/**
* {@inheritdoc}
*/
protected function getDefaultAttributes($model)
{
$attributes = ['title' => $this->settings->get('forum_title'), 'description' => $this->settings->get('forum_description'), 'baseUrl' => $url = $this->app->url(), 'basePath' => parse_url($url, PHP_URL_PATH) ?: '', 'debug' => $this->app->inDebugMode(), 'apiUrl' => $this->app->url('api'), 'welcomeTitle' => $this->settings->get('welcome_title'), 'welcomeMessage' => $this->settings->get('welcome_message'), 'themePrimaryColor' => $this->settings->get('theme_primary_color'), 'themeSecondaryColor' => $this->settings->get('theme_secondary_color'), 'logoUrl' => $this->getLogoUrl(), 'faviconUrl' => $this->getFaviconUrl(), 'headerHtml' => $this->settings->get('custom_header'), 'allowSignUp' => (bool) $this->settings->get('allow_sign_up'), 'defaultRoute' => $this->settings->get('default_route'), 'canViewDiscussions' => $this->actor->can('viewDiscussions'), 'canStartDiscussion' => $this->actor->can('startDiscussion')];
if ($this->actor->can('administrate')) {
$attributes['adminUrl'] = $this->app->url('admin');
$attributes['version'] = $this->app->version();
}
return $attributes;
}
/**
* Generate a URL to base with UrlGenerator's prefix.
*
* @return string
*/
public function toBase()
{
$base = $this->app->url($this->path);
if (empty($this->prefix)) {
return $base;
} else {
return $base . '/' . $this->prefix;
}
}
/**
* {@inheritdoc}
*/
protected function getDefaultAttributes($model)
{
$gate = $this->gate->forUser($this->actor);
$attributes = ['title' => $this->settings->get('forum_title'), 'description' => $this->settings->get('forum_description'), 'baseUrl' => $url = $this->app->url(), 'basePath' => parse_url($url, PHP_URL_PATH) ?: '', 'debug' => $this->app->inDebugMode(), 'apiUrl' => $this->app->url('api'), 'welcomeTitle' => $this->settings->get('welcome_title'), 'welcomeMessage' => $this->settings->get('welcome_message'), 'themePrimaryColor' => $this->settings->get('theme_primary_color'), 'allowSignUp' => (bool) $this->settings->get('allow_sign_up'), 'defaultRoute' => $this->settings->get('default_route'), 'canViewDiscussions' => $gate->allows('viewDiscussions') || $this->actor->hasPermissionLike('viewDiscussions'), 'canStartDiscussion' => $gate->allows('startDiscussion') || $this->actor->hasPermissionLike('startDiscussion')];
if ($gate->allows('administrate')) {
$attributes['adminUrl'] = $this->app->url('admin');
$attributes['version'] = $this->app->version();
}
return $attributes;
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request, array $routeParams = [])
{
$user = $request->getAttribute('actor');
if ($user->exists) {
$token = array_get($request->getQueryParams(), 'token');
AccessToken::where('user_id', $user->id)->findOrFail($token);
$user->accessTokens()->delete();
$this->events->fire(new UserLoggedOut($user));
}
return $this->withForgetCookie(new RedirectResponse($this->app->url()));
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request)
{
try {
$token = array_get($request->getQueryParams(), 'token');
$user = $this->bus->dispatch(new ConfirmEmail($token));
} catch (InvalidConfirmationTokenException $e) {
return new HtmlResponse('Invalid confirmation token');
}
$token = $this->bus->dispatch(new GenerateAccessToken($user->id));
return $this->withRememberCookie(new RedirectResponse($this->app->url()), $token->id);
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request)
{
try {
$token = array_get($request->getQueryParams(), 'token');
$user = $this->bus->dispatch(new ConfirmEmail($token));
} catch (InvalidConfirmationTokenException $e) {
return new HtmlResponse('Invalid confirmation token');
}
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
return new RedirectResponse($this->app->url());
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface
* @throws TokenMismatchException
*/
public function handle(Request $request)
{
$session = $request->getAttribute('session');
$response = new RedirectResponse($this->app->url());
if ($user = User::find($session->get('user_id'))) {
if (array_get($request->getQueryParams(), 'token') !== $session->get('csrf_token')) {
throw new TokenMismatchException();
}
$this->authenticator->logOut($session);
$user->accessTokens()->delete();
$this->events->fire(new UserLoggedOut($user));
$response = $this->rememberer->forget($response);
}
return $response;
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
