minor typo fixes
This commit is contained in:
arabcoders
@@ -18,13 +18,13 @@ use Monolog\Level;
|
||||
|
||||
return (function () {
|
||||
$inContainer = inContainer();
|
||||
$progressTimeCheck = fn (int $v, int $d): int => 0 === $v || $v >= 180 ? $v : $d;
|
||||
$progressTimeCheck = fn(int $v, int $d): int => 0 === $v || $v >= 180 ? $v : $d;
|
||||
|
||||
$config = [
|
||||
'name' => 'WatchState',
|
||||
'version' => '$(version_via_ci)',
|
||||
'tz' => env('WS_TZ', env('TZ', 'UTC')),
|
||||
'path' => fixPath(env('WS_DATA_PATH', fn () => $inContainer ? '/config' : __DIR__ . '/../var')),
|
||||
'path' => fixPath(env('WS_DATA_PATH', fn() => $inContainer ? '/config' : __DIR__ . '/../var')),
|
||||
'logs' => [
|
||||
'context' => (bool)env('WS_LOGS_CONTEXT', false),
|
||||
'prune' => [
|
||||
@@ -44,7 +44,7 @@ return (function () {
|
||||
'encode' => JSON_INVALID_UTF8_IGNORE | JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE,
|
||||
'headers' => [
|
||||
'Content-Type' => 'application/json',
|
||||
'X-Application-Version' => fn () => getAppVersion(),
|
||||
'X-Application-Version' => fn() => getAppVersion(),
|
||||
'Access-Control-Allow-Origin' => '*',
|
||||
],
|
||||
],
|
||||
@@ -71,7 +71,7 @@ return (function () {
|
||||
'proxy' => (bool)env('WS_TRUST_PROXY', false),
|
||||
'header' => (string)env('WS_TRUST_HEADER', 'X-Forwarded-For'),
|
||||
'local' => (bool)env('WS_TRUST_LOCAL', false),
|
||||
'localnet' => [
|
||||
'local_net' => [
|
||||
'192.168.0.0/16', // RFC-1918 A-block.
|
||||
'127.0.0.1/32', // localhost IPv4
|
||||
'10.0.0.0/8', // RFC-1918 C-block.
|
||||
@@ -162,14 +162,14 @@ return (function () {
|
||||
|
||||
$config['profiler'] = [
|
||||
'save' => (bool)env('WS_PROFILER_SAVE', true),
|
||||
'path' => env('WS_PROFILER_PATH', fn () => ag($config, 'tmpDir') . '/profiler'),
|
||||
'path' => env('WS_PROFILER_PATH', fn() => ag($config, 'tmpDir') . '/profiler'),
|
||||
'collector' => env('WS_PROFILER_COLLECTOR', null),
|
||||
];
|
||||
|
||||
$config['cache'] = [
|
||||
'prefix' => env('WS_CACHE_PREFIX', null),
|
||||
'url' => env('WS_CACHE_URL', 'redis://127.0.0.1:6379'),
|
||||
'path' => env('WS_CACHE_PATH', fn () => ag($config, 'tmpDir') . '/cache'),
|
||||
'path' => env('WS_CACHE_PATH', fn() => ag($config, 'tmpDir') . '/cache'),
|
||||
];
|
||||
|
||||
$config['logger'] = [
|
||||
|
||||
@@ -67,7 +67,7 @@ return (function () {
|
||||
],
|
||||
[
|
||||
'key' => 'WS_TRUST_LOCAL',
|
||||
'description' => 'Bypass the authentication layer for local IP Addresses for WebUI.',
|
||||
'description' => 'Bypass the WebUI authentication layer for local IP addresses.',
|
||||
'type' => 'bool',
|
||||
'danger' => true,
|
||||
],
|
||||
@@ -276,20 +276,22 @@ return (function () {
|
||||
return $value;
|
||||
}
|
||||
|
||||
$hash = password_hash($value, Config::get('password.algo'), Config::get('password.options', []));
|
||||
|
||||
if (false === $hash) {
|
||||
throw new ValidationException('Invalid password. Password hashing failed.');
|
||||
try {
|
||||
