mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-22 13:03:16 +00:00
Update Remote Auth feature, fix custom domain bug and enforce banned domains
This commit is contained in:
parent
780e78f21a
commit
acabf603f0
4 changed files with 65 additions and 5 deletions
|
@ -7,6 +7,7 @@ use Illuminate\Http\Request;
|
|||
use App\Services\Account\RemoteAuthService;
|
||||
use App\Models\RemoteAuth;
|
||||
use App\Profile;
|
||||
use App\Instance;
|
||||
use App\User;
|
||||
use Purify;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
@ -36,6 +37,8 @@ class RemoteAuthController extends Controller
|
|||
|
||||
public function getAuthDomains(Request $request)
|
||||
{
|
||||
abort_unless(config_cache('pixelfed.open_registration') && config('remote-auth.mastodon.enabled'), 404);
|
||||
|
||||
if(config('remote-auth.mastodon.domains.only_custom')) {
|
||||
$res = config('remote-auth.mastodon.domains.custom');
|
||||
if(!$res || !strlen($res)) {
|
||||
|
@ -45,6 +48,19 @@ class RemoteAuthController extends Controller
|
|||
return response()->json($res);
|
||||
}
|
||||
|
||||
if( config('remote-auth.mastodon.domains.custom') &&
|
||||
!config('remote-auth.mastodon.domains.only_default') &&
|
||||
strlen(config('remote-auth.mastodon.domains.custom')) > 3 &&
|
||||
strpos(config('remote-auth.mastodon.domains.custom'), '.') > -1
|
||||
) {
|
||||
$res = config('remote-auth.mastodon.domains.custom');
|
||||
if(!$res || !strlen($res)) {
|
||||
return [];
|
||||
}
|
||||
$res = explode(',', $res);
|
||||
return response()->json($res);
|
||||
}
|
||||
|
||||
$res = config('remote-auth.mastodon.domains.default');
|
||||
$res = explode(',', $res);
|
||||
|
||||
|
@ -57,6 +73,27 @@ class RemoteAuthController extends Controller
|
|||
$this->validate($request, ['domain' => 'required']);
|
||||
|
||||
$domain = $request->input('domain');
|
||||
|
||||
if(str_starts_with(strtolower($domain), 'http')) {
|
||||
$res = [
|
||||
'domain' => $domain,
|
||||
'ready' => false,
|
||||
'action' => 'incompatible_domain'
|
||||
];
|
||||
return response()->json($res);
|
||||
}
|
||||
|
||||
$validateInstance = Helpers::validateUrl('https://' . $domain . '/?block-check=' . time());
|
||||
|
||||
if(!$validateInstance) {
|
||||
$res = [
|
||||
'domain' => $domain,
|
||||
'ready' => false,
|
||||
'action' => 'blocked_domain'
|
||||
];
|
||||
return response()->json($res);
|
||||
}
|
||||
|
||||
$compatible = RemoteAuthService::isDomainCompatible($domain);
|
||||
|
||||
if(!$compatible) {
|
||||
|
|
|
@ -12,6 +12,14 @@ class RemoteAuthService
|
|||
{
|
||||
const CACHE_KEY = 'pf:services:remoteauth:';
|
||||
|
||||
public static function getConfig()
|
||||
{
|
||||
return json_encode([
|
||||
'default_only' => config('remote-auth.mastodon.domains.only_default'),
|
||||
'custom_only' => config('remote-auth.mastodon.domains.only_custom'),
|
||||
]);
|
||||
}
|
||||
|
||||
public static function getMastodonClient($domain)
|
||||
{
|
||||
if(RemoteAuthInstance::whereDomain($domain)->exists()) {
|
||||
|
|
|
@ -24,8 +24,8 @@
|
|||
@click="handleRedirect(domain)">
|
||||
<span class="font-weight-bold">{{ domain }}</span>
|
||||
</button>
|
||||
<hr>
|
||||
<p class="text-center">
|
||||
<hr v-if="!config.default_only && !config.custom_only">
|
||||
<p v-if="!config.default_only && !config.custom_only" class="text-center">
|
||||
<button type="button" class="other-server-btn" @click="handleOther()">Sign-in with a different server</button>
|
||||
</p>
|
||||
<div class="w-100">
|
||||
|
@ -43,6 +43,12 @@
|
|||
|
||||
<script type="text/javascript">
|
||||
export default {
|
||||
props: {
|
||||
config: {
|
||||
type: Object
|
||||
}
|
||||
},
|
||||
|
||||
data() {
|
||||
return {
|
||||
loaded: false,
|
||||
|
@ -79,6 +85,11 @@
|
|||
return;
|
||||
}
|
||||
|
||||
if(res.data.hasOwnProperty('action') && res.data.action === 'blocked_domain') {
|
||||
swal('Server Blocked', 'This server is blocked by admins and cannot be used, please try another server!', 'error');
|
||||
return;
|
||||
}
|
||||
|
||||
if(res.data.ready) {
|
||||
window.location.href = '/auth/raw/mastodon/preflight?d=' + domain + '&dsh=' + res.data.dsh;
|
||||
}
|
||||
|
@ -95,9 +106,13 @@
|
|||
},
|
||||
})
|
||||
.then(domain => {
|
||||
if (!domain) throw null;
|
||||
if (!domain || domain.length < 2 || domain.indexOf('.') == -1) {
|
||||
swal('Oops!', "Please enter a valid domain!", 'error');
|
||||
return;
|
||||
};
|
||||
|
||||
if(domain.startsWith('https://')) {
|
||||
if(domain.startsWith('http')) {
|
||||
swal('Oops!', "The domain you enter should not start with http(s://)\nUse the domain format, like mastodon.social", 'error');
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
@extends('layouts.app')
|
||||
|
||||
@section('content')
|
||||
<remote-auth-start-component />
|
||||
<remote-auth-start-component :config='{!!\App\Services\Account\RemoteAuthService::getConfig()!!}'/>
|
||||
@endsection
|
||||
|
||||
@push('scripts')
|
||||
|
|
Loading…
Reference in a new issue