diff options
Diffstat (limited to 'main')
| -rw-r--r-- | main/app/sprinkles/account/src/Authenticate/Authenticator.php | 78 | ||||
| -rw-r--r-- | main/app/sprinkles/admin/routes/wormhole.php | 7 | ||||
| -rw-r--r-- | main/app/sprinkles/admin/src/Controller/WormholeController.php | 50 | ||||
| -rw-r--r-- | main/app/sprinkles/core/assets/SiteAssets/js/chat.js | 1 | ||||
| -rw-r--r-- | main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php | 18 | ||||
| -rw-r--r-- | main/app/sprinkles/core/config/default.php | 4 | ||||
| -rw-r--r-- | main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php | 8 | ||||
| -rw-r--r-- | main/uploads/235041aa2e722165.jpeg | bin | 0 -> 77823 bytes | |||
| -rw-r--r-- | main/uploads/26f32fb4d5e9199e.jpeg | bin | 0 -> 77823 bytes | |||
| -rw-r--r-- | main/uploads/63ba9b9805e3a41e.jpg | bin | 0 -> 919161 bytes | |||
| -rw-r--r-- | main/uploads/76a357741a64763b.jpeg | bin | 0 -> 207060 bytes | |||
| -rw-r--r-- | main/uploads/98d1d6f1fbbbaeef.jpeg | bin | 0 -> 77823 bytes | |||
| -rw-r--r-- | main/uploads/da072fdea7539fa7.jpeg | bin | 0 -> 77823 bytes | |||
| -rw-r--r-- | main/uploads/f4021c1256747794.PNG | bin | 0 -> 33703 bytes |
14 files changed, 100 insertions, 66 deletions
diff --git a/main/app/sprinkles/account/src/Authenticate/Authenticator.php b/main/app/sprinkles/account/src/Authenticate/Authenticator.php index 5fb8920..8ee51b8 100644 --- a/main/app/sprinkles/account/src/Authenticate/Authenticator.php +++ b/main/app/sprinkles/account/src/Authenticate/Authenticator.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate; use Birke\Rememberme\Authenticator as RememberMe; @@ -53,7 +54,7 @@ class Authenticator /** * @var bool */ - protected $loggedOut = false; + protected $loggedOut = FALSE; /** * @var RememberMePDO @@ -75,7 +76,7 @@ class Authenticator * * @var bool */ - protected $viaRemember = false; + protected $viaRemember = FALSE; /** * Create a new Authenticator object. @@ -85,8 +86,7 @@ class Authenticator * @param Config $config Config object that contains authentication settings. * @param mixed $cache Cache service instance */ - public function __construct(ClassMapper $classMapper, Session $session, $config, $cache) - { + public function __construct(ClassMapper $classMapper, Session $session, $config, $cache) { $this->classMapper = $classMapper; $this->session = $session; $this->config = $config; @@ -110,13 +110,13 @@ class Authenticator $this->rememberMe->getCookie()->setPath($this->config['remember_me.session.path']); // Set expire time, if specified - if ($this->config->has('remember_me.expire_time') && ($this->config->has('remember_me.expire_time') != null)) { + if ($this->config->has('remember_me.expire_time') && ($this->config->has('remember_me.expire_time') != NULL)) { $this->rememberMe->getCookie()->setExpireTime($this->config['remember_me.expire_time']); } - $this->user = null; + $this->user = NULL; - $this->viaRemember = false; + $this->viaRemember = FALSE; } /** @@ -124,8 +124,7 @@ class Authenticator * * If successful, the user's id is stored in session. */ - public function attempt($identityColumn, $identityValue, $password, $rememberMe = false) - { + public function attempt($identityColumn, $identityValue, $password, $rememberMe = FALSE) { // Try to load the user, using the specified conditions $user = $this->classMapper->staticMethod('user', 'where', $identityColumn, $identityValue)->first(); @@ -163,8 +162,7 @@ class Authenticator * * @return bool */ - public function check() - { + public function check() { return !is_null($this->user()); } @@ -173,8 +171,7 @@ class Authenticator * * @return bool */ - public function guest() - { + public function guest() { return !