Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3b7a15c
commit f6a0a43
Showing
8 changed files
with
826 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
<?php | ||
/* | ||
* This file is part of the Shieldon package. | ||
* | ||
* (c) Terry L. <contact@terryl.in> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
* | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Shieldon\Firewall\Integration; | ||
|
||
use Shieldon\Firewall\Container; | ||
use Shieldon\Firewall\Firewall; | ||
use Shieldon\Firewall\Panel; | ||
use Shieldon\Firewall\HttpResolver; | ||
use function dirname; | ||
use function strpos; | ||
|
||
/** | ||
* The easist way to implement Shieldon Firewall in your PHP project. | ||
* | ||
* [How to use] | ||
* | ||
* This class is supposed to be used in a very early stage of your code. | ||
* The position is right after Composer autoloader. | ||
* | ||
* [Example] | ||
* | ||
* require_once '../vendor/autoload.php'; | ||
* | ||
* $shieldon = new \Shieldon\Firewall\Intergration\Bootstrap(); | ||
* $shieldon->run(); | ||
* | ||
* [Note] | ||
* | ||
* If you use this approach on a PHP framework, make sure that the route | ||
* supports POST method, otherwise the CAPTCHA form will not work. | ||
*/ | ||
class Bootstrap | ||
{ | ||
/** | ||
* Constuctor. | ||
* | ||
* @param string $storage The absolute path of the storage where stores | ||
* Shieldon generated data. | ||
* @param string $requestUri The entry URL of Firewall Panel. | ||
* | ||
* @return void | ||
*/ | ||
public function __construct(string $storage = '', string $requestUri = '') | ||
{ | ||
// Prevent possible issues occur in CLI command line. | ||
if (isset($_SERVER['REQUEST_URI'])) { | ||
|
||
$serverRequestUri = $_SERVER['REQUEST_URI']; | ||
$scriptFilename = $_SERVER['SCRIPT_FILENAME']; | ||
|
||
if (empty($storage)) { | ||
|
||
// The storage folder should be placed above www-root for best security, | ||
// this folder must be writable. | ||
$storage = dirname($scriptFilename) . '/../shieldon_firewall'; | ||
} | ||
|
||
$firewall = new Firewall(); | ||
$firewall->configure($storage); | ||
$firewall->controlPanel('/firewall/panel/'); | ||
|
||
if ( | ||
$requestUri !== '' && | ||
strpos($serverRequestUri, $requestUri) === 0 | ||
) { | ||
// Get into the Firewall Panel. | ||
$panel = new Panel(); | ||
$panel->entry(); | ||
} | ||
} | ||
} | ||
|
||
/** | ||
* Start protecting your site. | ||
* | ||
* @return void | ||
*/ | ||
public function run(): void | ||
{ | ||
$firewall = Container::get('firewall'); | ||
|
||
$response = $firewall->run(); | ||
|
||
if ($response->getStatusCode() !== 200) { | ||
$httpResolver = new HttpResolver(); | ||
$httpResolver($response); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
<?php | ||
/* | ||
* This file is part of the Shieldon package. | ||
* | ||
* (c) Terry L. <contact@terryl.in> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
* | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Shieldon\Firewall\Integration; | ||
|
||
use Psr\Http\Message\ResponseInterface as Response; | ||
use Psr\Http\Message\ServerRequestInterface as Request; | ||
use Shieldon\Firewall\Firewall; | ||
use Shieldon\Firewall\HttpResolver; | ||
use const TMP; | ||
|
||
/** | ||
* CakePHP Middleware | ||
* | ||
* This middleware has been tested succesfully with CakePHP 3.8 | ||
*/ | ||
class CakePhp | ||
{ | ||
/** | ||
* The absolute path of the storage where stores Shieldon generated data. | ||
* | ||
* @var string | ||
*/ | ||
protected $storage; | ||
|
||
/** | ||
* The entry point of Shieldon Firewall's control panel. | ||
* | ||
* For example: https://yoursite.com/firewall/panel/ | ||
* Just use the path component of a URI. | ||
* | ||
* @var string | ||
*/ | ||
protected $panelUri; | ||
|
||
/** | ||
* Constructor. | ||
* | ||
* @param string $storage See property `storage` explanation. | ||
* @param string $panelUri See property `panelUri` explanation. | ||
* | ||
* @return void | ||
*/ | ||
public function __construct(string $storage = '', string $panelUri = '') | ||
{ | ||
// The constant TMP is the path of CakePHP's tmp folder. | ||
// The Shieldon generated data is stored at that place. | ||
