From c2b4f8d7de00c9c4ade235dcc4f02883a0219762 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Sun, 6 May 2018 00:28:48 +0200
Subject: Added wormhole and other things
---
.../account/src/Authenticate/Authenticator.php | 78 +++++++++------------
main/app/sprinkles/admin/routes/wormhole.php | 7 ++
.../admin/src/Controller/WormholeController.php | 50 +++++++++++++
.../sprinkles/core/assets/SiteAssets/js/chat.js | 1 +
.../php/Chatserver/src/ChatProcessor.php | 18 +----
main/app/sprinkles/core/config/default.php | 4 +-
.../core/src/ServicesProvider/ServicesProvider.php | 8 +--
main/uploads/235041aa2e722165.jpeg | Bin 0 -> 77823 bytes
main/uploads/26f32fb4d5e9199e.jpeg | Bin 0 -> 77823 bytes
main/uploads/63ba9b9805e3a41e.jpg | Bin 0 -> 919161 bytes
main/uploads/76a357741a64763b.jpeg | Bin 0 -> 207060 bytes
main/uploads/98d1d6f1fbbbaeef.jpeg | Bin 0 -> 77823 bytes
main/uploads/da072fdea7539fa7.jpeg | Bin 0 -> 77823 bytes
main/uploads/f4021c1256747794.PNG | Bin 0 -> 33703 bytes
14 files changed, 100 insertions(+), 66 deletions(-)
create mode 100644 main/app/sprinkles/admin/routes/wormhole.php
create mode 100644 main/app/sprinkles/admin/src/Controller/WormholeController.php
create mode 100644 main/uploads/235041aa2e722165.jpeg
create mode 100644 main/uploads/26f32fb4d5e9199e.jpeg
create mode 100644 main/uploads/63ba9b9805e3a41e.jpg
create mode 100644 main/uploads/76a357741a64763b.jpeg
create mode 100644 main/uploads/98d1d6f1fbbbaeef.jpeg
create mode 100644 main/uploads/da072fdea7539fa7.jpeg
create mode 100644 main/uploads/f4021c1256747794.PNG
(limited to 'main')
diff --git a/main/app/sprinkles/account/src/Authenticate/Authenticator.php b/main/app/sprinkles/account/src/Authenticate/Authenticator.php
index 5fb8920..8ee51b8 100644
--- a/main/app/sprinkles/account/src/Authenticate/Authenticator.php
+++ b/main/app/sprinkles/account/src/Authenticate/Authenticator.php
@@ -5,6 +5,7 @@
* @link https://github.com/userfrosting/UserFrosting
* @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License)
*/
+
namespace UserFrosting\Sprinkle\Account\Authenticate;
use Birke\Rememberme\Authenticator as RememberMe;
@@ -53,7 +54,7 @@ class Authenticator
/**
* @var bool
*/
- protected $loggedOut = false;
+ protected $loggedOut = FALSE;
/**
* @var RememberMePDO
@@ -75,7 +76,7 @@ class Authenticator
*
* @var bool
*/
- protected $viaRemember = false;
+ protected $viaRemember = FALSE;
/**
* Create a new Authenticator object.
@@ -85,8 +86,7 @@ class Authenticator
* @param Config $config Config object that contains authentication settings.
* @param mixed $cache Cache service instance
*/
- public function __construct(ClassMapper $classMapper, Session $session, $config, $cache)
- {
+ public function __construct(ClassMapper $classMapper, Session $session, $config, $cache) {
$this->classMapper = $classMapper;
$this->session = $session;
$this->config = $config;
@@ -110,13 +110,13 @@ class Authenticator
$this->rememberMe->getCookie()->setPath($this->config['remember_me.session.path']);
// Set expire time, if specified
- if ($this->config->has('remember_me.expire_time') && ($this->config->has('remember_me.expire_time') != null)) {
+ if ($this->config->has('remember_me.expire_time') && ($this->config->has('remember_me.expire_time') != NULL)) {
$this->rememberMe->getCookie()->setExpireTime($this->config['remember_me.expire_time']);
}
- $this->user = null;
+ $this->user = NULL;
- $this->viaRemember = false;
+ $this->viaRemember = FALSE;
}
/**
@@ -124,8 +124,7 @@ class Authenticator
*
* If successful, the user's id is stored in session.
