Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Settings - Decouple from shield #1220

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,7 @@
"slack": "https://codeigniterchat.slack.com"
},
"require": {
"php": "^7.4.3 || ^8.0",
"codeigniter4/settings": "^2.1"
"php": "^7.4.3 || ^8.0"
},
"require-dev": {
"codeigniter/coding-standard": "1.7.*",
Expand All @@ -46,7 +45,8 @@
},
"suggest": {
"ext-curl": "Required to use the password validation rule via PwnedValidator class.",
"ext-openssl": "Required to use the JWT Authenticator."
"ext-openssl": "Required to use the JWT Authenticator.",
"codeigniter4/settings": "Required to store groups and permissions in database"
},
"minimum-stability": "dev",
"prefer-stable": true,
Expand Down
2 changes: 1 addition & 1 deletion docs/addons/jwt.md
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ class LoginController extends BaseController
}

// Get the credentials for login
$credentials = $this->request->getJsonVar(setting('Auth.validFields'));
$credentials = $this->request->getJsonVar(shieldSetting('Auth.validFields'));
$credentials = array_filter($credentials);
$credentials['password'] = $this->request->getJsonVar('password');

Expand Down
8 changes: 4 additions & 4 deletions docs/customization/redirect_urls.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ public function loginRedirect(): string
{
$url = auth()->user()->inGroup('admin')
? '/admin'
: setting('Auth.redirects')['login'];
: shieldSetting('Auth.redirects')['login'];

return $this->getUrl($url);
}
Expand All @@ -27,7 +27,7 @@ public function loginRedirect(): string
return '/admin';
}

$url = setting('Auth.redirects')['login'];
$url = shieldSetting('Auth.redirects')['login'];

return $this->getUrl($url);
}
Expand All @@ -40,7 +40,7 @@ You can customize where a user is redirected to after registration in the `regis
```php
public function registerRedirect(): string
{
$url = setting('Auth.redirects')['register'];
$url = shieldSetting('Auth.redirects')['register'];

return $this->getUrl($url);
}
Expand All @@ -53,7 +53,7 @@ The logout redirect can also be overridden by the `logoutRedirect()` method of t
```php
public function logoutRedirect(): string
{
$url = setting('Auth.redirects')['logout'];
$url = shieldSetting('Auth.redirects')['logout'];

return $this->getUrl($url);
}
Expand Down
4 changes: 2 additions & 2 deletions docs/guides/mobile_apps.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class LoginController extends BaseController
public function mobileLogin()
{
// Validate credentials
$rules = setting('Validation.login') ?? [
$rules = shieldSetting('Validation.login') ?? [
'email' => config('Auth')->emailValidationRules,
'password' => [
'label' => 'Auth.password',
Expand All @@ -46,7 +46,7 @@ class LoginController extends BaseController
}

// Get the credentials for login
$credentials = $this->request->getPost(setting('Auth.validFields'));
$credentials = $this->request->getPost(shieldSetting('Auth.validFields'));
$credentials = array_filter($credentials);
$credentials['password'] = $this->request->getPost('password');

Expand Down
10 changes: 5 additions & 5 deletions src/Authentication/Actions/Email2FA.php
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ public function show(): string

$this->createIdentity($user);

return $this->view(setting('Auth.views')['action_email_2fa'], ['user' => $user]);
return $this->view(shieldSetting('Auth.views')['action_email_2fa'], ['user' => $user]);
}

/**
Expand Down Expand Up @@ -89,11 +89,11 @@ public function handle(IncomingRequest $request)
// Send the user an email with the code
helper('email');
$email = emailer(['mailType' => 'html'])
->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
->setFrom(shieldSetting('Email.fromEmail'), shieldSetting('Email.fromName') ?? '');
$email->setTo($user->email);
$email->setSubject(lang('Auth.email2FASubject'));
$email->setMessage($this->view(
setting('Auth.views')['action_email_2fa_email'],
shieldSetting('Auth.views')['action_email_2fa_email'],
['code' => $identity->secret, 'user' => $user, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date],
['debug' => false]
));
Expand All @@ -105,7 +105,7 @@ public function handle(IncomingRequest $request)
// Clear the email
$email->clear();

return $this->view(setting('Auth.views')['action_email_2fa_verify']);
return $this->view(shieldSetting('Auth.views')['action_email_2fa_verify']);
}

