mirror of
https://github.com/flarum/framework.git
synced 2024-12-01 05:53:45 +08:00
chore: convert other middleware
This commit is contained in:
parent
7d4549ea34
commit
495b24a5aa
|
@ -9,23 +9,26 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Api\ApiKey;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Str;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class AuthenticateWithHeader implements Middleware
|
||||
class AuthenticateWithHeader implements IlluminateMiddlewareInterface
|
||||
{
|
||||
const TOKEN_PREFIX = 'Token ';
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$headerLine = $request->getHeaderLine('authorization');
|
||||
$headerLine = $request->header('Authorization');
|
||||
|
||||
if (is_array($headerLine)) {
|
||||
$headerLine = implode(',', $headerLine);
|
||||
}
|
||||
|
||||
$parts = explode(';', $headerLine);
|
||||
|
||||
|
@ -55,7 +58,7 @@ class AuthenticateWithHeader implements Middleware
|
|||
}
|
||||
}
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
private function getUser(string $string): ?User
|
||||
|
|
|
@ -9,27 +9,26 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Guest;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Contracts\Session\Session;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class AuthenticateWithSession implements Middleware
|
||||
class AuthenticateWithSession implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$session = $request->getAttribute('session');
|
||||
$session = $request->attributes->get('session');
|
||||
|
||||
$actor = $this->getActor($session, $request);
|
||||
|
||||
$request = RequestUtil::withActor($request, $actor);
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
private function getActor(Session $session, Request $request): Guest|User
|
||||
|
|
|
@ -9,35 +9,34 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Http\Exception\TokenMismatchException;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class CheckCsrfToken implements Middleware
|
||||
class CheckCsrfToken implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function __construct(
|
||||
protected array $exemptRoutes
|
||||
) {
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if (in_array($request->getAttribute('routeName'), $this->exemptRoutes, true)) {
|
||||
return $handler->handle($request);
|
||||
if ($request->routeIs(...$this->exemptRoutes)) {
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
if (in_array($request->getMethod(), ['GET', 'HEAD', 'OPTIONS'])) {
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
if ($request->getAttribute('bypassCsrfToken', false)) {
|
||||
return $handler->handle($request);
|
||||
if ($request->attributes->get('bypassCsrfToken', false)) {
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
if ($this->tokensMatch($request)) {
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
throw new TokenMismatchException('CSRF token did not match');
|
||||
|
@ -45,10 +44,9 @@ class CheckCsrfToken implements Middleware
|
|||
|
||||
private function tokensMatch(Request $request): bool
|
||||
{
|
||||
$expected = (string) $request->getAttribute('session')->token();
|
||||
$expected = (string) $request->attributes->get('session')->token();
|
||||
|
||||
$provided = $request->getParsedBody()['csrfToken'] ??
|
||||
$request->getHeaderLine('X-CSRF-Token');
|
||||
$provided = $request->json('csrfToken', $request->header('X-CSRF-Token'));
|
||||
|
||||
return hash_equals($expected, $provided);
|
||||
}
|
||||
|
|
|
@ -10,18 +10,17 @@
|
|||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Carbon\Carbon;
|
||||
use Closure;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\User\EmailToken;
|
||||
use Flarum\User\PasswordToken;
|
||||
use Flarum\User\RegistrationToken;
|
||||
use Illuminate\Contracts\Config\Repository as ConfigRepository;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use SessionHandlerInterface;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class CollectGarbage implements Middleware
|
||||
class CollectGarbage implements IlluminateMiddlewareInterface
|
||||
{
|
||||
protected array $sessionConfig;
|
||||
|
||||
|
@ -32,11 +31,11 @@ class CollectGarbage implements Middleware
|
|||
$this->sessionConfig = (array) $config->get('session');
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$this->collectGarbageSometimes();
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
private function collectGarbageSometimes(): void
|
||||
|
|
|
@ -9,17 +9,21 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface;
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class ContentTypeOptionsHeader implements Middleware
|
||||
class ContentTypeOptionsHeader implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$response = $handler->handle($request);
|
||||
$response = $next($request);
|
||||
|
||||
return $response->withAddedHeader('X-Content-Type-Options', 'nosniff');
|
||||
$response->headers->set('X-Content-Type-Options', 'nosniff');
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,14 +9,13 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Foundation\Config;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class FlarumPromotionHeader implements Middleware
|
||||
class FlarumPromotionHeader implements IlluminateMiddlewareInterface
|
||||
{
|
||||