*/
- public function attempt($identityColumn, $identityValue, $password, $rememberMe = false)
- {
+ public function attempt($identityColumn, $identityValue, $password, $rememberMe = FALSE) {
// Try to load the user, using the specified conditions
$user = $this->classMapper->staticMethod('user', 'where', $identityColumn, $identityValue)->first();
@@ -163,8 +162,7 @@ class Authenticator
*
* @return bool
*/
- public function check()
- {
+ public function check() {
return !is_null($this->user());
}
@@ -173,8 +171,7 @@ class Authenticator
*
* @return bool
*/
- public function guest()
- {
+ public function guest() {
return !$this->check();
}
@@ -187,10 +184,9 @@ class Authenticator
* @todo Figure out a way to update the currentUser service to reflect the logged-in user *immediately* in the service provider.
* As it stands, the currentUser service will still reflect a "guest user" for the remainder of the request.
*/
- public function login($user, $rememberMe = false)
- {
+ public function login($user, $rememberMe = FALSE) {
$oldId = session_id();
- $this->session->regenerateId(true);
+ $this->session->regenerateId(TRUE);
// Since regenerateId deletes the old session, we'll do the same in cache
$this->flushSessionCache($oldId);
@@ -207,7 +203,7 @@ class Authenticator
$this->session[$key] = $user->id;
// Set auth mode
- $this->viaRemember = false;
+ $this->viaRemember = FALSE;
// User login actions
$user->onLogin();
@@ -222,8 +218,7 @@ class Authenticator
*
* @param bool $complete If set to true, will ensure that the user is logged out from *all* browsers on all devices.
*/
- public function logout($complete = false)
- {
+ public function logout($complete = FALSE) {
$currentUserId = $this->session->get($this->config['session.keys.current_user_id']);
// This removes all of the user's persistent logins from the database
@@ -242,8 +237,8 @@ class Authenticator
}
}
- $this->user = null;
- $this->loggedOut = true;
+ $this->user = NULL;
+ $this->loggedOut = TRUE;
$oldId = session_id();
@@ -267,9 +262,8 @@ class Authenticator
* @throws AccountInvalidException
* @throws AccountDisabledException
*/
- public function user()
- {
- $user = null;
+ public function user() {
+ $user = NULL;
if (!$this->loggedOut) {
@@ -290,7 +284,7 @@ class Authenticator
$user = $this->loginRememberedUser();
}
} catch (\PDOException $e) {
- $user = null;
+ $user = NULL;
}
}
@@ -303,8 +297,7 @@ class Authenticator
* This function is useful when users are performing sensitive operations, and you may want to force them to re-authenticate.
* @return bool
*/
- public function viaRemember()
- {
+ public function viaRemember() {
return $this->viaRemember;
}
@@ -314,8 +307,7 @@ class Authenticator
* @return User|bool If successful, the User object of the remembered user. Otherwise, return false.
* @throws AuthCompromisedException The client attempted to log in with an invalid rememberMe token.
*/
- protected function loginRememberedUser()
- {
+ protected function loginRememberedUser() {
/** @var \Birke\Rememberme\LoginResult $loginResult */
$loginResult = $this->rememberMe->login();
@@ -324,9 +316,9 @@ class Authenticator
$this->session[$this->config['session.keys.current_user_id']] = $loginResult->getCredential();
// There is a chance that an attacker has stolen the login token,
// so we store the fact that the user was logged in via RememberMe (instead of login form)
- $this->viaRemember = true;
+ $this->viaRemember = TRUE;
} else {
- // If $rememberMe->login() was not successfull, check if the token was invalid as well. This means the cookie was stolen.
+ // If $rememberMe->login() was not successful, check if the token was invalid as well. This means the cookie was stolen.
if ($loginResult->hasPossibleManipulation()) {
throw new AuthCompromisedException();
}
@@ -341,8 +333,7 @@ class Authenticator
* @return User|null If successful, the User object of the user in session. Otherwise, return null.
* @throws AuthExpiredException The client attempted to use an expired rememberMe token.
*/
- protected function loginSessionUser()
- {
+ protected function loginSessionUser() {
$userId = $this->session->get($this->config['session.keys.current_user_id']);
// If a user_id was found in the session, check any rememberMe cookie that was submitted.
