p3k
/
Quill
mirror of https://github.com/aaronpk/Quill.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
339 Commits
3 Branches
14 MiB
Tree: 7b00421cf5
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7b00421cf5'
${ noResults }
Quill/controllers/auth.php

256 lines
8.8 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
do the micropub post and redirect after it's created!
10 years ago
request profile scope
3 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
update indieauth client
3 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
integrates photo uploading in the main note interface Quill corrects the photo rotation based on exif data since iOS tends to take landscape photos and set the rotation bit when holding it in portrait mode.
9 years ago
only skip debugging screens if the endpoints are the same as before
9 years ago
update indieauth client
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
integrates photo uploading in the main note interface Quill corrects the photo rotation based on exif data since iOS tends to take landscape photos and set the rotation bit when holding it in portrait mode.
9 years ago
only skip debugging screens if the endpoints are the same as before
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
redo how auto-login works
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
redo how auto-login works
8 years ago
Support full automatic no-questions-asked login - ?me=.. on homepage redirects to auth - ?dontask=1 skips confirmation questions - "reply" and other parameters are transferred across login
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
update indieauth client
3 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
update indieauth client
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
update indieauth client
3 years ago
Track token expiration Force reauthentication after the token expires.
1 month ago
update indieauth client
3 years ago
change logging of stuff during login
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
10 years ago
support media endpoint, autosave notes in local storage * looks for a media endpoint in the micropub config * if media endpoint is available, both the note interface and the editor will upload files to it instead of posting the photo directly * the note interface autosaves in-progress notes in localstorage
9 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
10 years ago
pass q=config in initial micropub config query fixes #54
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
change logging of stuff during login
3 years ago
do the micropub post and redirect after it's created!
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
move some auth routes to auth.php
8 years ago
add reset login option
8 years ago
add support for token revocation
6 years ago
add reset login option
8 years ago
Track token expiration Force reauthentication after the token expires.
1 month ago
reset micropub config data
6 years ago
add reset login option
8 years ago
add support for token revocation
6 years ago
add reset login option
8 years ago
move some auth routes to auth.php
8 years ago
 
  1. <?php
  2. 

  3. IndieAuth\Client::$clientID = Config::$base_url;
  4. IndieAuth\Client::$redirectURL = Config::$base_url.'auth/callback';
  5. 

  6. $app->get('/auth/start', function() use($app) {
  7.   $req = $app->request();
  8. 

  9.   $params = $req->params();
  10. 

  11.   $defaultScope = 'create update media profile';
  12. 

  13.   list($authorizationURL, $error) = IndieAuth\Client::begin($params['me'], $defaultScope);
  14. 

  15.   $me = IndieAuth\Client::normalizeMeURL($params['me']);
  16. 

  17.   // Double check for a micropub endpoint here for debugging purposes

  18.   if(!$error) {
  19.     $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  20.     if(!$micropubEndpoint) {
  21.       $error['error'] = 'missing_micropub_endpoint';
  22.     }
  23.   }
  24. 

  25.   if($error && in_array($error['error'], ['missing_authorization_endpoint','missing_token_endpoint','missing_micropub_endpoint'])) {
  26.     // Display debug info for these particular errors

  27. 

  28.     $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  29.     $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'] = IndieAuth\Client::discoverTokenEndpoint($me);
  30.     $authorizationEndpoint = $_SESSION['indieauth']['authorization_endpoint'] = IndieAuth\Client::discoverAuthorizationEndpoint($me);
  31. 

  32.     $html = render('auth_start', array(
  33.       'title' => 'Sign In',
  34.       'me' => $me,
  35.       'authorizing' => $me,
  36.       'meParts' => parse_url($me),
  37.       'tokenEndpoint' => $tokenEndpoint,
  38.       'micropubEndpoint' => $micropubEndpoint,
  39.       'authorizationEndpoint' => $authorizationEndpoint,
  40.       'authorizationURL' => false
  41.     ));
  42.     $app->response()->body($html);
  43.     return;
  44.   }
  45. 

  46.   // Handle other errors like connection errors by showing a generic error page

  47.   if($error) {
  48.     $html = render('auth_error', array(
  49.       'title' => 'Sign In',
  50.       'error' => $error['error'],
  51.       'errorDescription' => $error['error_description'],
  52.     ));
  53.     $app->response()->body($html);
  54.     return;
  55.   }
  56. 

