github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-11-28 11:34:36 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: convert other middleware

Browse Source
This commit is contained in:
Sami Mazouz 2023-08-11 14:19:59 +01:00
parent 7d4549ea34
commit 495b24a5aa
No known key found for this signature in database
14 changed files with 137 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
framework/core/src/Http/Middleware/AuthenticateWithHeader.php
View File

@ -9,23 +9,26 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Api\ApiKey;
use Flarum\Http\AccessToken;
use Flarum\Http\RequestUtil;
use Flarum\User\User;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Symfony\Component\HttpFoundation\Response;
class AuthenticateWithHeader implements Middleware
class AuthenticateWithHeader implements IlluminateMiddlewareInterface
{
const TOKEN_PREFIX = 'Token ';
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$headerLine = $request->getHeaderLine('authorization');
$headerLine = $request->header('Authorization');
if (is_array($headerLine)) {
$headerLine = implode(',', $headerLine);
}
$parts = explode(';', $headerLine);
@ -55,7 +58,7 @@ class AuthenticateWithHeader implements Middleware
}
}
return $handler->handle($request);
return $next($request);
}
private function getUser(string $string): ?User

15
framework/core/src/Http/Middleware/AuthenticateWithSession.php
View File

@ -9,27 +9,26 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Http\AccessToken;
use Flarum\Http\RequestUtil;
use Flarum\User\Guest;
use Flarum\User\User;
use Illuminate\Contracts\Session\Session;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class AuthenticateWithSession implements Middleware
class AuthenticateWithSession implements IlluminateMiddlewareInterface
{
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$session = $request->getAttribute('session');
$session = $request->attributes->get('session');
$actor = $this->getActor($session, $request);
$request = RequestUtil::withActor($request, $actor);
return $handler->handle($request);
return $next($request);
}
private function getActor(Session $session, Request $request): Guest|User

28
framework/core/src/Http/Middleware/CheckCsrfToken.php
View File

@ -9,35 +9,34 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Http\Exception\TokenMismatchException;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class CheckCsrfToken implements Middleware
class CheckCsrfToken implements IlluminateMiddlewareInterface
{
public function __construct(
protected array $exemptRoutes
) {
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
if (in_array($request->getAttribute('routeName'), $this->exemptRoutes, true)) {
return $handler->handle($request);
if ($request->routeIs(...$this->exemptRoutes)) {
return $next($request);
}
if (in_array($request->getMethod(), ['GET', 'HEAD', 'OPTIONS'])) {
return $handler->handle($request);
return $next($request);
}
if ($request->getAttribute('bypassCsrfToken', false)) {
return $handler->handle($request);
if ($request->attributes->get('bypassCsrfToken', false)) {
return $next($request);
}
if ($this->tokensMatch($request)) {
return $handler->handle($request);
return $next($request);
}
throw new TokenMismatchException('CSRF token did not match');
@ -45,10 +44,9 @@ class CheckCsrfToken implements Middleware
private function tokensMatch(Request $request): bool
{
$expected = (string) $request->getAttribute('session')->token();
$expected = (string) $request->attributes->get('session')->token();
$provided = $request->getParsedBody()['csrfToken'] ??
$request->getHeaderLine('X-CSRF-Token');
$provided = $request->json('csrfToken', $request->header('X-CSRF-Token'));
return hash_equals($expected, $provided);
}

13
framework/core/src/Http/Middleware/CollectGarbage.php
View File

@ -10,18 +10,17 @@
namespace Flarum\Http\Middleware;
use Carbon\Carbon;
use Closure;
use Flarum\Http\AccessToken;
use Flarum\User\EmailToken;
use Flarum\User\PasswordToken;
use Flarum\User\RegistrationToken;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use SessionHandlerInterface;
use Symfony\Component\HttpFoundation\Response;
class CollectGarbage implements Middleware
class CollectGarbage implements IlluminateMiddlewareInterface
{
protected array $sessionConfig;
@ -32,11 +31,11 @@ class CollectGarbage implements Middleware
$this->sessionConfig = (array) $config->get('session');
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$this->collectGarbageSometimes();
return $handler->handle($request);
return $next($request);
}
private function collectGarbageSometimes(): void