protected bool $enabled = true;
|
||||
|
||||
|
@ -25,12 +24,15 @@ class FlarumPromotionHeader implements Middleware
|
|||
$this->enabled = (bool) (Arr::get($config, 'headers.poweredByHeader') ?? true);
|
||||
}
|
||||
|
||||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$response = $handler->handle($request);
|
||||
$response = $next($request);
|
||||
|
||||
if ($this->enabled) {
|
||||
$response = $response->withAddedHeader('X-Powered-By', 'Flarum');
|
||||
$response->headers->set('X-Powered-By', 'Flarum');
|
||||
}
|
||||
|
||||
return $response;
|
||||
|
|
|
@ -9,12 +9,11 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Foundation\ErrorHandling\HttpFormatter;
|
||||
use Flarum\Foundation\ErrorHandling\Registry;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Throwable;
|
||||
|
||||
/**
|
||||
|
@ -24,7 +23,7 @@ use Throwable;
|
|||
* unknown errors will be passed on to one or multiple
|
||||
* {@see \Flarum\Foundation\ErrorHandling\Reporter} instances.
|
||||
*/
|
||||
class HandleErrors implements Middleware
|
||||
class HandleErrors implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function __construct(
|
||||
protected Registry $registry,
|
||||
|
@ -37,10 +36,10 @@ class HandleErrors implements Middleware
|
|||
/**
|
||||
* Catch all errors that happen during further middleware execution.
|
||||
*/
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
try {
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
} catch (Throwable $e) {
|
||||
$error = $this->registry->handle($e);
|
||||
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
interface IlluminateMiddlewareInterface
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param Closure(Request): (Response) $next
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response;
|
||||
}
|
|
@ -9,19 +9,18 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Guest;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class InjectActorReference implements Middleware
|
||||
class InjectActorReference implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$request = RequestUtil::withActor($request, new Guest);
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,14 +9,13 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Foundation\Config;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class ReferrerPolicyHeader implements Middleware
|
||||
class ReferrerPolicyHeader implements IlluminateMiddlewareInterface
|
||||
{
|
||||
protected string $policy = '';
|
||||
|
||||
|
@ -25,10 +24,15 @@ class ReferrerPolicyHeader implements Middleware
|
|||
$this->policy = strval(Arr::get($config, 'headers.referrerPolicy') ?? 'same-origin');
|
||||
}
|
||||
|
||||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$response = $handler->handle($request);
|
||||
$response = $next($request);
|
||||
|
||||
return $response->withAddedHeader('Referrer-Policy', $this->policy);
|
||||
$response->headers->set('Referrer-Policy', $this->policy);
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,25 +9,23 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\CookieFactory;
|
||||
use Flarum\Http\RememberAccessToken;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class RememberFromCookie implements Middleware
|
||||
class RememberFromCookie implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function __construct(
|
||||
protected CookieFactory $cookie
|
||||
) {
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$id = Arr::get($request->getCookieParams(), $this->cookie->getName('remember'));
|
||||
$id = $request->cookie($this->cookie->getName('remember'));
|
||||
|
||||
if ($id) {
|
||||
$token = AccessToken::findValid($id);
|
||||
|
@ -36,11 +34,11 @@ class RememberFromCookie implements Middleware
|
|||
$token->touch(request: $request);
|
||||
|
||||
/** @var \Illuminate\Contracts\Session\Session $session */
|
||||
$session = $request->getAttribute('session');
|
||||
$session = $request->attributes->get('session');
|
||||
$session->put('access_token', $token->token);
|
||||
}
|
||||
}
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,37 +9,35 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Locale\LocaleManager;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class SetLocale implements Middleware
|
||||
class SetLocale implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function __construct(
|
||||
protected LocaleManager $locales
|
||||
) {
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if ($actor->exists) {
|
||||
$locale = $actor->getPreference('locale');
|
||||
} else {
|
||||
$locale = Arr::get($request->getCookieParams(), 'locale');
|
||||
$locale = $request->cookie('locale');
|
||||
}
|
||||
|
||||
if ($locale && $this->locales->hasLocale($locale)) {
|
||||
$this->locales->setLocale($locale);
|
||||
}
|
||||
|
||||
$request = $request->withAttribute('locale', $this->locales->getLocale());
|
||||
$request->attributes->set('locale', $this->locales->getLocale());
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,28 +9,27 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Contracts\View\Factory as ViewFactory;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\ViewErrorBag;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
/**
|
||||
* Inspired by Illuminate\View\Middleware\ShareErrorsFromSession.