  57.   $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  58.   $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'] = IndieAuth\Client::discoverTokenEndpoint($me);
  59.   $authorizationEndpoint = $_SESSION['indieauth']['authorization_endpoint'] = IndieAuth\Client::discoverAuthorizationEndpoint($me);
  60. 

  61.   if(k($params, 'redirect')) {
  62.     $_SESSION['redirect_after_login'] = $params['redirect'];
  63.   }
  64.   if(k($params, 'reply')) {
  65.     $_SESSION['reply'] = $params['reply'];
  66.   }
  67. 

  68.   // If the user has already signed in before and has a micropub access token,

  69.   // and the endpoints are all the same, skip the debugging screens and redirect

  70.   // immediately to the auth endpoint.

  71.   // This will still get a new access token when they finish logging in.

  72.   $user = ORM::for_table('users')->where('url', $me)->find_one();
  73.   if($user && $user->micropub_access_token
  74.     && $user->micropub_endpoint == $micropubEndpoint
  75.     && $user->token_endpoint == $tokenEndpoint
  76.     && $user->authorization_endpoint == $authorizationEndpoint
  77.     && !array_key_exists('restart', $params)) {
  78. 

  79.     // Request whatever scope was previously granted

  80.     $authorizationURL = parse_url($authorizationURL);
  81.     $authorizationURL['scope'] = $user->micropub_scope;
  82.     $authorizationURL = http_build_url($authorizationURL);
  83. 

  84.     $app->redirect($authorizationURL, 302);
  85. 

  86.   } else {
  87. 

  88.     if(k($params, 'dontask') && $params['dontask']) {
  89.       // Request whatever scope was previously granted

  90.       $authorizationURL = parse_url($authorizationURL);
  91.       $authorizationURL['scope'] = $user->micropub_scope ?: $defaultScope;
  92.       $authorizationURL = http_build_url($authorizationURL);
  93. 

  94.       $_SESSION['dontask'] = 1;
  95.       $app->redirect($authorizationURL, 302);
  96.     }
  97. 

  98.     $html = render('auth_start', array(
  99.       'title' => 'Sign In',
  100.       'me' => $me,
  101.       'authorizing' => $me,
  102.       'meParts' => parse_url($me),
  103.       'tokenEndpoint' => $tokenEndpoint,
  104.       'micropubEndpoint' => $micropubEndpoint,
  105.       'authorizationEndpoint' => $authorizationEndpoint,
  106.       'authorizationURL' => $authorizationURL
  107.     ));
  108.     $app->response()->body($html);
  109.   }
  110. });
  111. 

  112. $app->get('/auth/redirect', function() use($app) {
  113.   $req = $app->request();
  114.   $params = $req->params();
  115. 

  116.   // Override scope from the form the user selects

  117. 

  118.   if(!isset($params['scope']))
  119.     $params['scope'] = '';
  120. 

  121.   $authorizationURL = parse_url($params['authorization_url']);
  122.   parse_str($authorizationURL['query'], $query);
  123.   $query['scope'] = $params['scope'];
  124.   $authorizationURL['query'] = http_build_query($query);
  125.   $authorizationURL = http_build_url($authorizationURL);
  126. 

  127.   $app->redirect($authorizationURL);
  128.   return;
  129. });
  130. 

  131. $app->get('/auth/callback', function() use($app) {
  132.   $req = $app->request();
  133.   $params = $req->params();
  134. 

  135.   list($token, $error) = IndieAuth\Client::complete($params, true);
  136. 

  137.   if($error) {
  138.     $html = render('auth_error', [
  139.       'title' => 'Auth Callback',
  140.       'error' => $error['error'],
  141.       'errorDescription' => $error['error_description'],
  142.     ]);
  143.     $app->response()->body($html);
  144.     return;
  145.   }
  146. 

  147.   $me = $token['me'];
  148. 

  149.   // Use the discovered endpoints saved in the session

  150.   $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'];
  151.   $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'];
  152. 

  153.   $redirectToDashboardImmediately = false;
  154. 

  155.   // If a valid access token was returned, store the token info in the session and they are signed in

  156.   if(k($token['response'], array('me','access_token','scope'))) {
  157. 

  158.     $_SESSION['auth'] = $token['response'];
  159.     $_SESSION['me'] = $me = $token['me'];
  160. 

