Skip to content

Commit

Permalink
Redirect + HSTS support
Browse files Browse the repository at this point in the history
  • Loading branch information
@BelleNottelling
BelleNottelling committed Nov 10, 2023
1 parent 01f0ab2 commit cf6d13d
Show file tree
Hide file tree
Showing 8 changed files with 165 additions and 50 deletions.
1 change: 1 addition & 0 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
"elgigi/commonmark-emoji": "^2.0",
"embed/embed": "^4.4",
"league/commonmark": "^2.3",
"middlewares/https": "^2.0",
"nyholm/psr7": "^1.8",
"nyholm/psr7-server": "^1.1",
"psr/http-message": "2.0 as 1.1",
Expand Down
117 changes: 116 additions & 1 deletion composer.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

26 changes: 24 additions & 2 deletions src/AntCMS/AntCMS.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,20 @@
use AntCMS\AntConfig;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
use Psr\Http\Message\UriInterface;

class AntCMS
{
protected $antTwig;
protected ?Response $response = null;
protected ?Request $request = null;
protected ?App $app = null;

public function __construct()
public function __construct(?App $app)
{
$this->antTwig = new AntTwig();
$this->app = $app;
}

public function SetResponse(?Response $response): void
Expand All @@ -39,6 +43,11 @@ public function getRequest(): ?Request
return $this->request;
}

public function getApp()
{
return $this->app;
}

/**
* Renders the page based on the request URI
*/
Expand Down Expand Up @@ -257,7 +266,20 @@ public function serveContent(): Response
}
}

public static function redirect(string $url)
public function redirect(string|UriInterface $url, int $code = 307): Response
{
if (!is_string($url)) {
$url = $url->__toString();
}
$response = $this->response->withStatus($code);
return $response->withHeader('Location', $url);
}

/**
* Old redirect function.
* TODO: Remove this once the other functions have been updated to no longer rely on this
*/
public static function redirectWithoutRequest(string $url)
{
$url = '//' . AntTools::repairURL(AntConfig::currentConfig('baseURL') . $url);
header("Location: $url");
Expand Down
23 changes: 0 additions & 23 deletions src/AntCMS/AntRouting.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,21 +42,6 @@ public function requestUriUnshift(string $append): void
$this->requestUri = implode('/', $this->uriExploded);
}

/**
* Used to detect if the current request is over HTTPS. If the request is over HTTP, it'll redirect to HTTPS.
*/
public function redirectHttps(): void
{
$scheme = $_SERVER['HTTPS'] ?? $_SERVER['REQUEST_SCHEME'] ?? $_SERVER['HTTP_X_FORWARDED_PROTO'] ?? null;
$isHttps = !empty($scheme) && (strcasecmp('on', $scheme) == 0 || strcasecmp('https', $scheme) == 0);

if (!$isHttps) {
$url = 'https://' . AntTools::repairURL($this->baseUrl . $this->requestUri);
header('Location: ' . $url);
exit;
}
}

/**
* Used to check if the current request URI matches a specified route.
* Supports using '*' as a wild-card. Ex: '/admin/*' will match '/admin/somthing' and '/admin'
Expand Down Expand Up @@ -108,14 +93,6 @@ public function routeToPlugin(): void
exit;
}

/**
* @return bool Returns true if the current request URI is an index request.
*/
public function isIndex(): bool
{
return (in_array($this->requestUri, $this->indexes));
}

private function setExplodedUri(string $uri): void
{
$exploaded = explode('/', $uri);
Expand Down
4 changes: 2 additions & 2 deletions src/AntCMS/AntUsers.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ public static function getUsers()
if (file_exists(antUsersList)) {
return AntYaml::parseFile(antUsersList);
} else {
AntCMS::redirect('/profile/firsttime');
AntCMS::redirectWithoutRequest('/profile/firsttime');
}
}

Expand Down Expand Up @@ -101,7 +101,7 @@ public static function updateUser($username, $newData)
public static function setupFirstUser($data)
{
if (file_exists(antUsersList)) {
AntCMS::redirect('/');
AntCMS::redirectWithoutRequest('/');
}

$data['username'] = trim($data['username']);
Expand Down
22 changes: 11 additions & 11 deletions src/Plugins/Admin/AdminPlugin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,15 +90,15 @@ private function configureAntCMS(array $route)

case 'save':
if (!$_POST['textarea']) {
AntCMS::redirect('/admin/config');
AntCMS::redirectWithoutRequest('/admin/config');
}

$yaml = AntYaml::parseYaml($_POST['textarea']);
if (is_array($yaml)) {
AntYaml::saveFile(antConfigFile, $yaml);
}