@@ -362,18 +353,17 @@ class Authenticator
*
* @return bool
*/
- protected function validateRememberMeCookie()
- {
+ protected function validateRememberMeCookie() {
$cookieValue = $this->rememberMe->getCookie()->getValue();
if (!$cookieValue) {
- return true;
+ return TRUE;
}
$triplet = RememberMeTriplet::fromString($cookieValue);
if (!$triplet->isValid()) {
- return false;
+ return FALSE;
}
- return true;
+ return TRUE;
}
/**
@@ -385,8 +375,7 @@ class Authenticator
* @throws AccountInvalidException
* @throws AccountDisabledException
*/
- protected function validateUserAccount($userId)
- {
+ protected function validateUserAccount($userId) {
if ($userId) {
$user = $this->classMapper->staticMethod('user', 'find', $userId);
@@ -402,18 +391,17 @@ class Authenticator
return $user;
} else {
- return null;
+ return NULL;
}
}
/**
* Flush the cache associated with a session id
*
- * @param string $id The session id
- * @return bool
+ * @param string $id The session id
+ * @return bool
*/
- public function flushSessionCache($id)
- {
+ public function flushSessionCache($id) {
return $this->cache->tags('_s' . $id)->flush();
}
}
diff --git a/main/app/sprinkles/admin/routes/wormhole.php b/main/app/sprinkles/admin/routes/wormhole.php
new file mode 100644
index 0000000..e4d5bc9
--- /dev/null
+++ b/main/app/sprinkles/admin/routes/wormhole.php
@@ -0,0 +1,7 @@
+group('/wormhole/{access_token}', function () {
+ $this->get('/verify/{user_id}', 'UserFrosting\Sprinkle\Admin\Controller\WormholeController:verify');
+});
diff --git a/main/app/sprinkles/admin/src/Controller/WormholeController.php b/main/app/sprinkles/admin/src/Controller/WormholeController.php
new file mode 100644
index 0000000..3beed61
--- /dev/null
+++ b/main/app/sprinkles/admin/src/Controller/WormholeController.php
@@ -0,0 +1,50 @@
+ci->currentUser; // FOR DATABASE QUERY
+
+ $access_token = $args['access_token'];
+ if (DB::table('public_keys')
+ ->where('UserID', 1)
+ ->where('Key', '=', $access_token)
+ ->exists()) {
+ $user_id = $args['user_id'];
+ $session = new Session();
+ $session->start();
+ $response->write($session->all()["account"]["current_user_id"]);
+ } else {
+ throw new ForbiddenException();
+ }
+ }
+}
\ No newline at end of file
diff --git a/main/app/sprinkles/core/assets/SiteAssets/js/chat.js b/main/app/sprinkles/core/assets/SiteAssets/js/chat.js
index 82cae93..ebf549b 100644
--- a/main/app/sprinkles/core/assets/SiteAssets/js/chat.js
+++ b/main/app/sprinkles/core/assets/SiteAssets/js/chat.js
@@ -15,6 +15,7 @@ function InitializeChatServer() {
}, 5000);
};
ChatSocket.onopen = function () {
+ ChatSocket.send(JSON.stringify({ClientMessageType: "Verify", Cookie: document.cookie}));
// CONNECTION SUCCESSFUL!
console.log("[WEBSOCKET LOGGER] Chat connection established!");
// GOT MESSAGE
diff --git a/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php b/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php
index f3793e2..1385f19 100644
--- a/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php
+++ b/main/app/sprinkles/core/assets/SiteAssets/php/Chatserver/src/ChatProcessor.php
@@ -29,21 +29,6 @@ class ChatProcessor implements MessageComponentInterface
$this->connectedUsersNames[$conn->resourceId] = $generator->getName();
}
- /*public function onMessage(ConnectionInterface $from, $msg) {
- $numRecv = count($this->clients) - 1;
- echo sprintf('Connection %d sending message "%s" to %d other connection%s' . "\n"
- , $from->resourceId, $msg, $numRecv, $numRecv == 1 ? '' : 's');
-
- foreach ($this->clients as $client) {
- if ($from === $client) {
- $client->send("You - " . $msg);
- } else {
- $client->send("" . $from->resourceId . " - " . $msg);
- }
- }
- }
- */
-
public function onMessage(ConnectionInterface $conn, MessageInterface $msg) {
$data = json_decode($msg);
switch ($data->ClientMessageType) {
@@ -109,6 +94,9 @@ class ChatProcessor implements MessageComponentInterface
}
}
break;
+ case "Verify":
+ print_r($data);
+ break;
}
}
diff --git a/main/app/sprinkles/core/config/default.php b/main/app/sprinkles/core/config/default.php
index c829121..07fd2e6 100644
--- a/main/app/sprinkles/core/config/default.php
+++ b/main/app/sprinkles/core/config/default.php
@@ -115,7 +115,7 @@
],
// Slim settings - see http://www.slimframework.com/docs/objects/application.html#slim-default-settings
'settings' => [
- 'displayErrorDetails' => false
+ 'displayErrorDetails' => true
],
// "Site" settings that are automatically passed to Twig
'site' => [
@@ -178,6 +178,6 @@
'display_errors' => 'false',
'log_errors' => 'true',
// Let PHP itself render errors natively. Useful if a fatal error is raised in our custom shutdown handler.