$path = parse_url($app->url(), PHP_URL_PATH);
$errorDir = __DIR__ . '/../../error';
if (!$app->isInstalled()) {
$app->register('Flarum\\Install\\InstallServiceProvider');
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\StartSession'));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', ['routes' => $app->make('flarum.install.routes')]));
$pipe->pipe($path, new HandleErrors($errorDir, true));
} elseif ($app->isUpToDate() && !$app->isDownForMaintenance()) {
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\StartSession'));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\RememberFromCookie'));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithSession'));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\SetLocale'));
event(new ConfigureMiddleware($pipe, $path, $this));
$pipe->pipe($path, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', ['routes' => $app->make('flarum.forum.routes')]));
$pipe->pipe($path, new HandleErrors($errorDir, $app->inDebugMode()));
} else {
$pipe->pipe($path, function () use($errorDir) {
return new HtmlResponse(file_get_contents($errorDir . '/503.html', 503));
});
}
return $pipe;
}
/**
* Handles the command execution.
*
* @param UploadImage $command
* @return null|string
*/
public function handle(UploadImage $command)
{
if ($command->postId) {
// load the Post for this image
$post = $this->posts->findOrFail($command->postId, $command->actor);
} else {
$post = null;
}
// todo check rights
// todo validate file
$image = new Image();
$image->user_id = $command->actor->id;
$image->upload_method = 'local';
if ($post) {
$image->post_id = $post->id;
}
$this->events->fire(new ImageWillBeSaved($post, $command->actor, $image, $command->file));
$file_name = sprintf('%d-%d-%s.jpg', $post ? $post->id : 0, $command->actor->id, str_random());
if (!$this->uploadDir->write($file_name, $command->file)) {
// todo should throw error
return null;
}
$appPath = parse_url($this->app->url(), PHP_URL_PATH);
$image->file_name = sprintf('%s/assets/images/%s', $appPath, $file_name);
$image->created_at = Carbon::now();
$image->save();
return $image;
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
do {
// Check if a guest.
$actor = $request->getAttribute('actor');
if (!$actor->isGuest()) {
break;
}
// Check for the global cookie setting.
$authSettings = SingleSO::settingsAuth($this->settings, false);
if (!$authSettings) {
break;
}
// Check if the cookie is configured.
$globalCookie = $authSettings['global_cookie'];
if (!$globalCookie) {
break;
}
// Check if that cookie is set.
$cookies = $request->getCookieParams();
if (!isset($cookies[$globalCookie])) {
break;
}
// Get current request path.
// And URL hash is unfortunately unavailable.
// Such data will be discarded on auto-login.
$requestUri = $request->getUri();
$requestPath = $requestUri->getPath();
// Ignore if the controller path, avoid infinite redirect.
if (strpos($requestPath, SingleSO::CONTROLLER_PATH) === 0) {
break;
}
// Get any query parameters.
$query = $requestUri->getQuery();
// Create the redirect path, preserve ? even if no query.
$params = $request->getQueryParams();
$redirect = $requestPath . ($query ? '?' . $query : (isset($_SERVER['REQUEST_URI']) && strpos($_SERVER['REQUEST_URI'], '?') !== false ? '?' : ''));
// Create the login path.
$loginPath = rtrim($this->app->url(), '/') . SingleSO::CONTROLLER_PATH . '/login';
// Create the redirect target, include return redirect parameters.
$target = SingleSO::addParams($loginPath, ['redirect' => $redirect]);
// Take over the response, redirect to login URL.
return new RedirectResponse($target);
} while (false);
return $out ? $out($request, $response) : $response;
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
if ($app->isInstalled()) {
$app->register('Flarum\\Admin\\AdminServiceProvider');
$adminPath = parse_url($app->url('admin'), PHP_URL_PATH);
$routes = $app->make('flarum.admin.routes');
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithCookie'));
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
$pipe->pipe($adminPath, $app->make('Flarum\\Admin\\Middleware\\RequireAdministrateAbility'));
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', compact('routes')));
$pipe->pipe(new HandleErrors(__DIR__ . '/../../error', $app->inDebugMode()));
}
return $pipe;
}
protected function autoLoginScript()
{
// Get source, remiving any extra semicolons.