AntCMS::redirect('/admin/config');
AntCMS::redirectWithoutRequest('/admin/config');
break;

default:
Expand Down Expand Up @@ -141,7 +141,7 @@ private function managePages(array $route)
switch ($route[0] ?? 'none') {
case 'regenerate':
AntPages::generatePages();
AntCMS::redirect('/admin/pages');
AntCMS::redirectWithoutRequest('/admin/pages');
exit;

case 'edit':
Expand Down Expand Up @@ -176,11 +176,11 @@ private function managePages(array $route)
$pagePath = AntTools::repairFilePath(antContentPath . '/' . implode('/', $route));

if (!isset($_POST['textarea'])) {
AntCMS::redirect('/admin/pages');
AntCMS::redirectWithoutRequest('/admin/pages');
}

file_put_contents($pagePath, $_POST['textarea']);
AntCMS::redirect('/admin/pages');
AntCMS::redirectWithoutRequest('/admin/pages');
exit;

case 'create':
Expand All @@ -204,7 +204,7 @@ private function managePages(array $route)
AntYaml::saveFile(antPagesList, $pages);
}

AntCMS::redirect('/admin/pages');
AntCMS::redirectWithoutRequest('/admin/pages');
break;

case 'togglevisibility':
Expand All @@ -218,7 +218,7 @@ private function managePages(array $route)
}

AntYaml::saveFile(antPagesList, $pages);
AntCMS::redirect('/admin/pages');
AntCMS::redirectWithoutRequest('/admin/pages');
break;

default:
Expand Down Expand Up @@ -263,7 +263,7 @@ private function userManagement(array $route)
$user = AntUsers::getUserPublicalKeys($route[1]);

if (!$user) {
AntCMS::redirect('/admin/users');
AntCMS::redirectWithoutRequest('/admin/users');
}

$user['username'] = $route[1];
Expand All @@ -276,7 +276,7 @@ private function userManagement(array $route)
$user = AntUsers::getUserPublicalKeys($route[1]);

if (!$user) {
AntCMS::redirect('/admin/users');
AntCMS::redirectWithoutRequest('/admin/users');
}

$user['username'] = $route[1];
Expand All @@ -298,11 +298,11 @@ private function userManagement(array $route)
}

AntUsers::updateUser($_POST['originalusername'], $data);
AntCMS::redirect('/admin/users');
AntCMS::redirectWithoutRequest('/admin/users');
break;
case 'savenew':
AntUsers::addUser($_POST);
AntCMS::redirect('/admin/users');
AntCMS::redirectWithoutRequest('/admin/users');
break;

default:
Expand Down
14 changes: 7 additions & 7 deletions src/Plugins/Profile/ProfilePlugin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,14 +28,14 @@ public function handlePluginRoute(array $route)
switch ($currentStep) {
case 'firsttime':
if (file_exists(antUsersList)) {
AntCMS::redirect('/admin');
AntCMS::redirectWithoutRequest('/admin');
}
echo $this->antTwig->renderWithSubLayout('profile_firstTime', $params);
break;

case 'submitfirst':
if (file_exists(antUsersList)) {
AntCMS::redirect('/admin');
AntCMS::redirectWithoutRequest('/admin');
}

if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['display-name'])) {
Expand All @@ -45,9 +45,9 @@ public function handlePluginRoute(array $route)
'name' => $_POST['display-name'],
];
AntUsers::setupFirstUser($data);
AntCMS::redirect('/admin');
AntCMS::redirectWithoutRequest('/admin');
} else {
AntCMS::redirect('/profile/firsttime');
AntCMS::redirectWithoutRequest('/profile/firsttime');
}
break;

Expand All @@ -56,7 +56,7 @@ public function handlePluginRoute(array $route)
$user = AntUsers::getUserPublicalKeys($this->antAuth->getUsername());

if (!$user) {
AntCMS::redirect('/profile');
AntCMS::redirectWithoutRequest('/profile');
}

$user['username'] = $this->antAuth->getUsername();
Expand All @@ -70,7 +70,7 @@ public function handlePluginRoute(array $route)
$user = AntUsers::getUserPublicalKeys($this->antAuth->getUsername());

if (!$user) {
AntCMS::redirect('/profile');
AntCMS::redirectWithoutRequest('/profile');
}

$user['username'] = $this->antAuth->getUsername();
Expand All @@ -92,7 +92,7 @@ public function handlePluginRoute(array $route)
}

AntUsers::updateUser($this->antAuth->getUsername(), $data);
AntCMS::redirect('/profile');
AntCMS::redirectWithoutRequest('/profile');
break;

case 'logout':
Expand Down
Loading

0 comments on commit cf6d13d

Please sign in to comment.