20
framework/core/src/Http/Middleware/ContentTypeOptionsHeader.php
View File

@ -9,17 +9,21 @@
namespace Flarum\Http\Middleware;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class ContentTypeOptionsHeader implements Middleware
class ContentTypeOptionsHeader implements IlluminateMiddlewareInterface
{
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
/**
* @inheritDoc
*/
public function handle(Request $request, Closure $next): Response
{
$response = $handler->handle($request);
$response = $next($request);
return $response->withAddedHeader('X-Content-Type-Options', 'nosniff');
$response->headers->set('X-Content-Type-Options', 'nosniff');
return $response;
}
}

18
framework/core/src/Http/Middleware/FlarumPromotionHeader.php
View File

@ -9,14 +9,13 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Foundation\Config;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface;
use Symfony\Component\HttpFoundation\Response;
class FlarumPromotionHeader implements Middleware
class FlarumPromotionHeader implements IlluminateMiddlewareInterface
{
protected bool $enabled = true;
@ -25,12 +24,15 @@ class FlarumPromotionHeader implements Middleware
$this->enabled = (bool) (Arr::get($config, 'headers.poweredByHeader') ?? true);
}
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
/**
* @inheritDoc
*/
public function handle(Request $request, Closure $next): Response
{
$response = $handler->handle($request);
$response = $next($request);
if ($this->enabled) {
$response = $response->withAddedHeader('X-Powered-By', 'Flarum');
$response->headers->set('X-Powered-By', 'Flarum');
}
return $response;

13
framework/core/src/Http/Middleware/HandleErrors.php
View File

@ -9,12 +9,11 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Foundation\ErrorHandling\HttpFormatter;
use Flarum\Foundation\ErrorHandling\Registry;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Throwable;
/**
@ -24,7 +23,7 @@ use Throwable;
* unknown errors will be passed on to one or multiple
* {@see \Flarum\Foundation\ErrorHandling\Reporter} instances.
*/
class HandleErrors implements Middleware
class HandleErrors implements IlluminateMiddlewareInterface
{
public function __construct(
protected Registry $registry,
@ -37,10 +36,10 @@ class HandleErrors implements Middleware
/**
* Catch all errors that happen during further middleware execution.
*/
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
try {
return $handler->handle($request);
return $next($request);
} catch (Throwable $e) {
$error = $this->registry->handle($e);

17
framework/core/src/Http/Middleware/IlluminateMiddlewareInterface.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace Flarum\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
interface IlluminateMiddlewareInterface
{
/**
* Handle an incoming request.
*
* @param Closure(Request): (Response) $next
*/
public function handle(Request $request, Closure $next): Response;
}

13
framework/core/src/Http/Middleware/InjectActorReference.php
View File

@ -9,19 +9,18 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Http\RequestUtil;
use Flarum\User\Guest;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class InjectActorReference implements Middleware
class InjectActorReference implements IlluminateMiddlewareInterface
{
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$request = RequestUtil::withActor($request, new Guest);
return $handler->handle($request);
return $next($request);
}
}

20
framework/core/src/Http/Middleware/ReferrerPolicyHeader.php
View File

@ -9,14 +9,13 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Foundation\Config;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface;
use Symfony\Component\HttpFoundation\Response;
class ReferrerPolicyHeader implements Middleware
class ReferrerPolicyHeader implements IlluminateMiddlewareInterface
{
protected string $policy = '';
@ -25,10 +24,15 @@ class ReferrerPolicyHeader implements Middleware
$this->policy = strval(Arr::get($config, 'headers.referrerPolicy') ?? 'same-origin');
}
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
/**
* @inheritDoc
*/
public function handle(Request $request, Closure $next): Response
{
$response = $handler->handle($request);
$response = $next($request);
return $response->withAddedHeader('Referrer-Policy', $this->policy);
$response->headers->set('Referrer-Policy', $this->policy);
return $response;
}
}

18
framework/core/src/Http/Middleware/RememberFromCookie.php
View File

@ -9,25 +9,23 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Http\AccessToken;
use Flarum\Http\CookieFactory;
use Flarum\Http\RememberAccessToken;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class RememberFromCookie implements Middleware
class RememberFromCookie implements IlluminateMiddlewareInterface
{
public function __construct(
protected CookieFactory $cookie
) {
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$id = Arr::get($request->getCookieParams(), $this->cookie->getName('remember'));
$id = $request->cookie($this->cookie->getName('remember'));
if ($id) {
$token = AccessToken::findValid($id);
@ -36,11 +34,11 @@ class RememberFromCookie implements Middleware
$token->touch(request: $request);
/** @var \Illuminate\Contracts\Session\Session $session */
$session = $request->getAttribute('session');
$session = $request->attributes->get('session');
$session->put('access_token', $token->token);
}
}
return $handler->handle($request);
return $next($request);
}
}

