From c098573a51f4d43942ad065c1f979476a4c5b36a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Mon, 13 May 2019 19:22:18 +0200 Subject: [PATCH 1/9] Move authentication handler to CustomCKFinderAuth middleware class --- src/Controller/CKFinderController.php | 10 ++++++++++ src/config.php | 4 ---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/Controller/CKFinderController.php b/src/Controller/CKFinderController.php index b9e1457..a63e29b 100644 --- a/src/Controller/CKFinderController.php +++ b/src/Controller/CKFinderController.php @@ -13,6 +13,16 @@ */ class CKFinderController extends Controller { + /** + * Use custom middleware to handle custom authentication and redirects. + * + * @middleware App\Http\Middleware\CustomCKFinderAuth + */ + public function __construct() + { + $this->middleware(\App\Http\Middleware\CustomCKFinderAuth::class); + } + /** * Action that handles all CKFinder requests. * diff --git a/src/config.php b/src/config.php index 232dddc..223a97c 100644 --- a/src/config.php +++ b/src/config.php @@ -22,10 +22,6 @@ $config = array(); -$config['authentication'] = function () { - return false; -}; - /*============================ License Key ============================================*/ // http://docs.cksource.com/ckfinder3-php/configuration.html#configuration_options_licenseKey From edbdea6bd6a4aa7c36fd7e4d6e009f9b36d8c791 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Mon, 13 May 2019 21:50:55 +0200 Subject: [PATCH 2/9] Middleware alias --- src/Controller/CKFinderController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/CKFinderController.php b/src/Controller/CKFinderController.php index a63e29b..22dbdaf 100644 --- a/src/Controller/CKFinderController.php +++ b/src/Controller/CKFinderController.php @@ -20,7 +20,7 @@ class CKFinderController extends Controller */ public function __construct() { - $this->middleware(\App\Http\Middleware\CustomCKFinderAuth::class); + $this->middleware(['ckfinder']); } /** From afdc51d41e5e2d99fff07555f34634b8157f1f82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Tue, 14 May 2019 11:03:13 +0200 Subject: [PATCH 3/9] README.md update --- README.md | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 62a870f..e8be802 100644 --- a/README.md +++ b/README.md @@ -52,23 +52,46 @@ Authentication for CKFinder is not configured yet, so you will see an error resp ## Configuring Authentication -CKFinder connector authentication is managed by the `authentication` option in the connector configuration file (`config/ckfinder.php`). -It expects a [PHP callable](http://php.net/manual/pl/language.types.callable.php) value that after calling would return a Boolean value to decide if the user should have access to CKFinder. -As you can see, the default service implementation is not complete and simply returns `false`. +CKFinder connector authentication is handled by [middleware](https://laravel.com/docs/5.8/middleware) alias `ckfinder`. To create the middleware class, use the artisan command: -A basic implementation that returns `true` from the `authentication` callable (which is obviously **not secure**) can look like below: +```bash +php artisan make:middleware CustomCKFinderAuth +``` + +The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth.php`. Attach this class to the `ckfinder` alias in `app/Http/Kernel.php`, for example, as `web` group + the custom class: ```php -// config/ckfinder.php +protected $middlewareGroups = [ + //... + + 'ckfinder' => [ + 'web', + \App\Http\Middleware\CustomCKFinderAuth::class + ], + ]; -$config['authentication'] = function () { - return true; -}; +``` + +The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example by switching the `ckfinder.authentication` config option for authenticated user: + +```php +public function handle($request, Closure $next) +{ + config(['ckfinder.authentication' => function() use ($request) { + if($request->user()) { + return true; + } + return false; + }] ); + return $next($request); +} ``` Please have a look at the [CKFinder for PHP connector documentation](https://ckeditor.com/docs/ckfinder/ckfinder3-php/configuration.html#configuration_options_authentication) to find out more about this option. + + ## Configuration Options The CKFinder connector configuration is taken from the `config/ckfinder.php` file. From abf4ad1127257d9762c5b6bc599db2f0ccd8a75f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Tue, 14 May 2019 11:09:12 +0200 Subject: [PATCH 4/9] Small style update in README.md --- README.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index e8be802..0678e63 100644 --- a/README.md +++ b/README.md @@ -58,18 +58,17 @@ CKFinder connector authentication is handled by [middleware](https://laravel.com php artisan make:middleware CustomCKFinderAuth ``` -The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth.php`. Attach this class to the `ckfinder` alias in `app/Http/Kernel.php`, for example, as `web` group + the custom class: +The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth.php`. Attach this class to the `ckfinder` alias in `app/Http/Kernel.php`, for example, using `web` group + the custom class: ```php protected $middlewareGroups = [ - //... - - 'ckfinder' => [ - 'web', - \App\Http\Middleware\CustomCKFinderAuth::class - ], - ]; + //... + 'ckfinder' => [ + 'web', + \App\Http\Middleware\CustomCKFinderAuth::class + ], +]; ``` The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example by switching the `ckfinder.authentication` config option for authenticated user: From e2ce50bef2828996f5a5686c06edbbbec7b3b3f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Tue, 14 May 2019 12:28:09 +0200 Subject: [PATCH 5/9] Small style update in README.md --- README.md | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 0678e63..d59128d 100644 --- a/README.md +++ b/README.md @@ -71,17 +71,14 @@ protected $middlewareGroups = [ ]; ``` -The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example by switching the `ckfinder.authentication` config option for authenticated user: +The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example by switching the `ckfinder.authentication` config option: ```php public function handle($request, Closure $next) { - config(['ckfinder.authentication' => function() use ($request) { - if($request->user()) { - return true; - } - return false; - }] ); + config(['ckfinder.authentication' => function() { + return true; + }]); return $next($request); } ``` From a0342b5b96f95fa4dc0e4a6d598822d15132ed44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Wed, 15 May 2019 10:58:25 +0200 Subject: [PATCH 6/9] Middleware class/alias moved to the config file --- src/CKFinderMiddleware.php | 18 ++++++++++++++++++ src/Controller/CKFinderController.php | 8 +++++--- src/config.php | 2 ++ 3 files changed, 25 insertions(+), 3 deletions(-) create mode 100644 src/CKFinderMiddleware.php diff --git a/src/CKFinderMiddleware.php b/src/CKFinderMiddleware.php new file mode 100644 index 0000000..bdadf58 --- /dev/null +++ b/src/CKFinderMiddleware.php @@ -0,0 +1,18 @@ + function() use ($request) { + + return false; + }] ); + + return $next($request); + } +} diff --git a/src/Controller/CKFinderController.php b/src/Controller/CKFinderController.php index 22dbdaf..d5a07e5 100644 --- a/src/Controller/CKFinderController.php +++ b/src/Controller/CKFinderController.php @@ -15,12 +15,14 @@ class CKFinderController extends Controller { /** * Use custom middleware to handle custom authentication and redirects. - * - * @middleware App\Http\Middleware\CustomCKFinderAuth */ public function __construct() { - $this->middleware(['ckfinder']); + $authenticationMiddleware = config('ckfinder.authentication'); + + if(isset($authenticationMiddleware) && is_string($authenticationMiddleware)) { + $this->middleware($authenticationMiddleware); + } } /** diff --git a/src/config.php b/src/config.php index 223a97c..9503cc7 100644 --- a/src/config.php +++ b/src/config.php @@ -22,6 +22,8 @@ $config = array(); +$config['authentication'] = '\CKSource\CKFinderBridge\CKFinderMiddleware'; + /*============================ License Key ============================================*/ // http://docs.cksource.com/ckfinder3-php/configuration.html#configuration_options_licenseKey From bdd292797340eba0f9b9853a6eff0e7fb14e7f5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Wed, 15 May 2019 11:26:39 +0200 Subject: [PATCH 7/9] Callable config option still works --- src/Controller/CKFinderController.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/Controller/CKFinderController.php b/src/Controller/CKFinderController.php index d5a07e5..4cd81c7 100644 --- a/src/Controller/CKFinderController.php +++ b/src/Controller/CKFinderController.php @@ -20,8 +20,12 @@ public function __construct() { $authenticationMiddleware = config('ckfinder.authentication'); - if(isset($authenticationMiddleware) && is_string($authenticationMiddleware)) { - $this->middleware($authenticationMiddleware); + if(!is_callable($authenticationMiddleware)) { + if(isset($authenticationMiddleware) && is_string($authenticationMiddleware)) { + $this->middleware($authenticationMiddleware); + } else { + $this->middleware(\CKSource\CKFinderBridge\CKFinderMiddleware::class); + } } } From 825226ba7b2644ef6af5bff786e0f03861ad9cf5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Wed, 15 May 2019 11:37:15 +0200 Subject: [PATCH 8/9] README.md updated --- README.md | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index d59128d..4c38b9d 100644 --- a/README.md +++ b/README.md @@ -52,26 +52,19 @@ Authentication for CKFinder is not configured yet, so you will see an error resp ## Configuring Authentication -CKFinder connector authentication is handled by [middleware](https://laravel.com/docs/5.8/middleware) alias `ckfinder`. To create the middleware class, use the artisan command: +CKFinder connector authentication is handled by [middleware](https://laravel.com/docs/5.8/middleware) class or alias. To create the custom middleware class, use the artisan command: ```bash php artisan make:middleware CustomCKFinderAuth ``` -The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth.php`. Attach this class to the `ckfinder` alias in `app/Http/Kernel.php`, for example, using `web` group + the custom class: +The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth.php`. Change the `authentication` option in `config/ckfinder.php`: ```php -protected $middlewareGroups = [ - //... - - 'ckfinder' => [ - 'web', - \App\Http\Middleware\CustomCKFinderAuth::class - ], -]; +$config['authentication'] = '\App\Http\Middleware\CustomCKFinderAuth'; ``` -The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example by switching the `ckfinder.authentication` config option: +The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example: ```php public function handle($request, Closure $next) From b76fe9f5ecce0afa059864251a67b08c5389ab06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Betli=C5=84ski?= Date: Wed, 15 May 2019 15:36:23 +0200 Subject: [PATCH 9/9] README.md updated --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4c38b9d..f587df8 100644 --- a/README.md +++ b/README.md @@ -64,7 +64,7 @@ The new middleware class will appear in `app/Http/Middleware/CustomCKFinderAuth. $config['authentication'] = '\App\Http\Middleware\CustomCKFinderAuth'; ``` -The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users, for example: +The `handle` method in `CustomCKFinderAuth` class allows to authenticate CKFinder users. A basic implementation that returns `true` from the `authentication` callable (which is obviously **not secure**) can look like below: ```php public function handle($request, Closure $next)