From d67c4063e411fac860dfefddaabaee82db601f27 Mon Sep 17 00:00:00 2001 From: Michel Date: Thu, 7 Nov 2024 21:38:48 +0100 Subject: [PATCH 1/2] Adds proper safety for prod and added option for SSL --- config/.env.example | 1 + src/php/ContainerHandler.php | 2 ++ src/php/CrashHandler.php | 42 ++++++++++++++++++++++++++++ src/php/{index.dev.php => index.php} | 8 ++---- src/php/index.prod.php | 26 ----------------- webpack.config.js | 4 +-- 6 files changed, 50 insertions(+), 33 deletions(-) create mode 100644 src/php/CrashHandler.php rename src/php/{index.dev.php => index.php} (67%) delete mode 100644 src/php/index.prod.php diff --git a/config/.env.example b/config/.env.example index 5993b68..57c91ec 100644 --- a/config/.env.example +++ b/config/.env.example @@ -1,4 +1,5 @@ PRODUCTION=false +USE_SSL=false DISCORD_CLIENT_ID="" DISCORD_CLIENT_SECRET="" diff --git a/src/php/ContainerHandler.php b/src/php/ContainerHandler.php index a959e5a..dca8d30 100644 --- a/src/php/ContainerHandler.php +++ b/src/php/ContainerHandler.php @@ -5,6 +5,7 @@ namespace GamesShop; use League\Container\Container; use League\Container\ReflectionContainer; +use Whoops\Handler\HandlerInterface; final class ContainerHandler { @@ -35,5 +36,6 @@ final class ContainerHandler self::$instance = new Container(); $reflectionContainer = new ReflectionContainer(true); self::$instance->delegate($reflectionContainer); + self::$instance->addShared(Container::class, self::$instance); } } \ No newline at end of file diff --git a/src/php/CrashHandler.php b/src/php/CrashHandler.php new file mode 100644 index 0000000..dd4aa47 --- /dev/null +++ b/src/php/CrashHandler.php @@ -0,0 +1,42 @@ +getHandler(); + $this->container->addShared(HandlerInterface::class, $handler); + + $whoops = new Run(); + $whoops->pushHandler($handler); + $whoops->register(); + } + + private function getHandler(): HandlerInterface + { + if (!$this->env->isProduction()) { + return new PrettyPageHandler(); + } + + return new CallbackHandler( + function ($exception, $inspector, $run) { + http_response_code(500); + echo ContainerHandler::get(TemplateEngine::class) + ->renderErrorPage(500); + } + ); + } +} \ No newline at end of file diff --git a/src/php/index.dev.php b/src/php/index.php similarity index 67% rename from src/php/index.dev.php rename to src/php/index.php index 820ee03..9419574 100644 --- a/src/php/index.dev.php +++ b/src/php/index.php @@ -2,6 +2,7 @@ declare(strict_types=1); use GamesShop\ContainerHandler; +use GamesShop\CrashHandler; use GamesShop\DoctrineManager; use GamesShop\Environment\EnvironmentHandler; use GamesShop\Routing\Router; @@ -12,12 +13,9 @@ use Whoops\Run; require_once __DIR__ . '/../src/php/bootstrap.php'; -$whoops = new Run(); -$prettyPageHandler = new PrettyPageHandler(); -$whoops->pushHandler($prettyPageHandler); -$whoops->register(); +ContainerHandler::get(CrashHandler::class)->register(); -ContainerHandler::getInstance()->addShared(HandlerInterface::class, $prettyPageHandler); +throw new Exception(); $router = ContainerHandler::getInstance()->get(Router::class); $result = $router->route(); diff --git a/src/php/index.prod.php b/src/php/index.prod.php deleted file mode 100644 index 06044b7..0000000 --- a/src/php/index.prod.php +++ /dev/null @@ -1,26 +0,0 @@ -pushHandler($prettyPageHandler); -$whoops->register(); - -ContainerHandler::getInstance()->addShared(HandlerInterface::class, $prettyPageHandler); - -$router = ContainerHandler::getInstance()->get(Router::class); -$result = $router->route(); - -(new SapiEmitter)->emit($result); \ No newline at end of file diff --git a/webpack.config.js b/webpack.config.js index 53d38dd..08a2296 100644 --- a/webpack.config.js +++ b/webpack.config.js @@ -10,9 +10,9 @@ const PUBLIC_FOLDER = Path.resolve(__dirname, 'public'), CSS_FOLDER = Path.resolve(SOURCE_FOLDER, 'css'), PHP_FOLDER = Path.resolve(SOURCE_FOLDER, 'php'); -const PROD = false; +const PROD = process.env.PROD ?? false; -const INDEX_PATH = Path.resolve(PHP_FOLDER, PROD ? 'index.prod.php' : 'index.dev.php'); +const INDEX_PATH = Path.resolve(PHP_FOLDER, 'index.php'); module.exports = { plugins: [ -- 2.45.2 From 41a12d9a823103d6bcf13d133891393b5a2e1bc9 Mon Sep 17 00:00:00 2001 From: Michel Date: Thu, 7 Nov 2024 21:42:28 +0100 Subject: [PATCH 2/2] Adds SSL support for Discord login --- src/php/Environment/EnvironmentHandler.php | 5 +++++ src/php/Login/DiscordLoginProvider.php | 11 +++++++++-- src/php/index.php | 2 -- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/src/php/Environment/EnvironmentHandler.php b/src/php/Environment/EnvironmentHandler.php index 95dd8c4..279e36b 100644 --- a/src/php/Environment/EnvironmentHandler.php +++ b/src/php/Environment/EnvironmentHandler.php @@ -37,4 +37,9 @@ final class EnvironmentHandler public function isProduction(): bool { return $_SERVER['PRODUCTION'] === 'true'; } + + public function useSSL(): bool + { + return $_SERVER['USE_SSL'] === 'true'; + } } \ No newline at end of file diff --git a/src/php/Login/DiscordLoginProvider.php b/src/php/Login/DiscordLoginProvider.php index 6e38991..cba3235 100644 --- a/src/php/Login/DiscordLoginProvider.php +++ b/src/php/Login/DiscordLoginProvider.php @@ -7,12 +7,14 @@ use Doctrine\ORM\EntityManager; use GamesShop\Api\DiscordAPI; use GamesShop\ContainerHandler; use GamesShop\Entities\Account\User; +use GamesShop\Environment\EnvironmentHandler; use Psr\Http\Message\ServerRequestInterface; final class DiscordLoginProvider implements LoginProvider { public function __construct( - private readonly EntityManager $entityManager + private readonly EntityManager $entityManager, + private readonly EnvironmentHandler $env ) { } @@ -20,7 +22,12 @@ final class DiscordLoginProvider implements LoginProvider public function getUser(ServerRequestInterface $request): User { $discordApiHandler = ContainerHandler::get(DiscordAPI::class); - $result = $discordApiHandler->getUserFromCode($request->getQueryParams()['code'], (string)$request->getUri()->withQuery('')); + $result = $discordApiHandler->getUserFromCode( + $request->getQueryParams()['code'], + (string)$request->getUri() + ->withScheme($this->env->useSSL() ? 'https' : 'http') + ->withQuery('') + ); $repo = $this->entityManager->getRepository(User::class); $users = $repo->findBy(['loginMethod' => LoginMethod::DISCORD, 'foreignLoginId' => $result['id']]); diff --git a/src/php/index.php b/src/php/index.php index 9419574..4857464 100644 --- a/src/php/index.php +++ b/src/php/index.php @@ -15,8 +15,6 @@ require_once __DIR__ . '/../src/php/bootstrap.php'; ContainerHandler::get(CrashHandler::class)->register(); -throw new Exception(); - $router = ContainerHandler::getInstance()->get(Router::class); $result = $router->route(); -- 2.45.2