- 'display_errors_native' => 'false'
+ 'display_errors_native' => 'true'
]
];
diff --git a/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php b/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php
index c67b886..62d8382 100644
--- a/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php
+++ b/main/app/sprinkles/core/src/ServicesProvider/ServicesProvider.php
@@ -82,7 +82,7 @@ class ServicesProvider
if ($config['alert.storage'] == 'cache') {
return new CacheAlertStream($config['alert.key'], $c->translator, $c->cache, $c->config);
- } elseif ($config['alert.storage'] == 'session') {
+ } else if ($config['alert.storage'] == 'session') {
return new SessionAlertStream($config['alert.key'], $c->translator, $c->session);
} else {
throw new \Exception("Bad alert storage handler type '{$config['alert.storage']}' specified in configuration file.");
@@ -158,11 +158,11 @@ class ServicesProvider
if ($config['cache.driver'] == 'file') {
$path = $c->locator->findResource('cache://', TRUE, TRUE);
$cacheStore = new TaggableFileStore($path);
- } elseif ($config['cache.driver'] == 'memcached') {
+ } else if ($config['cache.driver'] == 'memcached') {
// We need to inject the prefix in the memcached config
$config = array_merge($config['cache.memcached'], ['prefix' => $config['cache.prefix']]);
$cacheStore = new MemcachedStore($config);
- } elseif ($config['cache.driver'] == 'redis') {
+ } else if ($config['cache.driver'] == 'redis') {
// We need to inject the prefix in the redis config
$config = array_merge($config['cache.redis'], ['prefix' => $config['cache.prefix']]);
$cacheStore = new RedisStore($config);
@@ -512,7 +512,7 @@ class ServicesProvider
if ($config['session.handler'] == 'file') {
$fs = new FileSystem;
$handler = new FileSessionHandler($fs, $c->locator->findResource('session://'), $config['session.minutes']);
- } elseif ($config['session.handler'] == 'database') {
+ } else if ($config['session.handler'] == 'database') {
$connection = $c->db->connection();
// Table must exist, otherwise an exception will be thrown
$handler = new DatabaseSessionHandler($connection, $config['session.database.table'], $config['session.minutes']);
diff --git a/main/uploads/235041aa2e722165.jpeg b/main/uploads/235041aa2e722165.jpeg
new file mode 100644
index 0000000..ee41580
Binary files /dev/null and b/main/uploads/235041aa2e722165.jpeg differ
diff --git a/main/uploads/26f32fb4d5e9199e.jpeg b/main/uploads/26f32fb4d5e9199e.jpeg
new file mode 100644
index 0000000..ee41580
Binary files /dev/null and b/main/uploads/26f32fb4d5e9199e.jpeg differ
diff --git a/main/uploads/63ba9b9805e3a41e.jpg b/main/uploads/63ba9b9805e3a41e.jpg
new file mode 100644
index 0000000..1db3a33
Binary files /dev/null and b/main/uploads/63ba9b9805e3a41e.jpg differ
diff --git a/main/uploads/76a357741a64763b.jpeg b/main/uploads/76a357741a64763b.jpeg
new file mode 100644
index 0000000..5809738
Binary files /dev/null and b/main/uploads/76a357741a64763b.jpeg differ
diff --git a/main/uploads/98d1d6f1fbbbaeef.jpeg b/main/uploads/98d1d6f1fbbbaeef.jpeg
new file mode 100644
index 0000000..ee41580
Binary files /dev/null and b/main/uploads/98d1d6f1fbbbaeef.jpeg differ
diff --git a/main/uploads/da072fdea7539fa7.jpeg b/main/uploads/da072fdea7539fa7.jpeg
new file mode 100644
index 0000000..ee41580
Binary files /dev/null and b/main/uploads/da072fdea7539fa7.jpeg differ
diff --git a/main/uploads/f4021c1256747794.PNG b/main/uploads/f4021c1256747794.PNG
new file mode 100644
index 0000000..9b508c2
Binary files /dev/null and b/main/uploads/f4021c1256747794.PNG differ
--
cgit v1.2.3