diff options
| author |  Dag <me@dvikan.no>
| 2024-08-30 00:07:58 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2024-08-30 00:07:58 +0200 |
| commit | 39952c2d95cf4806063abbc2c7508cf9ab4f93e5 (patch) | |
| tree | c3528c58eee65819754335c3ba2cd59e08fdf0a0 /lib | |
| parent | e7ae06dcf08f0c977a231bb1ce9cb0b6657b4cfd (diff) | |
| download | rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.tar.gz rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.tar.zst rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.zip | |
refactor: implement middleware chain (#4240)
* refactor: implement middleware chain
* refactor
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/RssBridge.php | 77 | ||||
| -rw-r--r-- | lib/bootstrap.php | 1 |
2 files changed, 16 insertions, 62 deletions
diff --git a/lib/RssBridge.php b/lib/RssBridge.php index 9c8f5767..230488bf 100644 --- a/lib/RssBridge.php +++ b/lib/RssBridge.php @@ -12,63 +12,6 @@ final class RssBridge public function main(Request $request): Response { - foreach ($request->toArray() as $key => $value) { - if (!is_string($value)) { - return new Response(render(__DIR__ . '/../templates/error.html.php', [ - 'message' => "Query parameter \"$key\" is not a string.", - ]), 400); - } - } - - if (Configuration::getConfig('system', 'enable_maintenance_mode')) { - return new Response(render(__DIR__ . '/../templates/error.html.php', [ - 'title' => '503 Service Unavailable', - 'message' => 'RSS-Bridge is down for maintenance.', - ]), 503); - } - - // HTTP Basic auth check - if (Configuration::getConfig('authentication', 'enable')) { - if (Configuration::getConfig('authentication', 'password') === '') { - return new Response('The authentication password cannot be the empty string', 500); - } - $user = $request->server('PHP_AUTH_USER'); - $password = $request->server('PHP_AUTH_PW'); - if ($user === null || $password === null) { - $html = render(__DIR__ . '/../templates/error.html.php', [ - 'message' => 'Please authenticate in order to access this instance!', - ]); - return new Response($html, 401, ['WWW-Authenticate' => 'Basic realm="RSS-Bridge"']); - } - if ( - (Configuration::getConfig('authentication', 'username') !== $user) - || (! hash_equals(Configuration::getConfig('authentication', 'password'), $password)) - ) { - $html = render(__DIR__ . '/../templates/error.html.php', [ - 'message' => 'Please authenticate in order to access this instance!', - ]); - return new Response($html, 401, ['WWW-Authenticate' => 'Basic realm="RSS-Bridge"']); - } - // At this point the username and password was correct - } - - // Add token as attribute to request - $request = $request->withAttribute('token', $request->get('token')); - - // Token authentication check - if (Configuration::getConfig('authentication', 'token')) { - if (! $request->attribute('token')) { - return new Response(render(__DIR__ . '/../templates/token.html.php', [ - 'message' => '', - ]), 401); - } - if (! hash_equals(Configuration::getConfig('authentication', 'token'), $request->attribute('token'))) { - return new Response(render(__DIR__ . '/../templates/token.html.php', [ - 'message' => 'Invalid token', - ]), 401); - } - } - $action = $request->get('action', 'Frontpage'); $actionName = strtolower($action) . 'Action'; $actionName = implode(array_map('ucfirst', explode('-', $actionName))); @@ -77,11 +20,21 @@ final class RssBridge return new Response(render(__DIR__ . '/../templates/error.html.php', ['message' => 'Invalid action']), 400); } - $controller = self::$container[$actionName]; - - $response = $controller($request); - - return $response; + $handler = self::$container[$actionName]; + + $middlewares = [ + new SecurityMiddleware(), + new MaintenanceMiddleware(), + new BasicAuthMiddleware(), + new TokenAuthenticationMiddleware(), + ]; + $action = function ($req) use ($handler) { + return $handler($req); + }; + foreach (array_reverse($middlewares) as $middleware) { + $action = fn ($req) => $middleware($req, $action); + } + return $action($request); } public static function getLogger(): Logger diff --git a/lib/bootstrap.php b/lib/bootstrap.php index 1d866067..36b13e19 100644 --- a/lib/bootstrap.php +++ b/lib/bootstrap.php @@ -37,6 +37,7 @@ spl_autoload_register(function ($className) { __DIR__ . '/../caches/', __DIR__ . '/../formats/', __DIR__ . '/../lib/', + __DIR__ . '/../middlewares/', ]; foreach ($folders as $folder) { $file = $folder . $className . '.php'; |