mirror of
https://code.castopod.org/adaures/castopod.git
synced 2024-09-10 20:43:22 +02:00
2f525c0f6e
- add "ActivityPub" library to handle server to server federation and basic
client to server protocols using activitypub:
- add webfinger endpoint to look for actor
- add actor definition with inbox / outbox / followers
- remote follow an actor
- create notes with possible preview cards
- interract with favourites, reblogs and replies
- block incoming actors and/or domains
- broadcast/schedule activities to fediverse followers using a cron task
- For castopod, the podcast is the actor:
- overwrite the activitypub library for castopod's specific needs
- perform basic interactions administrating a podcast to interact with fediverse users:
- create notes with episode attachment
- favourite and share a note + reply
- add specific castopod_namespaces for podcasts and episodes definitions
- overwrite CodeIgniter's Route service to include alternate-content option for
activitystream requests
- update episode publication logic:
- remove publication inputs in create / edit episode form
- publish / schedule or unpublish an episode after creation
- the podcaster publishes a note when publishing an episode
- Javascript / Typescript modules:
- fix Dropdown.ts to keep dropdown menu in foreground
- add Modal.ts for funding links modal
- add Toggler.ts to toggle various css states in ui
- User Interface:
- update tailwindcss to v2
- use castopod's pine and rose colors
- update public layout to a 3 column layout
- add pages in public for podcast activity, episode list and notes
- update episode page to include linked notes
- remove previous and next episodes from episode pages
- show different public views depending on whether user is authenticated or not
- use Kumbh Sans and Montserrat fonts
- update CodeIgniter's config files
- with CodeIgniter's new requirements, update docker environments are now based on
php v7.3 image
- move Image entity to Libraries
- update composer and npm packages to latest versions
closes #69 #65 #85, fixes #51 #91 #92 #88
196 lines
5.4 KiB
PHP
196 lines
5.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @copyright 2020 Podlibre
|
|
* @license https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
|
|
* @link https://castopod.org/
|
|
*/
|
|
|
|
namespace App\Controllers;
|
|
|
|
use App\Entities\User;
|
|
|
|
class Auth extends \Myth\Auth\Controllers\AuthController
|
|
{
|
|
/**
|
|
* An array of helpers to be automatically loaded
|
|
* upon class instantiation.
|
|
*
|
|
* @var array
|
|
*/
|
|
protected $helpers = ['components'];
|
|
|
|
/**
|
|
* Attempt to register a new user.
|
|
*/
|
|
public function attemptRegister()
|
|
{
|
|
// Check if registration is allowed
|
|
if (!$this->config->allowRegistration) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('error', lang('Auth.registerDisabled'));
|
|
}
|
|
|
|
$users = model('UserModel');
|
|
|
|
// Validate here first, since some things,
|
|
// like the password, can only be validated properly here.
|
|
$rules = [
|
|
'username' =>
|
|
'required|alpha_numeric_space|min_length[3]|is_unique[users.username]',
|
|
'email' => 'required|valid_email|is_unique[users.email]',
|
|
'password' => 'required|strong_password',
|
|
];
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('errors', service('validation')->getErrors());
|
|
}
|
|
|
|
// Save the user
|
|
$allowedPostFields = array_merge(
|
|
['password'],
|
|
$this->config->validFields,
|
|
$this->config->personalFields,
|
|
);
|
|
$user = new User($this->request->getPost($allowedPostFields));
|
|
|
|
$this->config->requireActivation !== false
|
|
? $user->generateActivateHash()
|
|
: $user->activate();
|
|
|
|
// Ensure default group gets assigned if set
|
|
if (!empty($this->config->defaultUserGroup)) {
|
|
$users = $users->withGroup($this->config->defaultUserGroup);
|
|
}
|
|
|
|
if (!$users->save($user)) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('errors', $users->errors());
|
|
}
|
|
|
|
if ($this->config->requireActivation !== false) {
|
|
$activator = service('activator');
|
|
$sent = $activator->send($user);
|
|
|
|
if (!$sent) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with(
|
|
'error',
|
|
$activator->error() ?? lang('Auth.unknownError'),
|
|
);
|
|
}
|
|
|
|
// Success!
|
|
return redirect()
|
|
->route('login')
|
|
->with('message', lang('Auth.activationSuccess'));
|
|
}
|
|
|
|
// Success!
|
|
return redirect()
|
|
->route('login')
|
|
->with('message', lang('Auth.registerSuccess'));
|
|
}
|
|
|
|
/**
|
|
* Verifies the code with the email and saves the new password,
|
|
* if they all pass validation.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function attemptReset()
|
|
{
|
|
if ($this->config->activeResetter === false) {
|
|
return redirect()
|
|
->route('login')
|
|
->with('error', lang('Auth.forgotDisabled'));
|
|
}
|
|
|
|
$users = model('UserModel');
|
|
|
|
// First things first - log the reset attempt.
|
|
$users->logResetAttempt(
|
|
$this->request->getPost('email'),
|
|
$this->request->getPost('token'),
|
|
$this->request->getIPAddress(),
|
|
(string) $this->request->getUserAgent(),
|
|
);
|
|
|
|
$rules = [
|
|
'token' => 'required',
|
|
'email' => 'required|valid_email',
|
|
'password' => 'required|strong_password',
|
|
];
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('errors', $users->errors());
|
|
}
|
|
|
|
$user = $users
|
|
->where('email', $this->request->getPost('email'))
|
|
->where('reset_hash', $this->request->getPost('token'))
|
|
->first();
|
|
|
|
if (is_null($user)) {
|
|
return redirect()
|
|
->back()
|
|
->with('error', lang('Auth.forgotNoUser'));
|
|
}
|
|
|
|
// Reset token still valid?
|
|
if (
|
|
!empty($user->reset_expires) &&
|
|
time() > $user->reset_expires->getTimestamp()
|
|
) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('error', lang('Auth.resetTokenExpired'));
|
|
}
|
|
|
|
// Success! Save the new password, and cleanup the reset hash.
|
|
$user->password = $this->request->getPost('password');
|
|
$user->reset_hash = null;
|
|
$user->reset_at = date('Y-m-d H:i:s');
|
|
$user->reset_expires = null;
|
|
$user->force_pass_reset = false;
|
|
$users->save($user);
|
|
|
|
return redirect()
|
|
->route('login')
|
|
->with('message', lang('Auth.resetSuccess'));
|
|
}
|
|
|
|
public function attemptInteractAsActor()
|
|
{
|
|
$rules = [
|
|
'actor_id' => 'required|numeric',
|
|
];
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('errors', service('validation')->getErrors());
|
|
}
|
|
|
|
helper('auth');
|
|
|
|
set_interact_as_actor($this->request->getPost('actor_id'));
|
|
|
|
return redirect()->back();
|
|
}
|
|
}
|