Fix handling authentication
- URL routes now defaulty required authentication if force_authentication special function is defined. - handle_request() now trigger a fatal error if user try to access to a required route and if force_authentication function is not defined. - logging() now retreive username from $auth_user['username'].
This commit is contained in:
parent
e533ec9148
commit
01759fb4c2
7 changed files with 82 additions and 52 deletions
|
@ -60,7 +60,7 @@ function logging($level, $message) {
|
|||
$_SERVER['REMOTE_ADDR'],
|
||||
);
|
||||
if (isset($auth_user))
|
||||
$msg[] = ($auth_user?$auth_user:'anonymous');
|
||||
$msg[] = ($auth_user['username']?$auth_user['username']:'anonymous');
|
||||
$msg[] = $level;
|
||||
$msg[] = $message;
|
||||
$msg = implode(' - ', $msg)."\n";
|
||||
|
|
|
@ -29,14 +29,20 @@ $url_patterns =array();
|
|||
* @param $pattern string The URL pattern (required)
|
||||
* @param $handler callable The URL pattern handler (must be callable, required)
|
||||
* @param $authenticated boolean Permit to define if this URL is accessible only for
|
||||
* authenticated users (optional, default: true)
|
||||
* authenticated users (optional, default: true if the special
|
||||
* force_authentication function is defined, false otherwise)
|
||||
* @param $override boolean Allow override if a command already exists with the
|
||||
* same name (optional, default: false)
|
||||
* @param $api_mode boolean Enable API mode (optional, default: false)
|
||||
* @param $methods array|null HTTP method (optional, default: array('GET', 'POST'))
|
||||
**/
|
||||
function add_url_handler($pattern, $handler=null, $authenticated=false, $override=true,
|
||||
function add_url_handler($pattern, $handler=null, $authenticated=null, $override=true,
|
||||
$api_mode=false, $methods=null) {
|
||||
$authenticated = (
|
||||
is_null($authenticated)?
|
||||
function_exists('force_authentication'):
|
||||
(bool)$authenticated
|
||||
);
|
||||
if (is_null($methods))
|
||||
$methods = array('GET', 'POST');
|
||||
elseif (!is_array($methods))
|
||||
|
@ -322,6 +328,10 @@ function redirect($go=false) {
|
|||
/**
|
||||
* Handle the current requested URL
|
||||
*
|
||||
* Note: if the route required that user is authenticated, this method will
|
||||
* invoke the force_authentication() special function (or trigger a fatal error
|
||||
* if it's not defined).
|
||||
*
|
||||
* @param $default_url string|null The default URL if current one does not
|
||||
* match with any configured pattern.
|
||||
*
|
||||
|
@ -343,8 +353,11 @@ function handle_request($default_url=null) {
|
|||
$smarty -> assign('request', $request);
|
||||
|
||||
// Check authentication (if need)
|
||||
if($request -> authenticated && function_exists('force_authentication'))
|
||||
if($request -> authenticated)
|
||||
if (function_exists('force_authentication'))
|
||||
force_authentication();
|
||||
else
|
||||
logging('FATAL', _("Authentication required but force_authentication function is not defined."));
|
||||
|
||||
try {
|
||||
return call_user_func($request -> handler, $request);
|
||||
|
|
Binary file not shown.
|
@ -1,7 +1,7 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: \n"
|
||||
"POT-Creation-Date: 2022-04-24 19:09+0200\n"
|
||||
"POT-Creation-Date: 2022-04-25 18:40+0200\n"
|
||||
"PO-Revision-Date: \n"
|
||||
"Last-Translator: Benjamin Renard <brenard@easter-eggs.com>\n"
|
||||
"Language-Team: \n"
|
||||
|
@ -351,27 +351,27 @@ msgstr ""
|
|||
"\n"
|
||||
"Mail originalement destiné à %s."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:92
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:98
|
||||
msgid "Bad request"
|
||||
msgstr "Mauvaise requête"
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:93
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:99
|
||||
msgid "Invalid request."
|
||||
msgstr "Requête invalide."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:96
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:102
|
||||
msgid "Authentication required"
|
||||
msgstr "Authentification requise"
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:97
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:103
|
||||
msgid "You have to be authenticated to access to this page."
|
||||
msgstr "Vous devez être authentifié pour accéder à cette page."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:100
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:106
|
||||
msgid "Access denied"
|
||||
msgstr "Accès interdit"
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:101
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:107
|
||||
msgid ""
|
||||
"You do not have access to this application. If you think this is an error, "
|
||||
"please contact support."
|
||||
|
@ -379,25 +379,25 @@ msgstr ""
|
|||
"Vous n'avez pas accès à cette application. Si vous pensez qu'il s'agit d'une "
|
||||
"erreur, merci de prendre contact avec le support."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:104
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:110
|
||||
msgid "Whoops ! Page not found"
|
||||
msgstr "Oups ! Page introuvable"
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:105
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:111
|
||||
msgid "The requested page can not be found."
