['email'])->first();
if (!$auth) {
throw new Exceptions\NotFoundException("invalid_user");
}
if (!isset($data['subject'])) {
$data['subject'] = 'Forgot your password?';
}
$body_data = Context::unsafe(function () use(&$auth) {
$array = $auth->generateForgotPasswordToken()->toArray();
$array['token'] = $auth->getAttribute(Auth::FORGOT_PASSWORD_FIELD);
return $array;
});
$template = isset($data['template']) ? $data['template'] : self::TEMPLATE_FORGOT_PASSWORD;
return array('success' => Mail::send(array('subject' => $data['subject'], 'from' => Config::get('mail.from', '*****@*****.**'), 'to' => $auth->email, 'body' => Module::template($template)->compile($body_data))) === 1);
}
public function modules()
{
return Model\Module::all();
}
public function call()
{
// The Slim application
$app = $this->app;
self::decode_query_string();
$origin = $app->request->headers->get('ORIGIN', '*');
// Always keep connection open
$app->response->headers->set('Connection', 'Keep-Alive');
// Allow Cross-Origin Resource Sharing
$app->response->headers->set('Access-Control-Allow-Credentials', 'true');
$app->response->headers->set('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE');
$app->response->headers->set('Access-Control-Allow-Headers', 'x-app-id, x-app-key, x-auth-token, x-http-method-override, content-type, user-agent, accept');
if ($app->request->isOptions()) {
// Always allow OPTIONS requests.
$app->response->headers->set('Access-Control-Allow-Origin', $origin);
} else {
// Get application key
$app_key = Context::validateKey($app->request->headers->get('X-App-Id') ?: $app->request->get('X-App-Id'), $app->request->headers->get('X-App-Key') ?: $app->request->get('X-App-Key'));
if ($app_key) {
// Check the application key allowed origins, and block if necessary.
if ($app_key->isBrowser()) {
$app->response->headers->set('Access-Control-Allow-Origin', $origin);
$request_origin = preg_replace("/https?:\\/\\//", "", $origin);
$allowed_origins = Config::get('security.allowed_origins', array($request_origin));
$is_origin_allowed = array_filter($allowed_origins, function ($allowed_origin) use(&$request_origin) {
return fnmatch($allowed_origin, $request_origin);
});
if (count($is_origin_allowed) == 0) {
// throw new NotAllowedException("origin_not_allowed");
$app->response->setStatus(403);
// forbidden
$app->response->headers->set('Content-type', 'application/json');
$app->response->setBody(json_encode(array('error' => "origin_not_allowed")));
return;
}
}
// Require custom app packages
Package\Manager::autoload();
// // Register session handler
// Session\Handler::register(Config::get('session.handler', 'database'));
// Query and compile route module if found
$route_module_name = strtolower($app->request->getMethod()) . '_' . substr($app->request->getPathInfo(), 1) . '.php';
$alternate_route_module_name = 'any_' . substr($app->request->getPathInfo(), 1) . '.php';
$custom_route = Module::where('type', Module::TYPE_ROUTE)->where('name', $route_module_name)->orWhere('name', $alternate_route_module_name)->first();
if ($custom_route) {
// Flag request as "trusted".
Context::setTrusted(true);
// "Compile" the route to be available for the router
$custom_route->compile();
}
} else {
if (!\Hook\Controllers\ApplicationController::isRootOperation()) {
$app->response->setStatus(403);
$app->response->setBody(json_encode(array('error' => "Your IP Address is not allowed to perform this operation.")));
return;
}
}
//
// Parse incoming JSON data
if ($app->request->isPost() || $app->request->isPut() || $app->request->isDelete()) {
$input_data = $app->environment->offsetGet('slim.input');
$app->environment->offsetSet('slim.request.form_hash', json_decode($input_data, true));
}
return $this->next->call();
}
}
