refactor: migrated login to controller (#3257)

thorsten · Dec 28, 2024 · 3c15cc8 · 3c15cc8
1 parent 0f43907
commit 3c15cc8
Show file tree

Hide file tree

Showing 8 changed files with 190 additions and 144 deletions.
diff --git a/nginx.conf b/nginx.conf
@@ -129,7 +129,7 @@ server {
             rewrite admin/api/(.*)                                  /admin/api/index.php last;
 
             # Administration pages
-            rewrite admin/(attachments|backup|category|comments|configuration|elasticsearch|export|faq|faqs|forms|glossary|group|import|instance|instances|logout|media-browser|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) /admin/front.php last;
+            rewrite admin/(attachments|authenticate|backup|category|comments|configuration|elasticsearch|export|faq|faqs|forms|glossary|group|import|instance|instances|logout|login|media-browser|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) /admin/front.php last;
 
             # REST API v3.0 and v3.1
             rewrite ^api/v3\.[01]/(.*)                              /api/index.php last;

diff --git a/phpmyfaq/.htaccess b/phpmyfaq/.htaccess
@@ -143,7 +143,7 @@ Header set Access-Control-Allow-Headers "Content-Type, Authorization"
     # Administration API
     RewriteRule ^admin/api/(.*) admin/api/index.php [L,QSA]
     # Administration pages
-    RewriteRule ^admin/(attachments|backup|category|comments|configuration|elasticsearch|export|faq|faqs|forms|glossary|group|import|instance|instances|logout|media-browser|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) admin/front.php [L,QSA]
+    RewriteRule ^admin/(attachments|authenticate|backup|category|comments|configuration|elasticsearch|export|faq|faqs|forms|glossary|group|import|instance|instances|login|logout|media-browser|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) admin/front.php [L,QSA]
     #RewriteRule ^admin/(.*) admin/front.php [L,QSA]
     # Private APIs
     RewriteRule ^api/(autocomplete|bookmark/delete|bookmark/create|user/data/update|user/password/update|user/request-removal|user/remove-twofactor|contact|voting|register|captcha|share|comment/create|faq/create|question/create|webauthn/prepare|webauthn/register|webauthn/prepare-login|webauthn/login) api/index.php [L,QSA]

diff --git a/phpmyfaq/admin/index.php b/phpmyfaq/admin/index.php
@@ -35,6 +35,7 @@
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -264,7 +265,8 @@
 // User is NOT authenticated
 } else {
     //$error = Translation::get('msgSessionExpired');
-    require 'login.php';
+    $redirect = new RedirectResponse('./login');
+    $redirect->send();
 }
 
 require 'footer.php';
diff --git a/phpmyfaq/admin/login.php b/phpmyfaq/admin/login.php
diff --git a/phpmyfaq/assets/templates/admin/login.twig b/phpmyfaq/assets/templates/admin/login.twig
@@ -1,93 +1,97 @@
-{% if isSecure %}
-  <div id="pmf-admin-login">
-    <div id="pmf-admin-login-content">
-      <main>
-        <div class="container">
-          <div class="row justify-content-center">
-            <div class="col-lg-6">
-              <div class="card shadow-lg border-1 rounded-lg mt-5">
-                <div class="card-header">
-                  <h3 class="text-center font-weight-light my-4">phpMyFAQ Login</h3>
+{% extends '@admin/index.twig' %}
 
-                  {% if isError %}
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                      {{ errorMessage }}
-                      <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                  {% else %}
-                    <p>
-                      {{ loginMessage }}
-                    </p>
-                  {% endif %}
+{% block content %}
 