|
||||
msgstr "La page demandée est introuvable."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:113
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:119
|
||||
msgid "Error"
|
||||
msgstr "Erreur"
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:114
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:120
|
||||
msgid "An unknown error occurred. If problem persist, please contact support."
|
||||
msgstr ""
|
||||
"Une erreur inconnue est survenue. Si le problème persiste, merci de prendre "
|
||||
"contact avec le support."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:159
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:165
|
||||
msgid ""
|
||||
"Unable to determine the requested page. If the problem persists, please "
|
||||
"contact support."
|
||||
|
@ -405,7 +405,7 @@ msgstr ""
|
|||
"Impossible de déterminer la page demandée. Si le problème persiste, merci de "
|
||||
"prendre contact avec le support."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:312
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:318
|
||||
msgid ""
|
||||
"Unable to determine the requested page (loop detected). If the problem "
|
||||
"persists, please contact support."
|
||||
|
@ -413,11 +413,18 @@ msgstr ""
|
|||
"Impossible de déterminer la page demandée (boucle détectée). Si le problème "
|
||||
"persiste, merci de prendre contact avec le support."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:337
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:347
|
||||
msgid "This request cannot be processed."
|
||||
msgstr "Cette requête ne peut être traitée."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:355
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:360
|
||||
msgid ""
|
||||
"Authentication required but force_authentication function is not defined."
|
||||
msgstr ""
|
||||
"Authentification requise mais la fonction force_authentication n'est pas "
|
||||
"définie."
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:368
|
||||
msgid "This request could not be processed correctly."
|
||||
msgstr "Cette requête n'a put être traitée correctement."
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"POT-Creation-Date: 2022-04-24 20:13+0200\n"
|
||||
"PO-Revision-Date: 2022-04-24 20:13+0200\n"
|
||||
"POT-Creation-Date: 2022-04-25 18:40+0200\n"
|
||||
"PO-Revision-Date: 2022-04-25 18:40+0200\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=utf-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
|
@ -1,7 +1,7 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"POT-Creation-Date: 2022-04-24 20:13+0200\n"
|
||||
"PO-Revision-Date: 2022-04-24 20:13+0200\n"
|
||||
"POT-Creation-Date: 2022-04-25 18:40+0200\n"
|
||||
"PO-Revision-Date: 2022-04-25 18:40+0200\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
@ -305,65 +305,70 @@ msgid ""
|
|||
"Mail initialy intended for %s."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:92
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:98
|
||||
msgid "Bad request"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:93
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:99
|
||||
msgid "Invalid request."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:96
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:102
|
||||
msgid "Authentication required"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:97
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:103
|
||||
msgid "You have to be authenticated to access to this page."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:100
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:106
|
||||
msgid "Access denied"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:101
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:107
|
||||
msgid ""
|
||||
"You do not have access to this application. If you think this is an error, "
|
||||
"please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:104
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:110
|
||||
msgid "Whoops ! Page not found"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:105
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:111
|
||||
msgid "The requested page can not be found."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:113
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:119
|
||||
msgid "Error"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:114
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:120
|
||||
msgid "An unknown error occurred. If problem persist, please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:159
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:165
|
||||
msgid ""
|
||||
"Unable to determine the requested page. If the problem persists, please "
|
||||
"contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:312
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:318
|
||||
msgid ""
|
||||
"Unable to determine the requested page (loop detected). If the problem "
|
||||
"persists, please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:337
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:347
|
||||
msgid "This request cannot be processed."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:355
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:360
|
||||
msgid ""
|
||||
"Authentication required but force_authentication function is not defined."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:368
|
||||
msgid "This request could not be processed correctly."
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -297,65 +297,70 @@ msgid ""
|
|||
"Mail initialy intended for %s."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:92
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:98
|
||||
msgid "Bad request"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:93
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:99
|
||||
msgid "Invalid request."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:96
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:102
|
||||
msgid "Authentication required"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:97
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:103
|
||||
msgid "You have to be authenticated to access to this page."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:100
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:106
|
||||
msgid "Access denied"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:101
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:107
|
||||
msgid ""
|
||||
"You do not have access to this application. If you think this is an error, "
|
||||
"please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:104
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:110
|
||||
msgid "Whoops ! Page not found"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:105
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:111
|
||||
msgid "The requested page can not be found."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:113
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:119
|
||||
msgid "Error"
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:114
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:120
|
||||
msgid "An unknown error occurred. If problem persist, please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:159
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:165
|
||||
msgid ""
|
||||
"Unable to determine the requested page. If the problem persists, please "
|
||||
"contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:312
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:318
|
||||
msgid ""
|
||||
"Unable to determine the requested page (loop detected). If the problem "
|
||||
"persists, please contact support."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:337
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:347
|
||||
msgid "This request cannot be processed."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:355
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:360
|
||||
msgid ""
|
||||
"Authentication required but force_authentication function is not defined."
|
||||
msgstr ""
|
||||
|
||||
#: /home/brenard/dev/eesyphp/includes/url.php:368
|
||||
msgid "This request could not be processed correctly."
|
||||
msgstr ""
|
||||
|
||||
|
|
Loading…
Reference in a new issue