/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!Middleware::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Geolocate middleware needs ClientIp executed before');
}
$ip = ClientIp::getIp($request);
if ($ip !== null) {
$request = Middleware::setAttribute($request, self::KEY, $this->geocoder->geocode($ip));
}
return $next($request, $response);
}
/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!Middleware::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Geolocate middleware needs ClientIp executed before');
}
$geocoder = $this->geocoder ?: $this->getFromContainer(Geocoder::CLASS, false) ?: $this->getGeocoder();
$ip = ClientIp::getIp($request);
if ($ip) {
$ip = '123.9.34.23';
$request = Middleware::setAttribute($request, self::KEY, $geocoder->geocode($ip));
}
return $next($request, $response);
}
/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!Middleware::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Recaptcha middleware needs ClientIp executed before');
}
if (Utils\Helpers::isPost($request)) {
$recaptcha = new GoogleRecaptcha($this->secret);
$data = $request->getParsedBody();
$res = $recaptcha->verify(isset($data['g-recaptcha-response']) ? $data['g-recaptcha-response'] : '', ClientIp::getIp($request));
if (!$res->isSuccess()) {
return $response->withStatus(403);
}
}
return $next($request, $response);
}
/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!self::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Firewall middleware needs ClientIp executed before');
}
$ips = ClientIp::getIps($request) ?: [];
$firewall = new IpFirewall();
if (!empty($this->trusted)) {
$firewall->addList($this->trusted, 'trusted', true);
}
if (!empty($this->untrusted)) {
$firewall->addList($this->untrusted, 'untrusted', false);
}
foreach ($ips as $ip) {
$ok = $firewall->setIpAddress($ip)->handle();
if (!$ok) {
return $response->withStatus(403);
}
}
return $next($request, $response);
}
/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!self::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Geolocate middleware needs ClientIp executed before');
}
$ip = ClientIp::getIp($request);
if ($ip !== null) {
if ($this->saveInSession) {
$ips =& self::getStorage($request, self::KEY);
if (isset($ips[$ip])) {
$address = new AddressCollection($ips[$ip]);
} else {
$address = $this->geocoder->geocode($ip);
$ips[$ip] = $address->all();
}
} else {
$address = $this->geocoder->geocode($ip);
}
$request = self::setAttribute($request, self::KEY, $address);
}
return $next($request, $response);
}
/**
* Validate the request.
*
* @param ServerRequestInterface $request
* @param array &$tokens
*
* @return bool
*/
private function validateRequest(ServerRequestInterface $request, array &$tokens)
{
$data = $request->getParsedBody();
if (!isset($data[$this->formIndex]) || !isset($data[$this->formToken])) {
return false;
}
$index = $data[$this->formIndex];
$token = $data[$this->formToken];
if (!isset($tokens[$index])) {
return false;
}
$stored = $tokens[$index];
unset($tokens[$index]);
$lockTo = $request->getUri()->getPath();
if (!Utils\Helpers::hashEquals($lockTo, $stored['lockTo'])) {
return false;
}
$expected = self::encode(hash_hmac('sha256', ClientIp::getIp($request), base64_decode($stored['token']), true));
return Utils\Helpers::hashEquals($token, $expected);
}
/**
* Generates a message using the Apache's Common Log format
* https://httpd.apache.org/docs/2.4/logs.html#accesslog.
*
* Note: The user identifier (identd) is ommited intentionally
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
*
* @return string
*/
private static function commonFormat(ServerRequestInterface $request, ResponseInterface $response)
{
return sprintf('%s %s [%s] "%s %s %s/%s" %d %d', ClientIp::getIp($request), $request->getUri()->getUserInfo() ?: '-', strftime('%d/%b/%Y:%H:%M:%S %z'), strtoupper($request->getMethod()), $request->getUri()->getPath(), strtoupper($request->getUri()->getScheme()), $request->getProtocolVersion(), $response->getStatusCode(), $response->getBody()->getSize());
}