|
||||
*
|
||||
* @author Taylor Otwell
|
||||
*/
|
||||
class ShareErrorsFromSession implements Middleware
|
||||
class ShareErrorsFromSession implements IlluminateMiddlewareInterface
|
||||
{
|
||||
public function __construct(
|
||||
protected ViewFactory $view
|
||||
) {
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$session = $request->getAttribute('session');
|
||||
$session = $request->attributes->get('session');
|
||||
|
||||
// If the current session has an "errors" variable bound to it, we will share
|
||||
// its value with all view instances so the views can easily access errors
|
||||
|
@ -46,6 +45,6 @@ class ShareErrorsFromSession implements Middleware
|
|||
|
||||
$session->remove('errors');
|
||||
|
||||
return $handler->handle($request);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,19 +9,17 @@
|
|||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Dflydev\FigCookies\FigResponseCookies;
|
||||
use Closure;
|
||||
use Flarum\Http\CookieFactory;
|
||||
use Illuminate\Contracts\Config\Repository as ConfigRepository;
|
||||
use Illuminate\Contracts\Session\Session;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Session\Store;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
||||
use SessionHandlerInterface;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class StartSession implements Middleware
|
||||
class StartSession implements IlluminateMiddlewareInterface
|
||||
{
|
||||
protected array $config;
|
||||
|
||||
|
@ -33,20 +31,21 @@ class StartSession implements Middleware
|
|||
$this->config = (array) $config->get('session');
|
||||
}
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$request = $request->withAttribute(
|
||||
$request->attributes->set(
|
||||
'session',
|
||||
$session = $this->makeSession($request)
|
||||
);
|
||||
|
||||
$session->start();
|
||||
$response = $handler->handle($request);
|
||||
$response = $next($request);
|
||||
$session->save();
|
||||
|
||||
$response = $this->withCsrfTokenHeader($response, $session);
|
||||
$this->setCsrfTokenHeader($response, $session);
|
||||
$this->setSessionCookie($response, $session);
|
||||
|
||||
return $this->withSessionCookie($response, $session);
|
||||
return $response;
|
||||
}
|
||||
|
||||
private function makeSession(Request $request): Session
|
||||
|
@ -58,15 +57,14 @@ class StartSession implements Middleware
|
|||
);
|
||||
}
|
||||
|
||||
private function withCsrfTokenHeader(Response $response, Session $session): Response
|
||||
private function setCsrfTokenHeader(Response $response, Session $session): void
|
||||
{
|
||||
return $response->withHeader('X-CSRF-Token', $session->token());
|
||||
$response->headers->set('X-CSRF-Token', $session->token());
|
||||
}
|
||||
|
||||
private function withSessionCookie(Response $response, Session $session): Response
|
||||
private function setSessionCookie(Response $response, Session $session): void
|
||||
{
|
||||
return FigResponseCookies::set(
|
||||
$response,
|
||||
$response->headers->setCookie(
|
||||
$this->cookie->make($session->getName(), $session->getId(), $this->getSessionLifetimeInSeconds())
|
||||
);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user