From bc6e67dc6c06719808558898714d521ca2b837bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Verg=C3=A9s?= Date: Thu, 15 Feb 2018 13:10:24 +0100 Subject: [PATCH 1/2] fix url prefix for social networkds --- Resources/translations/de/url.yml | 4 ---- Resources/translations/es/url.yml | 11 ++++++----- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/Resources/translations/de/url.yml b/Resources/translations/de/url.yml index 010c0ceb55..ed97d539c0 100644 --- a/Resources/translations/de/url.yml +++ b/Resources/translations/de/url.yml @@ -1,5 +1 @@ --- -regular-facebook-url: 'https://www.facebook.com/' -regular-identica-url: 'https://identi.ca/' -regular-linkedin-url: 'https://www.linkedin.com/' -regular-twitter-url: 'https://twitter.com/#!/' diff --git a/Resources/translations/es/url.yml b/Resources/translations/es/url.yml index 3ea9bc7c04..6d23f979fa 100644 --- a/Resources/translations/es/url.yml +++ b/Resources/translations/es/url.yml @@ -1,6 +1,7 @@ --- -regular-facebook-url: 'http://www.facebook.com/' -regular-google-url: 'https://plus.google.com/' -regular-identica-url: 'http://identi.ca/' -regular-linkedin-url: 'http://es.linkedin.com/in/' -regular-twitter-url: 'http://twitter.com/#!/' +regular-facebook-url: 'https://www.facebook.com/' +regular-google-url: 'https://plus.google.com/+' +regular-identica-url: 'https://identi.ca/' +regular-linkedin-url: 'https://www.linkedin.com/in/' +regular-twitter-url: 'https://twitter.com/' +regular-instagram-url: 'https://www.instagram.com/' From 3207cc1015ae4384503f623b6260dcc83d5c300a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Verg=C3=A9s?= Date: Thu, 15 Feb 2018 13:27:29 +0100 Subject: [PATCH 2/2] force login to SSL if configured in settings --- src/Goteo/Controller/AuthController.php | 48 +++++++++++++++++-------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/src/Goteo/Controller/AuthController.php b/src/Goteo/Controller/AuthController.php index 1a9d7ad8fb..c4566acbb1 100644 --- a/src/Goteo/Controller/AuthController.php +++ b/src/Goteo/Controller/AuthController.php @@ -12,6 +12,7 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpFoundation\RedirectResponse; use Goteo\Application\Exception\ControllerAccessDeniedException; use Goteo\Application\App; @@ -43,14 +44,36 @@ public function redirectLoginAction(Request $request) { } /** - * Reusable static login checker + * Checks if the user is logged or needs to redirect to SSL + * @return [type] [description] */ - public static function checkLogin(Request $request) { - // Already logged? + protected static function checkSession(Request $request) { + + // Already logged? let's get out of here if (Session::isLogged()) { return App::dispatch(AppEvents::ALREADY_LOGGED, new FilterAuthEvent(Session::getUser()))->getUserRedirect($request); } + // Check if needs to be redirected to SSL + if(Config::get('ssl') && !$request->isSecure()) { + if (null !== $qs = $request->getQueryString()) { + $qs = '?'.$qs; + } + + return new RedirectResponse('https://' . $request->getHttpHost().$request->getBaseUrl().$request->getPathInfo().$qs); + } + + // Nothing to return if everything is ok + } + + /** + * Reusable static login checker + */ + public static function checkLogin(Request $request) { + if($sess = static::checkSession($request)) { + return $sess; + } + // check username/password if ($request->request->has('username')) { $username = strtolower($request->request->get('username')); @@ -74,14 +97,14 @@ public static function checkLogin(Request $request) { return true; } - public function loginAction(Request $request) - { + public function loginAction(Request $request) { $result = self::checkLogin($request); if($result instanceOf Response) return $result; return $this->viewResponse('auth/login', ['return' => $request->query->get('return')]); } + /** * Cerrar sesiĆ³n. * TODO: change to a event dispatcher @@ -115,14 +138,12 @@ public function logoutAction(Request $request) { * Reusable static signup checker */ public static function checkSignup(Request $request) { - // Already logged? - if (Session::isLogged()) { - return App::dispatch(AppEvents::ALREADY_LOGGED, new FilterAuthEvent(Session::getUser()))->getUserRedirect($request); + if($sess = static::checkSession($request)) { + return $sess; } $vars = []; - if ($request->getMethod() == 'POST') { foreach ($request->request->all() as $key => $value) { $vars[$key] = trim($value); @@ -173,8 +194,7 @@ public static function checkSignup(Request $request) { return $vars; } - public function signupAction(Request $request) - { + public function signupAction(Request $request) { $result = self::checkSignup($request); if($result instanceOf Response) return $result; @@ -182,8 +202,7 @@ public function signupAction(Request $request) } - public function passwordRecoveryAction($token = '', Request $request) - { + public function passwordRecoveryAction($token = '', Request $request) { $vars = array(); @@ -254,8 +273,7 @@ public function passwordRecoveryAction($token = '', Request $request) return $this->redirect('/login?' . $request->getQueryString()); } - public function passwordResetAction(Request $request) - { + public function passwordResetAction(Request $request) { if ($request->getMethod() == 'POST') { $password = $request->request->get('password'); $rpassword = $request->request->get('rpassword');