$this->storage = TMP . 'shieldon_firewall'; | ||
$this->panelUri = '/firewall/panel/'; | ||
|
||
if ('' !== $storage) { | ||
$this->storage = $storage; | ||
} | ||
|
||
if ('' !== $panelUri) { | ||
$this->panelUri = $panelUri; | ||
} | ||
} | ||
|
||
/** | ||
* Middleware invokable class. | ||
* | ||
* @param Request $request PSR7 request | ||
* @param Response $response PSR7 response | ||
* @param callable $next Next middleware | ||
* | ||
* @return Response | ||
*/ | ||
public function __invoke(Request $request, Response $response, $next): Response | ||
{ | ||
$firewall = new Firewall($request, $response); | ||
$firewall->configure($this->storage); | ||
$firewall->controlPanel($this->panelUri); | ||
|
||
// Pass CSRF token to the Captcha form. | ||
// Note: The CsrfProtectionMiddleware was added in 3.5.0 | ||
$firewall->getKernel()->setCaptcha( | ||
new \Shieldon\Captcha\Csrf([ | ||
'name' => '_csrfToken', | ||
'value' => $request->getParam('_csrfToken'), | ||
]) | ||
); | ||
|
||
$response = $firewall->run(); | ||
|
||
if ($response->getStatusCode() !== 200) { | ||
$httpResolver = new HttpResolver(); | ||
$httpResolver($response); | ||
} | ||
|
||
return $next($request, $response); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
<?php | ||
/* | ||
* This file is part of the Shieldon package. | ||
* | ||
* (c) Terry L. <contact@terryl.in> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
* | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Shieldon\Firewall\Integration; | ||
|
||
use Shieldon\Firewall\Firewall; | ||
use Shieldon\Firewall\HttpResolver; | ||
use CodeIgniter\HTTP\RequestInterface as Request; | ||
use CodeIgniter\HTTP\ResponseInterface as Response; | ||
use CodeIgniter\Filters\FilterInterface; | ||
use function dirname; | ||
|
||
/** | ||
* CodeIgniter 4 Middleware of Shieldon Firewall. | ||
*/ | ||
class CodeIgniter4 implements FilterInterface | ||
{ | ||
/** | ||
* The absolute path of the storage where stores Shieldon generated data. | ||
* | ||
* @var string | ||
*/ | ||
protected $storage; | ||
|
||
/** | ||
* The entry point of Shieldon Firewall's control panel. | ||
* | ||
* For example: https://yoursite.com/firewall/panel/ | ||
* Just use the path component of a URI. | ||
* | ||
* @var string | ||
*/ | ||
protected $panelUri; | ||
|
||
/** | ||
* Constructor. | ||
* | ||
* @param string $storage See property `storage` explanation. | ||
* @param string $panelUri See property `panelUri` explanation. | ||
* | ||
* @return void | ||
*/ | ||
public function __construct(string $storage = '', string $panelUri = '') | ||
{ | ||
$dir = dirname($_SERVER['SCRIPT_FILENAME']); | ||
|
||
$this->storage = $dir . '/../writable/shieldon_firewall'; | ||
$this->panelUri = '/firewall/panel/'; | ||
|
||
if ('' !== $storage) { | ||
$this->storage = $storage; | ||
} | ||
|
||
if ('' !== $panelUri) { | ||
$this->panelUri = $panelUri; | ||
} | ||
} | ||
|
||
/** | ||
* Shieldon middleware invokable class. | ||
* | ||
* @param Request $request | ||
* | ||
* @return mixed | ||
*/ | ||
public function before(Request $request) | ||
{ | ||
if ($request->isCLI()) { | ||
return; | ||
} | ||
|
||
// CodeIgniter 4 is not a PSR-7 compatible framework, therefore we don't | ||
// pass the Reqest and Reposne to Firewall instance. | ||
// Shieldon will create them by its HTTP factory. | ||
$firewall = new Firewall(); | ||
$firewall->configure($this->storage); | ||
$firewall->controlPanel($this->panelUri); | ||
|
||
// Pass CodeIgniter CSRF Token to Captcha form. | ||
$firewall->getKernel()->setCaptcha( | ||
new \Shieldon\Captcha\Csrf([ | ||
'name' => csrf_token(), | ||
'value' => csrf_hash(), | ||
]) | ||
); | ||
|
||
$response = $firewall->run(); | ||
|
||
if ($response->getStatusCode() !== 200) { | ||
$httpResolver = new HttpResolver(); | ||
$httpResolver($response); | ||
} | ||
} | ||
|
||
/** | ||
* We don't have anything to do here. | ||
* | ||
* @param Response $request | ||
* @param Response $response | ||
* | ||
* @return mixed | ||
*/ | ||
public function after(Request $request, Response $response) | ||
{ | ||
|
||
} | ||
} |
Oops, something went wrong.