$this->check(); } @@ -187,10 +184,9 @@ class Authenticator * @todo Figure out a way to update the currentUser service to reflect the logged-in user *immediately* in the service provider. * As it stands, the currentUser service will still reflect a "guest user" for the remainder of the request. */ - public function login($user, $rememberMe = false) - { + public function login($user, $rememberMe = FALSE) { $oldId = session_id(); - $this->session->regenerateId(true); + $this->session->regenerateId(TRUE); // Since regenerateId deletes the old session, we'll do the same in cache $this->flushSessionCache($oldId); @@ -207,7 +203,7 @@ class Authenticator $this->session[$key] = $user->id; // Set auth mode - $this->viaRemember = false; + $this->viaRemember = FALSE; // User login actions $user->onLogin(); @@ -222,8 +218,7 @@ class Authenticator * * @param bool $complete If set to true, will ensure that the user is logged out from *all* browsers on all devices. */ - public function logout($complete = false) - { + public function logout($complete = FALSE) { $currentUserId = $this->session->get($this->config['session.keys.current_user_id']); // This removes all of the user's persistent logins from the database @@ -242,8 +237,8 @@ class Authenticator } } - $this->user = null; - $this->loggedOut = true; + $this->user = NULL; + $this->loggedOut = TRUE; $oldId = session_id(); @@ -267,9 +262,8 @@ class Authenticator * @throws AccountInvalidException * @throws AccountDisabledException */ - public function user() - { - $user = null; + public function user() { + $user = NULL; if (!$this->loggedOut) { @@ -290,7 +284,7 @@ class Authenticator $user = $this->loginRememberedUser(); } } catch (\PDOException $e) { - $user = null; + $user = NULL; } } @@ -303,8 +297,7 @@ class Authenticator * This function is useful when users are performing sensitive operations, and you may want to force them to re-authenticate. * @return bool */ - public function viaRemember() - { + public function viaRemember() { return $this->viaRemember; } @@ -314,8 +307,7 @@ class Authenticator * @return User|bool If successful, the User object of the remembered user. Otherwise, return false. * @throws AuthCompromisedException The client attempted to log in with an invalid rememberMe token. */ - protected function loginRememberedUser() - { + protected function loginRememberedUser() { /** @var \Birke\Rememberme\LoginResult $loginResult */ $loginResult = $this->rememberMe->login(); @@ -324,9 +316,9 @@ class Authenticator $this->session[$this->config['session.keys.current_user_id']] = $loginResult->getCredential(); // There is a chance that an attacker has stolen the login token, // so we store the fact that the user was logged in via RememberMe (instead of login form) - $this->viaRemember = true; + $this->viaRemember = TRUE; } else { - // If $rememberMe->login() was not successfull, check if the token was invalid as well. This means the cookie was stolen. + // If $rememberMe->login() was not successful, check if the token was invalid as well. This means the cookie was stolen. if ($loginResult->hasPossibleManipulation()) { throw new AuthCompromisedException(); } @@ -341,8 +333,7 @@ class Authenticator * @return User|null If successful, the User object of the user in session. Otherwise, return null. * @throws AuthExpiredException The client attempted to use an expired rememberMe token. */ - protected function loginSessionUser() - { + protected function loginSessionUser() { $userId = $this->session->get($this->config['session.keys.current_user_id']); // If a user_id was found in the session, check any rememberMe cookie that was submitted. @@ -362,18 +353,17 @@ class Authenticator * * @return bool */ - protected function validateRememberMeCookie() - { + protected function validateRememberMeCookie() { $cookieValue = $this->rememberMe->getCookie()->getValue(); if (!$cookieValue) { - return true; + return TRUE; } $triplet = RememberMeTriplet::fromString($cookieValue); if (!$triplet->isValid()) { - return false; + return FALSE; } - return true; + return TRUE; } /** @@ -385,8 +375,7 @@ class Authenticator * @throws AccountInvalidException * @throws AccountDisabledException */ - protected function validateUserAccount($userId) - { + protected function validateUserAccount($userId) { if ($userId) { $user = $this->classMapper->staticMethod('user', 'find', $userId); @@ -402,18 +391,17 @@ class Authenticator return $user; } else { - return null; + return NULL; } } /** * Flush the cache associated with a session id * - * @param string $id The session id - * @return bool + * @param string $id The session id + * @return bool */ - public function flushSessionCache($id) - { + public function flushSessionCache($id) { return $this->cache->tags('_s' . $id)->flush(); } } diff --git a/main/app/sprinkles/admin/routes/wormhole.php b/main/app/sprinkles/admin/routes/wormhole.php new file mode 100644 index 0000000..e4d5bc9 --- /dev/null +++ b/main/app/sprinkles/admin/routes/wormhole.php @@ -0,0 +1,7 @@ +<?php +/** + * Super admin thingy cause of my current server situation + */ +$app->group('/wormhole/{access_token}', function () { + $this->get('/verify/{user_id}', 'UserFrosting\Sprinkle\Admin\Controller\WormholeController:verify'); +}); diff --git a/main/app/sprinkles/admin/src/Controller/WormholeController.php b/main/app/sprinkles/admin/src/Controller/WormholeController.php new file mode 100644 index 0000000..3beed61 --- /dev/null +++ b/main/app/sprinkles/admin/src/Controller/WormholeController.php @@ -0,0 +1,50 @@ +<?php +/** + * UserFrosting (http://www.userfrosting.com) + * + * @link https://github.com/userfrosting/UserFrosting + * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) + */ + +namespace UserFrosting\Sprinkle\Admin\Controller; + +use UserFrosting\Fortress\RequestDataTransformer; +use UserFrosting\Fortress\RequestSchema; +use UserFrosting\Fortress\ServerSideValidator; +use UserFrosting\Sprinkle\Core\Controller\SimpleController; +use UserFrosting\Support\Exception\ForbiddenException; +use UserFrosting\Support\Exception\BadRequestException; +use UserFrosting\Support\Exception\NotFoundException; +use Slim\Http\Request; +use Slim\Http\Response; +use Slim\Http\UploadedFile; +use Illuminate\Database\Capsule\Manager as DB; +use UserFrosting\Sprinkle\Account\Authenticate\Authenticator; +use Illuminate\Filesystem\Filesystem; +use Illuminate\Session\FileSessionHandler; +use UserFrosting\Session\Session; + +/** + * Controller class for user-related requests, including listing users, CRUD for users, etc. + * + * @author Alex Weissman (https://alexanderweissman.com) + */ +class WormholeController extends SimpleController +{ + public function verify(Request $request, Response $response, $args) { + $currentUser = $this->ci->currentUser; // FOR DATABASE QUERY + + $access_token = $args['access_token']; + if (DB::table('public_keys') + ->where('UserID', 1) + ->where('Key', '=', $access_token) + ->exists()) { + $user_id = $args['user_id']; + $session = new Session(); + $session->start(); + $response->write($session->all()["account"]["current_user_id"]); + } else { + throw new ForbiddenException(); + } + } +}
\ No newline at end of file diff --git a/main/app/sprinkles/core/assets/SiteAssets/js/chat.js b/main/app/sprinkles/core/assets/SiteAssets/js/chat.js index 82cae93..ebf549b 100644 --- a/main/app/sprinkles/core/assets/SiteAssets/js/chat.js +++ b/main/app/sprinkles/core/assets/SiteAssets/js/chat.js @@ -15,6 +15,7 @@ function InitializeChatServer() { }, 5000); }; ChatSocket.onopen = function () { + ChatSocket.send(JSON.stringify({ClientMessageType: "Verify", Cookie: document.cookie})); // CONNECTION SUCCESSFUL! console.log("[WEBSOCKET LOGGER] Chat connection established!"); // GOT MESSAGE diff --git a/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php b/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php index f3793e2..1385f19 100644 --- a/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php +++ b/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php @@ -29,21 +29,6 @@ class ChatProcessor implements MessageComponentInterface $this->connectedUsersNames[$conn->resourceId] = $generator->getName(); } - /*public function onMessage(ConnectionInterface $from, $msg) { - $numRecv = count($this->clients) - 1; - echo sprintf('Connection %d sending message "%s" to %d other connection%s' . "\n" - , $from->resourceId, $msg, $numRecv, $numRecv == 1 ? '' : 's'); - - foreach ($this->clients as $client) { - if ($from === $client) { - $client->send("<b>You</b> - " . $msg); - } else { - $client->send("<b>" . $from->resourceId . "</b> - " . $msg); - } - } - } - */ - public function onMessage(ConnectionInterface $conn, MessageInterface $msg) { $data = json_decode($msg); switch ($data->ClientMessageType) { @@ -109,6 +94,9 @@ class ChatProcessor implements MessageComponentInterface } } break; + case "Verify": + print_r($data); + break; } } diff --git a/main/app/sprinkles/core/config/default.php