Merge branch 'hotfix-varis' into devel

GoteoFoundation · Feb 15, 2018 · 1e6d1be · 1e6d1be
2 parents b0928c5 + 3207cc1
commit 1e6d1be
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 24 deletions.
diff --git a/Resources/translations/de/url.yml b/Resources/translations/de/url.yml
@@ -1,5 +1 @@
 ---
-regular-facebook-url: 'https://www.facebook.com/'
-regular-identica-url: 'https://identi.ca/'
-regular-linkedin-url: 'https://www.linkedin.com/'
-regular-twitter-url: 'https://twitter.com/#!/'
diff --git a/Resources/translations/es/url.yml b/Resources/translations/es/url.yml
@@ -1,6 +1,7 @@
 ---
-regular-facebook-url: 'http://www.facebook.com/'
-regular-google-url: 'https://plus.google.com/'
-regular-identica-url: 'http://identi.ca/'
-regular-linkedin-url: 'http://es.linkedin.com/in/'
-regular-twitter-url: 'http://twitter.com/#!/'
+regular-facebook-url: 'https://www.facebook.com/'
+regular-google-url: 'https://plus.google.com/+'
+regular-identica-url: 'https://identi.ca/'
+regular-linkedin-url: 'https://www.linkedin.com/in/'
+regular-twitter-url: 'https://twitter.com/'
+regular-instagram-url: 'https://www.instagram.com/'
diff --git a/src/Goteo/Controller/AuthController.php b/src/Goteo/Controller/AuthController.php
@@ -12,6 +12,7 @@
 
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Goteo\Application\Exception\ControllerAccessDeniedException;
 
 use Goteo\Application\App;
@@ -43,14 +44,36 @@ public function redirectLoginAction(Request $request) {
     }
 
     /**
-     * Reusable static login checker
+     * Checks if the user is logged or needs to redirect to SSL
+     * @return [type] [description]
      */
-    public static function checkLogin(Request $request) {
-        // Already logged?
+    protected static function checkSession(Request $request) {
+
+        // Already logged? let's get out of here
         if (Session::isLogged()) {
             return App::dispatch(AppEvents::ALREADY_LOGGED, new FilterAuthEvent(Session::getUser()))->getUserRedirect($request);
         }
 
+        // Check if needs to be redirected to SSL
+        if(Config::get('ssl') && !$request->isSecure()) {
+            if (null !== $qs = $request->getQueryString()) {
+                $qs = '?'.$qs;
+            }
+
+            return new RedirectResponse('https://' . $request->getHttpHost().$request->getBaseUrl().$request->getPathInfo().$qs);
+        }
+
+        // Nothing to return if everything is ok
+    }
+
+    /**
+     * Reusable static login checker
+     */
+    public static function checkLogin(Request $request) {
+        if($sess = static::checkSession($request)) {
+            return $sess;
+        }
+
         // check username/password
         if ($request->request->has('username')) {
             $username = strtolower($request->request->get('username'));
@@ -74,14 +97,14 @@ public static function checkLogin(Request $request) {
         return true;
     }
 
-    public function loginAction(Request $request)
-    {
+    public function loginAction(Request $request) {
         $result = self::checkLogin($request);
         if($result instanceOf Response) return $result;
 
         return $this->viewResponse('auth/login', ['return' => $request->query->get('return')]);
 
     }
+
     /**
      * Cerrar sesión.
      * TODO: change to a event dispatcher
@@ -115,14 +138,12 @@ public function logoutAction(Request $request) {
      * Reusable static signup checker
      */
     public static function checkSignup(Request $request) {
-        // Already logged?
-        if (Session::isLogged()) {
-            return App::dispatch(AppEvents::ALREADY_LOGGED, new FilterAuthEvent(Session::getUser()))->getUserRedirect($request);
+        if($sess = static::checkSession($request)) {
+            return $sess;
         }
 
         $vars = [];
 
-
         if ($request->getMethod() == 'POST') {
             foreach ($request->request->all() as $key => $value) {
                 $vars[$key] = trim($value);
@@ -173,17 +194,15 @@ public static function checkSignup(Request $request) {
         return $vars;
     }
 
-    public function signupAction(Request $request)
-    {
+    public function signupAction(Request $request) {
         $result = self::checkSignup($request);
         if($result instanceOf Response) return $result;
 
         return $this->viewResponse('auth/signup', $result);
 
     }
 
-    public function passwordRecoveryAction($token = '', Request $request)
-    {
+    public function passwordRecoveryAction($token = '', Request $request) {
 
         $vars = array();
 
@@ -254,8 +273,7 @@ public function passwordRecoveryAction($token = '', Request $request)
         return $this->redirect('/login?' . $request->getQueryString());
     }
 
-    public function passwordResetAction(Request $request)
-    {
+    public function passwordResetAction(Request $request) {
         if ($request->getMethod() == 'POST') {
             $password = $request->request->get('password');
             $rpassword = $request->request->get('rpassword');