18
framework/core/src/Http/Middleware/SetLocale.php
View File

@ -9,37 +9,35 @@
namespace Flarum\Http\Middleware;
use Closure;
use Flarum\Http\RequestUtil;
use Flarum\Locale\LocaleManager;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class SetLocale implements Middleware
class SetLocale implements IlluminateMiddlewareInterface
{
public function __construct(
protected LocaleManager $locales
) {
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$actor = RequestUtil::getActor($request);
if ($actor->exists) {
$locale = $actor->getPreference('locale');
} else {
$locale = Arr::get($request->getCookieParams(), 'locale');
$locale = $request->cookie('locale');
}
if ($locale && $this->locales->hasLocale($locale)) {
$this->locales->setLocale($locale);
}
$request = $request->withAttribute('locale', $this->locales->getLocale());
$request->attributes->set('locale', $this->locales->getLocale());
return $handler->handle($request);
return $next($request);
}
}

15
framework/core/src/Http/Middleware/ShareErrorsFromSession.php
View File

@ -9,28 +9,27 @@
namespace Flarum\Http\Middleware;
use Closure;
use Illuminate\Contracts\View\Factory as ViewFactory;
use Illuminate\Http\Request;
use Illuminate\Support\ViewErrorBag;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use Symfony\Component\HttpFoundation\Response;
/**
* Inspired by Illuminate\View\Middleware\ShareErrorsFromSession.
*
* @author Taylor Otwell
*/
class ShareErrorsFromSession implements Middleware
class ShareErrorsFromSession implements IlluminateMiddlewareInterface
{
public function __construct(
protected ViewFactory $view
) {
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$session = $request->getAttribute('session');
$session = $request->attributes->get('session');
// If the current session has an "errors" variable bound to it, we will share
// its value with all view instances so the views can easily access errors
@ -46,6 +45,6 @@ class ShareErrorsFromSession implements Middleware
$session->remove('errors');
return $handler->handle($request);
return $next($request);
}
}

30
framework/core/src/Http/Middleware/StartSession.php
View File

@ -9,19 +9,17 @@
namespace Flarum\Http\Middleware;
use Dflydev\FigCookies\FigResponseCookies;
use Closure;
use Flarum\Http\CookieFactory;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Illuminate\Contracts\Session\Session;
use Illuminate\Http\Request;
use Illuminate\Session\Store;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\MiddlewareInterface as Middleware;
use Psr\Http\Server\RequestHandlerInterface as Handler;
use SessionHandlerInterface;
use Symfony\Component\HttpFoundation\Response;
class StartSession implements Middleware
class StartSession implements IlluminateMiddlewareInterface
{
protected array $config;
@ -33,20 +31,21 @@ class StartSession implements Middleware
$this->config = (array) $config->get('session');
}
public function process(Request $request, Handler $handler): Response
public function handle(Request $request, Closure $next): Response
{
$request = $request->withAttribute(
$request->attributes->set(
'session',
$session = $this->makeSession($request)
);
$session->start();
$response = $handler->handle($request);
$response = $next($request);
$session->save();
$response = $this->withCsrfTokenHeader($response, $session);
$this->setCsrfTokenHeader($response, $session);
$this->setSessionCookie($response, $session);
return $this->withSessionCookie($response, $session);
return $response;
}
private function makeSession(Request $request): Session
@ -58,15 +57,14 @@ class StartSession implements Middleware
);
}
private function withCsrfTokenHeader(Response $response, Session $session): Response
private function setCsrfTokenHeader(Response $response, Session $session): void
{
return $response->withHeader('X-CSRF-Token', $session->token());
$response->headers->set('X-CSRF-Token', $session->token());
}
private function withSessionCookie(Response $response, Session $session): Response
private function setSessionCookie(Response $response, Session $session): void
{
return FigResponseCookies::set(
$response,
$response->headers->setCookie(
$this->cookie->make($session->getName(), $session->getId(), $this->getSessionLifetimeInSeconds())
);
}