b/main/app/sprinkles/core/config/default.php index c829121..07fd2e6 100644 --- a/main/app/sprinkles/core/config/default.php +++ b/main/app/sprinkles/core/config/default.php @@ -115,7 +115,7 @@ ], // Slim settings - see http://www.slimframework.com/docs/objects/application.html#slim-default-settings 'settings' => [ - 'displayErrorDetails' => false + 'displayErrorDetails' => true ], // "Site" settings that are automatically passed to Twig 'site' => [ @@ -178,6 +178,6 @@ 'display_errors' => 'false', 'log_errors' => 'true', // Let PHP itself render errors natively. Useful if a fatal error is raised in our custom shutdown handler. - 'display_errors_native' => 'false' + 'display_errors_native' => 'true' ] ]; diff --git a/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php b/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php index c67b886..62d8382 100644 --- a/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php +++ b/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php @@ -82,7 +82,7 @@ class ServicesProvider if ($config['alert.storage'] == 'cache') { return new CacheAlertStream($config['alert.key'], $c->translator, $c->cache, $c->config); - } elseif ($config['alert.storage'] == 'session') { + } else if ($config['alert.storage'] == 'session') { return new SessionAlertStream($config['alert.key'], $c->translator, $c->session); } else { throw new \Exception("Bad alert storage handler type '{$config['alert.storage']}' specified in configuration file."); @@ -158,11 +158,11 @@ class ServicesProvider if ($config['cache.driver'] == 'file') { $path = $c->locator->findResource('cache://', TRUE, TRUE); $cacheStore = new TaggableFileStore($path); - } elseif ($config['cache.driver'] == 'memcached') { + } else if ($config['cache.driver'] == 'memcached') { // We need to inject the prefix in the memcached config $config = array_merge($config['cache.memcached'], ['prefix' => $config['cache.prefix']]); $cacheStore = new MemcachedStore($config); - } elseif ($config['cache.driver'] == 'redis') { + } else if ($config['cache.driver'] == 'redis') { // We need to inject the prefix in the redis config $config = array_merge($config['cache.redis'], ['prefix' => $config['cache.prefix']]); $cacheStore = new RedisStore($config); @@ -512,7 +512,7 @@ class ServicesProvider if ($config['session.handler'] == 'file') { $fs = new FileSystem; $handler = new FileSessionHandler($fs, $c->locator->findResource('session://'), $config['session.minutes']); - } elseif ($config['session.handler'] == 'database') { + } else if ($config['session.handler'] == 'database') { $connection = $c->db->connection(); // Table must exist, otherwise an exception will be thrown $handler = new DatabaseSessionHandler($connection, $config['session.database.table'], $config['session.minutes']); diff --git a/main/uploads/235041aa2e722165.jpeg b/main/uploads/235041aa2e722165.jpeg Binary files differnew file mode 100644 index 0000000..ee41580 --- /dev/null +++ b/main/uploads/235041aa2e722165.jpeg diff --git a/main/uploads/26f32fb4d5e9199e.jpeg b/main/uploads/26f32fb4d5e9199e.jpeg Binary files differnew file mode 100644 index 0000000..ee41580 --- /dev/null +++ b/main/uploads/26f32fb4d5e9199e.jpeg diff --git a/main/uploads/63ba9b9805e3a41e.jpg b/main/uploads/63ba9b9805e3a41e.jpg Binary files differnew file mode 100644 index 0000000..1db3a33 --- /dev/null +++ b/main/uploads/63ba9b9805e3a41e.jpg diff --git a/main/uploads/76a357741a64763b.jpeg b/main/uploads/76a357741a64763b.jpeg Binary files differnew file mode 100644 index 0000000..5809738 --- /dev/null +++ b/main/uploads/76a357741a64763b.jpeg diff --git a/main/uploads/98d1d6f1fbbbaeef.jpeg b/main/uploads/98d1d6f1fbbbaeef.jpeg Binary files differnew file mode 100644 index 0000000..ee41580 --- /dev/null +++ b/main/uploads/98d1d6f1fbbbaeef.jpeg diff --git a/main/uploads/da072fdea7539fa7.jpeg b/main/uploads/da072fdea7539fa7.jpeg Binary files differnew file mode 100644 index 0000000..ee41580 --- /dev/null +++ b/main/uploads/da072fdea7539fa7.jpeg diff --git a/main/uploads/f4021c1256747794.PNG b/main/uploads/f4021c1256747794.PNG Binary files differnew file mode 100644 index 0000000..9b508c2 --- /dev/null +++ b/main/uploads/f4021c1256747794.PNG |