-                  {% if isLogout %}
-                  <div class="alert alert-success alert-dismissible fade show" role="alert">
-                    {{ logoutMessage }}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    {% endif %}
-                  </div>
-                  <div class="card-body">
-                    <form action="{{ loginUrl }}" method="post" accept-charset="utf-8" role="form">
-                      <input type="hidden" name="redirect-action" value="{{ redirectAction }}">
-                      <div class="form-floating mb-3">
-                        <input class="form-control" id="faqusername" name="faqusername" type="text"
-                               placeholder="{{ msgUsername }}">
-                        <label for="faqusername">{{ msgUsername }}</label>
+  {% if isSecure %}
+    <div id="pmf-admin-login">
+      <div id="pmf-admin-login-content">
+        <main>
+          <div class="container">
+            <div class="row justify-content-center">
+              <div class="col-lg-6">
+                <div class="card shadow-lg border-1 rounded-lg mt-5">
+                  <div class="card-header">
+                    <h3 class="text-center font-weight-light my-4">phpMyFAQ Login</h3>
+
+                    {% if isError %}
+                      <div class="alert alert-danger alert-dismissible fade show" role="alert">
+                        {{ errorMessage }}
+                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
                       </div>
-                      <div class="input-group mb-3">
-                        <div class="form-floating">
-                          <input class="form-control" id="faqpassword" name="faqpassword" type="password"
-                                 autocomplete="off"
-                                 placeholder="{{ msgPassword }}" data-pmf-toggle="faqpassword_toggle">
-                          <label for="faqpassword">{{ msgPassword }}</label>
+                    {% else %}
+                      <p>
+                        {{ loginMessage }}
+                      </p>
+                    {% endif %}
+
+                    {% if isLogout %}
+                    <div class="alert alert-success alert-dismissible fade show" role="alert">
+                      {{ logoutMessage }}
+                      <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                      {% endif %}
+                    </div>
+                    <div class="card-body">
+                      <form action="{{ loginUrl }}" method="post" accept-charset="utf-8" role="form">
+                        <input type="hidden" name="redirect-action" value="{{ redirectAction }}">
+                        <div class="form-floating mb-3">
+                          <input class="form-control" id="faqusername" name="faqusername" type="text"
+                                 placeholder="{{ msgUsername }}">
+                          <label for="faqusername">{{ msgUsername }}</label>
                         </div>
-                        <span class="input-group-text" id="faqpassword_toggle">
+                        <div class="input-group mb-3">
+                          <div class="form-floating">
+                            <input class="form-control" id="faqpassword" name="faqpassword" type="password"
+                                   autocomplete="off"
+                                   placeholder="{{ msgPassword }}" data-pmf-toggle="faqpassword_toggle">
+                            <label for="faqpassword">{{ msgPassword }}</label>
+                          </div>
+                          <span class="input-group-text" id="faqpassword_toggle">
                         <i class="bi bi-eye-slash" id="faqpassword_toggle_icon"></i>
                       </span>
-                      </div>
-                      <div class="form-check mb-3">
-                        <input class="form-check-input" id="faqrememberme" name="faqrememberme" type="checkbox"
-                               value="rememberMe">
-                        <label class="form-check-label" for="faqrememberme">{{ msgRememberMe }}</label>
-                      </div>
-                      <div class="d-flex align-items-center justify-content-between mt-4 mb-0">
-                        <a class="small" href="../?action=password">{{ msgLostPassword }}</a>
-                        <button type="submit" class="btn btn-primary">
-                          {{ msgLoginUser }}
-                        </button>
-                      </div>
-                    </form>
-                  </div>
-                  <div class="card-footer text-center py-3">
-                    {% if hasRegistrationEnabled %}
-                      <a class="w-100 py-2 mb-2 btn btn-outline-secondary rounded-3" href="../user/register">
-                        {{ msgRegistration }}
-                      </a>
-                    {% endif %}
-                    {% if hasSignInWithMicrosoftActive %}
-                      <a class="w-100 py-2 mb-2 btn btn-outline-warning rounded-3" href="../services/azure">
-                        <i class="bi bi-windows" aria-hidden="true"></i>
-                        {{ msgSignInWithMicrosoft }}
-                      </a>
-                      {% if isWebAuthnEnabled %}
-                        <a class="w-100 py-2 mb-2 btn btn-outline-primary rounded-3" href="../services/webauthn">
-                          <i class="bi bi-key" aria-hidden="true"></i>
-                          {{ 'msgSignInWithPasskey' | translate }}
+                        </div>
+                        <div class="form-check mb-3">
+                          <input class="form-check-input" id="faqrememberme" name="faqrememberme" type="checkbox"
+                                 value="rememberMe">
+                          <label class="form-check-label" for="faqrememberme">{{ msgRememberMe }}</label>
+                        </div>
+                        <div class="d-flex align-items-center justify-content-between mt-4 mb-0">
+                          <a class="small" href="../?action=password">{{ msgLostPassword }}</a>
+                          <button type="submit" class="btn btn-primary">
+                            {{ msgLoginUser }}
+                          </button>
+                        </div>
+                      </form>
+                    </div>
+                    <div class="card-footer text-center py-3">
+                      {% if hasRegistrationEnabled %}
+                        <a class="w-100 py-2 mb-2 btn btn-outline-secondary rounded-3" href="../user/register">
+                          {{ msgRegistration }}
                         </a>
                       {% endif %}
-                    {% endif %}
+                      {% if hasSignInWithMicrosoftActive %}
+                        <a class="w-100 py-2 mb-2 btn btn-outline-warning rounded-3" href="../services/azure">
+                          <i class="bi bi-windows" aria-hidden="true"></i>
+                          {{ msgSignInWithMicrosoft }}
+                        </a>
+                        {% if isWebAuthnEnabled %}
+                          <a class="w-100 py-2 mb-2 btn btn-outline-primary rounded-3" href="../services/webauthn">
+                            <i class="bi bi-key" aria-hidden="true"></i>
+                            {{ 'msgSignInWithPasskey' | translate }}
+                          </a>
+                        {% endif %}
+                      {% endif %}
+                    </div>
                   </div>
                 </div>
               </div>
             </div>
-          </div>
-      </main>
+        </main>
+      </div>
     </div>
-  </div>
-{% else %}
-  <div class="alert alert-danger" role="alert">
-    <a href="{{ secureUrl }}">{{ msgNotSecure }}</a>
-
-  </div>
-{% endif %}
+  {% else %}
+    <div class="alert alert-danger" role="alert">
+      <a href="{{ secureUrl }}">{{ msgNotSecure }}</a>
+    </div>
+  {% endif %}
 
+{% endblock %}
diff --git a/phpmyfaq/src/admin-routes.php b/phpmyfaq/src/admin-routes.php
@@ -56,6 +56,16 @@
         'controller' => [AttachmentsController::class, 'index'],
         'methods' => 'GET'
     ],
+    'admin.auth.authenticate' => [
+        'path' => '/authenticate',
+        'controller' => [AuthenticationController::class, 'authenticate'],
+        'methods' => 'POST'
+    ],
+    'admin.auth.login' => [
+        'path' => '/login',
+        'controller' => [AuthenticationController::class, 'login'],
+        'methods' => 'GET'
+    ],
     'admin.auth.logout' => [
         'path' => '/logout',
         'controller' => [AuthenticationController::class, 'logout'],

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php
@@ -301,7 +301,7 @@ protected function getHeader(Request $request): array
                 break;
         }
 
-        if ($this->configuration->get('main.enableGravatarSupport')) {
+        if ($this->currentUser->isLoggedIn() && $this->configuration->get('main.enableGravatarSupport')) {
             $avatar = new Gravatar();
             $gravatarImage = $avatar->getImage(
                 $this->currentUser->getUserData('email'),