/**
Expand All @@ -131,7 +131,7 @@ public function verify(IncomingRequest $request)
if (! $authenticator->checkAction($identity, $postedToken)) {
session()->setFlashdata('error', lang('Auth.invalid2FAToken'));

return $this->view(setting('Auth.views')['action_email_2fa_verify']);
return $this->view(shieldSetting('Auth.views')['action_email_2fa_verify']);
}

// Get our login redirect url
Expand Down
8 changes: 4 additions & 4 deletions src/Authentication/Actions/EmailActivator.php
Original file line number Diff line number Diff line change
Expand Up @@ -66,11 +66,11 @@ public function show(): string
// Send the email
helper('email');
$email = emailer(['mailType' => 'html'])
->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
->setFrom(shieldSetting('Email.fromEmail'), shieldSetting('Email.fromName') ?? '');
$email->setTo($userEmail);
$email->setSubject(lang('Auth.emailActivateSubject'));
$email->setMessage($this->view(
setting('Auth.views')['action_email_activate_email'],
shieldSetting('Auth.views')['action_email_activate_email'],
['code' => $code, 'user' => $user, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date],
['debug' => false]
));
Expand All @@ -83,7 +83,7 @@ public function show(): string
$email->clear();

// Display the info page
return $this->view(setting('Auth.views')['action_email_activate_show'], ['user' => $user]);
return $this->view(shieldSetting('Auth.views')['action_email_activate_show'], ['user' => $user]);
}

/**
Expand Down Expand Up @@ -120,7 +120,7 @@ public function verify(IncomingRequest $request)
if (! $authenticator->checkAction($identity, $postedToken)) {
session()->setFlashdata('error', lang('Auth.invalidActivateToken'));

return $this->view(setting('Auth.views')['action_email_activate_show']);
return $this->view(shieldSetting('Auth.views')['action_email_activate_show']);
}

$user = $authenticator->getUser();
Expand Down
42 changes: 21 additions & 21 deletions src/Authentication/Authenticators/Session.php
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ public function attempt(array $credentials): Result
*/
public function startUpAction(string $type, User $user): bool
{
$actionClass = setting('Auth.actions')[$type] ?? null;
$actionClass = shieldSetting('Auth.actions')[$type] ?? null;

if ($actionClass === null) {
return false;
Expand Down Expand Up @@ -417,7 +417,7 @@ private function checkUserState(): void

// No User Info in Session.
// Check remember-me token.
if (setting('Auth.sessionConfig')['allowRemembering']) {
if (shieldSetting('Auth.sessionConfig')['allowRemembering']) {
if ($this->checkRememberMe()) {
$this->setAuthAction();
}
Expand Down Expand Up @@ -473,7 +473,7 @@ private function setAuthAction(): bool
return false;
}

$authActions = setting('Auth.actions');
$authActions = shieldSetting('Auth.actions');

foreach ($authActions as $actionClass) {
if ($actionClass === null) {
Expand Down Expand Up @@ -516,7 +516,7 @@ private function getIdentitiesForAction(User $user): array
*/
private function getActionTypes(): array
{
$actions = setting('Auth.actions');
$actions = shieldSetting('Auth.actions');
$types = [];

foreach ($actions as $actionClass) {
Expand Down Expand Up @@ -611,7 +611,7 @@ private function getRememberMeToken(): ?string
/** @var IncomingRequest $request */
$request = service('request');

$cookieName = setting('Cookie.prefix') . setting('Auth.sessionConfig')['rememberCookieName'];
$cookieName = shieldSetting('Cookie.prefix') . shieldSetting('Auth.sessionConfig')['rememberCookieName'];

return $request->getCookie($cookieName);
}
Expand Down Expand Up @@ -682,15 +682,15 @@ public function startLogin(User $user): void
*/
protected function getSessionUserInfo(): array
{
return session(setting('Auth.sessionConfig')['field']) ?? [];
return session(shieldSetting('Auth.sessionConfig')['field']) ?? [];
}

/**
* Removes User Info in Session
*/
protected function removeSessionUserInfo(): void
{
session()->remove(setting('Auth.sessionConfig')['field']);
session()->remove(shieldSetting('Auth.sessionConfig')['field']);
}

/**
Expand All @@ -714,7 +714,7 @@ protected function setSessionUserKey(string $key, $value): void
{
$sessionUserInfo = $this->getSessionUserInfo();
$sessionUserInfo[$key] = $value;
session()->set(setting('Auth.sessionConfig')['field'], $sessionUserInfo);
session()->set(shieldSetting('Auth.sessionConfig')['field'], $sessionUserInfo);
}