return $prefix . password_hash(
|
||||
$value,
|
||||
Config::get('password.algo'),
|
||||
Config::get('password.options', [])
|
||||
);
|
||||
} catch (ValueError $e) {
|
||||
throw new ValidationException('Invalid password. Password hashing failed.', $e);
|
||||
}
|
||||
|
||||
return $prefix . $hash;
|
||||
},
|
||||
'mask' => true,
|
||||
'protected' => true,
|
||||
],
|
||||
[
|
||||
[
|
||||
'key' => 'WS_SYSTEM_SECRET',
|
||||
'description' => 'The secret key which is used to sign sucessful auth requests.',
|
||||
'description' => 'The secret key which is used to sign successful auth requests.',
|
||||
'type' => 'string',
|
||||
'validate' => function (mixed $value): string {
|
||||
if (empty($value)) {
|
||||
|
||||
@@ -12,10 +12,10 @@ use App\Libs\Config;
|
||||
use App\Libs\DataUtil;
|
||||
use App\Libs\Enums\Http\Method;
|
||||
use App\Libs\Enums\Http\Status;
|
||||
use App\Libs\IpUtils;
|
||||
use App\Libs\Middlewares\AuthorizationMiddleware;
|
||||
use App\Libs\TokenUtil;
|
||||
use App\Libs\Traits\APITraits;
|
||||
use App\Libs\IpUtils;
|
||||
use Psr\Http\Message\ResponseInterface as iResponse;
|
||||
use Psr\Http\Message\ServerRequestInterface as iRequest;
|
||||
use Throwable;
|
||||
@@ -42,13 +42,14 @@ final class Auth
|
||||
return api_response(Status::NO_CONTENT);
|
||||
}
|
||||
|
||||
if (false === Config::get('trust.local', false)) {
|
||||
$localNet = Config::get('trust.local_net', []);
|
||||
if (true !== (bool)Config::get('trust.local', false) || count($localNet) < 1) {
|
||||
return api_response(Status::OK);
|
||||
}
|
||||
|
||||
$localAddress = getClientIp($request);
|
||||
|
||||
if (false === IpUtils::checkIp($localAddress, Config::get('trust.localnet', []))) {
|
||||
if (false === IpUtils::checkIp($localAddress, $localNet)) {
|
||||
return api_response(Status::OK);
|
||||
}
|
||||
|
||||
@@ -123,8 +124,8 @@ final class Auth
|
||||
|
||||
try {
|
||||
$payload = json_decode($payload, true, flags: JSON_THROW_ON_ERROR);
|
||||
$tokenUser = ag($payload, 'username', fn () => TokenUtil::generateSecret());
|
||||
$systemUser = Config::get('system.user', fn () => TokenUtil::generateSecret());
|
||||
$tokenUser = ag($payload, 'username', fn() => TokenUtil::generateSecret());
|
||||
$systemUser = Config::get('system.user', fn() => TokenUtil::generateSecret());
|
||||
|
||||
if (false === hash_equals($systemUser, $tokenUser)) {
|
||||
return api_error('Invalid token.', Status::UNAUTHORIZED);
|
||||
@@ -254,8 +255,8 @@ final class Auth
|
||||
return api_error('Invalid current password.', Status::UNAUTHORIZED);
|
||||
}
|
||||
|
||||
$repsonse = APIRequest(Method::POST, '/system/env/WS_SYSTEM_PASSWORD', ['value' => $new_password]);
|
||||
if (Status::OK !== $repsonse->status) {
|
||||
$response = APIRequest(Method::POST, '/system/env/WS_SYSTEM_PASSWORD', ['value' => $new_password]);
|
||||
if (Status::OK !== $response->status) {
|
||||
return api_error('Failed to set new password.', Status::INTERNAL_SERVER_ERROR);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user