$src = trim(file_get_contents(__DIR__ . '/../../js/autologin/dist/main.js'), ';');
// Special variables to replace.
$find = ['___BASE___', '___PATH___'];
// Values to replace with.
$repl = [rtrim($this->app->url(), '/'), SingleSO::CONTROLLER_PATH . '/login'];
// JSON encode with minimal extra slashes.
foreach ($repl as $k => $v) {
$repl[$k] = str_replace('</', '<\\/', json_encode($v, JSON_UNESCAPED_SLASHES));
}
// Return the transformed source.
return str_replace($find, $repl, $src);
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
if ($app->isInstalled()) {
$app->register('Flarum\\Api\\ApiServiceProvider');
$routes = $app->make('flarum.api.routes');
$apiPath = parse_url($app->url('api'), PHP_URL_PATH);
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithCookie'));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\AuthenticateWithHeader'));
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\FakeHttpMethods'));
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', compact('routes')));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\HandleErrors'));
}
return $pipe;
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
$installed = $app->isInstalled();
$basePath = parse_url($app->url(), PHP_URL_PATH);
if ($installed) {
$app->register('Flarum\\Forum\\ForumServiceProvider');
$routes = $app->make('flarum.forum.routes');
$pipe->pipe($basePath, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithCookie'));
$pipe->pipe($basePath, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
} else {
$app->register('Flarum\\Install\\InstallServiceProvider');
$routes = $app->make('flarum.install.routes');
}
$pipe->pipe($basePath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', compact('routes')));
$pipe->pipe(new HandleErrors(__DIR__ . '/../../error', $app->inDebugMode() || !$installed));
return $pipe;
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
$apiPath = parse_url($app->url('api'), PHP_URL_PATH);
if ($app->isInstalled() && $app->isUpToDate()) {
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithCookie'));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\AuthenticateWithHeader'));
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\FakeHttpMethods'));
$pipe->pipe($apiPath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', ['routes' => $app->make('flarum.api.routes')]));
$pipe->pipe($apiPath, $app->make('Flarum\\Api\\Middleware\\HandleErrors'));
} else {
$pipe->pipe($apiPath, function () {
$document = new Document();
$document->setErrors([['code' => 503, 'title' => 'Service Unavailable']]);
return new JsonApiResponse($document, 503);
});
}
return $pipe;
}
/**
* {@inheritdoc}
*/
protected function getMiddleware(Application $app)
{
$pipe = new MiddlewarePipe();
if ($app->isInstalled()) {
$adminPath = parse_url($app->url('admin'), PHP_URL_PATH);
$errorDir = __DIR__ . '/../../error';
if ($app->isUpToDate()) {
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\AuthenticateWithCookie'));
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\ParseJsonBody'));
$pipe->pipe($adminPath, $app->make('Flarum\\Admin\\Middleware\\RequireAdministrateAbility'));
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', ['routes' => $app->make('flarum.admin.routes')]));
$pipe->pipe($adminPath, new HandleErrors($errorDir, $app->inDebugMode()));
} else {
$app->register('Flarum\\Update\\UpdateServiceProvider');
$pipe->pipe($adminPath, $app->make('Flarum\\Http\\Middleware\\DispatchRoute', ['routes' => $app->make('flarum.update.routes')]));
$pipe->pipe($adminPath, new HandleErrors($errorDir, true));
}
}
return $pipe;
}
/**
* @return Akismet
*/
protected function getAkismet()
{
return new Akismet($this->settings->get('flarum-akismet.api_key'), $this->app->url());
}
/**
* Generate a URL to base with UrlGenerator's prefix.
*
* @return string
*/
public function toBase()
{
return $this->app->url($this->path);
}
/**
* @param string $path
* @return string
*/
public function expandRedirect($path)
{
return SingleSO::safePath($this->app->url(), $path);
}