  161.     $user = ORM::for_table('users')->where('url', $me)->find_one();
  162.     if($user) {
  163.       // Already logged in, update the last login date

  164.       $user->last_login = date('Y-m-d H:i:s');
  165.       // If they have logged in before and we already have an access token, then redirect to the dashboard now

  166.       if($user->micropub_access_token)
  167.         $redirectToDashboardImmediately = true;
  168.     } else {
  169.       // New user! Store the user in the database

  170.       $user = ORM::for_table('users')->create();
  171.       $user->url = $me;
  172.       $user->date_created = date('Y-m-d H:i:s');
  173.     }
  174.     $user->authorization_endpoint = $_SESSION['indieauth']['authorization_endpoint'];
  175.     $user->token_endpoint = $tokenEndpoint;
  176.     $user->micropub_endpoint = $micropubEndpoint;
  177.     $user->micropub_access_token = $token['response']['access_token'];
  178.     if(is_numeric($token['response']['expires_in'])) {
  179.       $expiration = time() + $token['response']['expires_in'];
  180.       $user->micropub_token_expiration = date('Y-m-d H:i:s', $expiration);
  181.     }
  182.     $user->micropub_scope = $token['response']['scope'];
  183.     $user->micropub_response = $token['raw_response'];
  184.     $user->save();
  185.     $_SESSION['user_id'] = $user->id();
  186. 

  187.     // Make a request to the micropub endpoint to discover the syndication targets and media endpoint if any.

  188.     // Errors are silently ignored here. The user will be able to retry from the new post interface and get feedback.

  189.     get_micropub_config($user, ['q'=>'config']);
  190.   }
  191. 

  192.   unset($_SESSION['indieauth']);
  193. 

  194.   if($redirectToDashboardImmediately || k($_SESSION, 'dontask')) {
  195.     unset($_SESSION['dontask']);
  196.     if(k($_SESSION, 'redirect_after_login')) {
  197.       $dest = $_SESSION['redirect_after_login'];
  198.       unset($_SESSION['redirect_after_login']);
  199.       $app->redirect($dest, 302);
  200.     } else {
  201.       $query = [];
  202.       if(k($_SESSION, 'reply')) {
  203.         $query['reply'] = $_SESSION['reply'];
  204.         unset($_SESSION['reply']);
  205.       }
  206.       $app->redirect('/new?' . http_build_query($query), 302);
  207.     }
  208.   } else {
  209.     $html = render('auth_callback', array(
  210.       'title' => 'Sign In',
  211.       'me' => $me,
  212.       'authorizing' => $me,
  213.       'meParts' => parse_url($me),
  214.       'tokenEndpoint' => $tokenEndpoint,
  215.       'auth' => $token['response'],
  216.       'response' => $token['raw_response'],
  217.       'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false),
  218.       'destination' => (k($_SESSION, 'redirect_after_login') ?: '/new')
  219.     ));
  220.     $app->response()->body($html);
  221.   }
  222. });
  223. 

  224. $app->get('/signout', function() use($app) {
  225.   unset($_SESSION['auth']);
  226.   unset($_SESSION['me']);
  227.   unset($_SESSION['auth_state']);
  228.   unset($_SESSION['user_id']);
  229.   $app->redirect('/', 302);
  230. });
  231. 

  232. $app->post('/auth/reset', function() use($app) {
  233.   if($user=require_login($app, false)) {
  234.     revoke_micropub_token($user->micropub_access_token, $user->token_endpoint);
  235. 

  236.     $user->authorization_endpoint = '';
  237.     $user->token_endpoint = '';
  238.     $user->micropub_endpoint = '';
  239.     $user->authorization_endpoint = '';
  240.     $user->micropub_media_endpoint = '';
  241.     $user->micropub_scope = '';
  242.     $user->micropub_access_token = '';
  243.     $user->micropub_token_expiration = '';
  244.     $user->syndication_targets = '';
  245.     $user->supported_post_types = '';
  246.     $user->save();
  247. 

  248.     unset($_SESSION['auth']);
  249.     unset($_SESSION['me']);
  250.     unset($_SESSION['auth_state']);
  251.     unset($_SESSION['user_id']);
  252.   }
  253.   $app->redirect('/', 302);
  254. });
  255. 

  256.