mirror of
https://github.com/bitinflow/expose.git
synced 2026-03-13 13:35:54 +00:00
Associate shared sites with auth tokens
This commit is contained in:
Marcel Pociot
@@ -4,6 +4,7 @@ namespace App\Server\Connections;
|
||||
|
||||
use App\Contracts\ConnectionManager as ConnectionManagerContract;
|
||||
use App\Contracts\SubdomainGenerator;
|
||||
use App\Http\QueryParameters;
|
||||
use Ratchet\ConnectionInterface;
|
||||
use React\EventLoop\LoopInterface;
|
||||
|
||||
@@ -46,7 +47,13 @@ class ConnectionManager implements ConnectionManagerContract
|
||||
|
||||
$connection->client_id = $clientId;
|
||||
|
||||
$storedConnection = new ControlConnection($connection, $host, $subdomain ?? $this->subdomainGenerator->generateSubdomain(), $clientId);
|
||||
$storedConnection = new ControlConnection(
|
||||
$connection,
|
||||
$host,
|
||||
$subdomain ?? $this->subdomainGenerator->generateSubdomain(),
|
||||
$clientId,
|
||||
$this->getAuthTokenFromConnection($connection)
|
||||
);
|
||||
|
||||
$this->connections[] = $storedConnection;
|
||||
|
||||
@@ -99,4 +106,21 @@ class ConnectionManager implements ConnectionManagerContract
|
||||
{
|
||||
return $this->connections;
|
||||
}
|
||||
|
||||
protected function getAuthTokenFromConnection(ConnectionInterface $connection): string
|
||||
{
|
||||
return QueryParameters::create($connection->httpRequest)->get('authToken');
|
||||
}
|
||||
|
||||
public function getConnectionsForAuthToken(string $authToken): array
|
||||
{
|
||||
return collect($this->connections)
|
||||
->filter(function ($connection) use ($authToken) {
|
||||
return $connection->authToken === $authToken;
|
||||
})
|
||||
->map(function ($connection) {
|
||||
return $connection->toArray();
|
||||
})
|
||||
->toArray();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,17 +12,19 @@ class ControlConnection
|
||||
/** @var ConnectionInterface */
|
||||
public $socket;
|
||||
public $host;
|
||||
public $authToken;
|
||||
public $subdomain;
|
||||
public $client_id;
|
||||
public $proxies = [];
|
||||
protected $shared_at;
|
||||
|
||||
public function __construct(ConnectionInterface $socket, string $host, string $subdomain, string $clientId)
|
||||
public function __construct(ConnectionInterface $socket, string $host, string $subdomain, string $clientId, string $authToken = '')
|
||||
{
|
||||
$this->socket = $socket;
|
||||
$this->host = $host;
|
||||
$this->subdomain = $subdomain;
|
||||
$this->client_id = $clientId;
|
||||
$this->authToken = $authToken;
|
||||
$this->shared_at = now()->toDateTimeString();
|
||||
}
|
||||
|
||||
@@ -57,6 +59,7 @@ class ControlConnection
|
||||
return [
|
||||
'host' => $this->host,
|
||||
'client_id' => $this->client_id,
|
||||
'auth_token' => $this->authToken,
|
||||
'subdomain' => $this->subdomain,
|
||||
'shared_at' => $this->shared_at,
|
||||
];
|
||||
|
||||
@@ -12,6 +12,7 @@ use App\Server\Http\Controllers\Admin\DeleteUsersController;
|
||||
use App\Server\Http\Controllers\Admin\DisconnectSiteController;
|
||||
use App\Server\Http\Controllers\Admin\GetSettingsController;
|
||||
use App\Server\Http\Controllers\Admin\GetSitesController;
|
||||
use App\Server\Http\Controllers\Admin\GetUserDetailsController;
|
||||
use App\Server\Http\Controllers\Admin\GetUsersController;
|
||||
use App\Server\Http\Controllers\Admin\ListSitesController;
|
||||
use App\Server\Http\Controllers\Admin\ListUsersController;
|
||||
@@ -124,6 +125,7 @@ class Factory
|
||||
$this->router->post('/api/settings', StoreSettingsController::class, $adminCondition);
|
||||
$this->router->get('/api/users', GetUsersController::class, $adminCondition);
|
||||
$this->router->post('/api/users', StoreUsersController::class, $adminCondition);
|
||||
$this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition);
|
||||
$this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition);