/**
Expand All @@ -724,7 +724,7 @@ protected function removeSessionUserKey(string $key): void
{
$sessionUserInfo = $this->getSessionUserInfo();
unset($sessionUserInfo[$key]);
session()->set(setting('Auth.sessionConfig')['field'], $sessionUserInfo);
session()->set(shieldSetting('Auth.sessionConfig')['field'], $sessionUserInfo);
}

/**
Expand Down Expand Up @@ -762,7 +762,7 @@ public function login(User $user): void

private function issueRememberMeToken(): void
{
if ($this->shouldRemember && setting('Auth.sessionConfig')['allowRemembering']) {
if ($this->shouldRemember && shieldSetting('Auth.sessionConfig')['allowRemembering']) {
$this->rememberUser($this->user);

// Reset so it doesn't mess up future calls.
Expand All @@ -788,10 +788,10 @@ private function removeRememberCookie(): void

// Remove remember-me cookie
$response->deleteCookie(
setting('Auth.sessionConfig')['rememberCookieName'],
setting('Cookie.domain'),
setting('Cookie.path'),
setting('Cookie.prefix')
shieldSetting('Auth.sessionConfig')['rememberCookieName'],
shieldSetting('Cookie.domain'),
shieldSetting('Cookie.path'),
shieldSetting('Cookie.prefix')
);
}

Expand Down Expand Up @@ -930,7 +930,7 @@ protected function rememberUser(User $user): void

private function calcExpires(): Time
{
$timestamp = Time::now()->getTimestamp() + setting('Auth.sessionConfig')['rememberLength'];
$timestamp = Time::now()->getTimestamp() + shieldSetting('Auth.sessionConfig')['rememberLength'];

return Time::createFromTimestamp($timestamp);
}
Expand All @@ -946,13 +946,13 @@ private function setRememberMeCookie(string $rawToken): void
// Save it to the user's browser in a cookie.
// Create the cookie
$response->setCookie(
setting('Auth.sessionConfig')['rememberCookieName'],
shieldSetting('Auth.sessionConfig')['rememberCookieName'],
$rawToken, // Value
setting('Auth.sessionConfig')['rememberLength'], // # Seconds until it expires
setting('Cookie.domain'),
setting('Cookie.path'),
setting('Cookie.prefix'),
setting('Cookie.secure'), // Only send over HTTPS?
shieldSetting('Auth.sessionConfig')['rememberLength'], // # Seconds until it expires
shieldSetting('Cookie.domain'),
shieldSetting('Cookie.path'),
shieldSetting('Cookie.prefix'),
shieldSetting('Cookie.secure'), // Only send over HTTPS?
true // Hide from Javascript?
);
}
Expand Down
6 changes: 3 additions & 3 deletions src/Authorization/Groups.php
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class Groups
*/
public function info(string $group): ?Group
{
$info = setting('AuthGroups.groups')[strtolower($group)] ?? null;
$info = shieldSetting('AuthGroups.groups')[strtolower($group)] ?? null;

if (empty($info)) {
return null;
Expand All @@ -47,7 +47,7 @@ public function save(Group $group): void
throw new RuntimeException(lang('Auth.missingTitle'));
}

$groups = setting('AuthGroups.groups');
$groups = shieldSetting('AuthGroups.groups');

$alias = $group->alias;

Expand All @@ -61,6 +61,6 @@ public function save(Group $group): void
];

// Save it
setting('AuthGroups.groups', $groups);
shieldSetting('AuthGroups.groups', $groups);
}
}
4 changes: 2 additions & 2 deletions src/Authorization/Traits/Authorizable.php
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,7 @@ public function can(string ...$permissions): bool
$this->populateGroups();

// Get the group matrix
$matrix = setting('AuthGroups.matrix');
$matrix = shieldSetting('AuthGroups.matrix');

foreach ($permissions as $permission) {
// Permission must contain a scope and action
Expand Down Expand Up @@ -406,6 +406,6 @@ private function saveGroupsOrPermissions(string $type, $model, array $cache): vo
*/
private function getConfigPermissions(): array
{
return array_keys(setting('AuthGroups.permissions'));
return array_keys(shieldSetting('AuthGroups.permissions'));
}
}
Loading
Loading