|
||||
$this->router->get('/api/sites', GetSitesController::class, $adminCondition);
|
||||
$this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition);
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
namespace App\Server\Http\Controllers\Admin;
|
||||
|
||||
use App\Contracts\UserRepository;
|
||||
use Illuminate\Http\Request;
|
||||
use Ratchet\ConnectionInterface;
|
||||
|
||||
class GetUserDetailsController extends AdminController
|
||||
{
|
||||
protected $keepConnectionOpen = true;
|
||||
|
||||
/** @var UserRepository */
|
||||
protected $userRepository;
|
||||
|
||||
public function __construct(UserRepository $userRepository)
|
||||
{
|
||||
$this->userRepository = $userRepository;
|
||||
}
|
||||
|
||||
public function handle(Request $request, ConnectionInterface $httpConnection)
|
||||
{
|
||||
$this->userRepository
|
||||
->getUserById($request->get('id'))
|
||||
->then(function ($user) use ($httpConnection) {
|
||||
$httpConnection->send(
|
||||
respond_json(['user' => $user])
|
||||
);
|
||||
|
||||
$httpConnection->close();
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -127,7 +127,7 @@ class ControlMessageController implements MessageComponentInterface
|
||||
protected function verifyAuthToken(ConnectionInterface $connection): PromiseInterface
|
||||
{
|
||||
if (config('expose.admin.validate_auth_tokens') !== true) {
|
||||
return new FulfilledPromise();
|
||||
return \React\Promise\resolve(null);
|
||||
}
|
||||
|
||||
$deferred = new Deferred();
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Server\UserRepository;
|
||||
|
||||
use App\Contracts\ConnectionManager;
|
||||
use App\Contracts\UserRepository;
|
||||
use Clue\React\SQLite\DatabaseInterface;
|
||||
use Clue\React\SQLite\Result;
|
||||
@@ -13,9 +14,13 @@ class DatabaseUserRepository implements UserRepository
|
||||
/** @var DatabaseInterface */
|
||||
protected $database;
|
||||
|
||||
public function __construct(DatabaseInterface $database)
|
||||
/** @var ConnectionManager */
|
||||
protected $connectionManager;
|
||||
|
||||
public function __construct(DatabaseInterface $database, ConnectionManager $connectionManager)
|
||||
{
|
||||
$this->database = $database;
|
||||
$this->connectionManager = $connectionManager;
|
||||
}
|
||||
|
||||
public function getUsers(): PromiseInterface
|
||||
@@ -46,8 +51,12 @@ class DatabaseUserRepository implements UserRepository
|
||||
$nextPage = $currentPage + 1;
|
||||
}
|
||||
|
||||
$users = collect($result->rows)->map(function ($user) {
|
||||
return $this->getUserDetails($user);
|
||||
})->toArray();
|
||||
|
||||
$paginated = [
|
||||
'users' => $result->rows,
|
||||
'users' => $users,
|
||||
'current_page' => $currentPage,
|
||||
'per_page' => $perPage,
|
||||
'next_page' => $nextPage ?? null,
|
||||
@@ -60,6 +69,13 @@ class DatabaseUserRepository implements UserRepository
|
||||
return $deferred->promise();
|
||||
}
|
||||
|
||||
protected function getUserDetails(array $user)
|
||||
{
|
||||
$user['sites'] = $user['auth_token'] !== '' ? $this->connectionManager->getConnectionsForAuthToken($user['auth_token']) : [];
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
public function getUserById($id): PromiseInterface
|
||||
{
|
||||
$deferred = new Deferred();
|
||||
@@ -67,7 +83,13 @@ class DatabaseUserRepository implements UserRepository
|
||||
$this->database
|
||||
->query('SELECT * FROM users WHERE id = :id', ['id' => $id])
|
||||
->then(function (Result $result) use ($deferred) {
|
||||
$deferred->resolve($result->rows[0] ?? null);
|
||||
$user = $result->rows[0] ?? null;
|
||||
|
||||
if (! is_null($user)) {
|
||||
$user = $this->getUserDetails($user);
|
||||
}
|
||||
|
||||
$deferred->resolve($user);
|
||||
});
|
||||
|
||||
return $deferred->promise();
|
||||
|
||||
Reference in New Issue
Block a user