mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-25 15:55:22 +00:00
Update Remote Auth feature, fix custom domain bug and enforce banned domains
This commit is contained in:
parent
780e78f21a
commit
acabf603f0
4 changed files with 65 additions and 5 deletions
|
@ -7,6 +7,7 @@ use Illuminate\Http\Request;
|
||||||
use App\Services\Account\RemoteAuthService;
|
use App\Services\Account\RemoteAuthService;
|
||||||
use App\Models\RemoteAuth;
|
use App\Models\RemoteAuth;
|
||||||
use App\Profile;
|
use App\Profile;
|
||||||
|
use App\Instance;
|
||||||
use App\User;
|
use App\User;
|
||||||
use Purify;
|
use Purify;
|
||||||
use Illuminate\Support\Facades\Auth;
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
@ -36,6 +37,8 @@ class RemoteAuthController extends Controller
|
||||||
|
|
||||||
public function getAuthDomains(Request $request)
|
public function getAuthDomains(Request $request)
|
||||||
{
|
{
|
||||||
|
abort_unless(config_cache('pixelfed.open_registration') && config('remote-auth.mastodon.enabled'), 404);
|
||||||
|
|
||||||
if(config('remote-auth.mastodon.domains.only_custom')) {
|
if(config('remote-auth.mastodon.domains.only_custom')) {
|
||||||
$res = config('remote-auth.mastodon.domains.custom');
|
$res = config('remote-auth.mastodon.domains.custom');
|
||||||
if(!$res || !strlen($res)) {
|
if(!$res || !strlen($res)) {
|
||||||
|
@ -45,6 +48,19 @@ class RemoteAuthController extends Controller
|
||||||
return response()->json($res);
|
return response()->json($res);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( config('remote-auth.mastodon.domains.custom') &&
|
||||||
|
!config('remote-auth.mastodon.domains.only_default') &&
|
||||||
|
strlen(config('remote-auth.mastodon.domains.custom')) > 3 &&
|
||||||
|
strpos(config('remote-auth.mastodon.domains.custom'), '.') > -1
|
||||||
|
) {
|
||||||
|
$res = config('remote-auth.mastodon.domains.custom');
|
||||||
|
if(!$res || !strlen($res)) {
|
||||||
|
return [];
|
||||||
|
}
|
||||||
|
$res = explode(',', $res);
|
||||||
|
return response()->json($res);
|
||||||
|
}
|
||||||
|
|
||||||
$res = config('remote-auth.mastodon.domains.default');
|
$res = config('remote-auth.mastodon.domains.default');
|
||||||
$res = explode(',', $res);
|
$res = explode(',', $res);
|
||||||
|
|
||||||
|
@ -57,6 +73,27 @@ class RemoteAuthController extends Controller
|
||||||
$this->validate($request, ['domain' => 'required']);
|
$this->validate($request, ['domain' => 'required']);
|
||||||
|
|
||||||
$domain = $request->input('domain');
|
$domain = $request->input('domain');
|
||||||
|
|
||||||
|
if(str_starts_with(strtolower($domain), 'http')) {
|
||||||
|
$res = [
|
||||||
|
'domain' => $domain,
|
||||||
|
'ready' => false,
|
||||||
|
'action' => 'incompatible_domain'
|
||||||
|
];
|
||||||
|
return response()->json($res);
|
||||||
|
}
|
||||||
|
|
||||||
|
$validateInstance = Helpers::validateUrl('https://' . $domain . '/?block-check=' . time());
|
||||||
|
|
||||||
|
if(!$validateInstance) {
|
||||||
|
$res = [
|
||||||
|
'domain' => $domain,
|
||||||
|
'ready' => false,
|
||||||
|
'action' => 'blocked_domain'
|
||||||
|
];
|
||||||
|
return response()->json($res);
|
||||||
|
}
|
||||||
|
|
||||||
$compatible = RemoteAuthService::isDomainCompatible($domain);
|
$compatible = RemoteAuthService::isDomainCompatible($domain);
|
||||||
|
|
||||||
if(!$compatible) {
|
if(!$compatible) {
|
||||||
|
|
|
@ -12,6 +12,14 @@ class RemoteAuthService
|
||||||
{
|
{
|
||||||
const CACHE_KEY = 'pf:services:remoteauth:';
|
const CACHE_KEY = 'pf:services:remoteauth:';
|
||||||
|
|
||||||
|
public static function getConfig()
|
||||||
|
{
|
||||||
|
return json_encode([
|
||||||
|
'default_only' => config('remote-auth.mastodon.domains.only_default'),
|
||||||
|
'custom_only' => config('remote-auth.mastodon.domains.only_custom'),
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
public static function getMastodonClient($domain)
|
public static function getMastodonClient($domain)
|
||||||
{
|
{
|
||||||
if(RemoteAuthInstance::whereDomain($domain)->exists()) {
|
if(RemoteAuthInstance::whereDomain($domain)->exists()) {
|
||||||
|
|
|
@ -24,8 +24,8 @@
|
||||||
@click="handleRedirect(domain)">
|
@click="handleRedirect(domain)">
|
||||||
<span class="font-weight-bold">{{ domain }}</span>
|
<span class="font-weight-bold">{{ domain }}</span>
|
||||||
</button>
|
</button>
|
||||||
<hr>
|
<hr v-if="!config.default_only && !config.custom_only">
|
||||||
<p class="text-center">
|
<p v-if="!config.default_only && !config.custom_only" class="text-center">
|
||||||
<button type="button" class="other-server-btn" @click="handleOther()">Sign-in with a different server</button>
|
<button type="button" class="other-server-btn" @click="handleOther()">Sign-in with a different server</button>
|
||||||
</p>
|
</p>
|
||||||
<div class="w-100">
|
<div class="w-100">
|
||||||
|
@ -43,6 +43,12 @@
|
||||||
|
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
export default {
|
export default {
|
||||||
|
props: {
|
||||||
|
config: {
|
||||||
|
type: Object
|
||||||
|
}
|
||||||
|
},
|
||||||
|
|
||||||
data() {
|
data() {
|
||||||
return {
|
return {
|
||||||
loaded: false,
|
loaded: false,
|
||||||
|
@ -79,6 +85,11 @@
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(res.data.hasOwnProperty('action') && res.data.action === 'blocked_domain') {
|
||||||
|
swal('Server Blocked', 'This server is blocked by admins and cannot be used, please try another server!', 'error');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if(res.data.ready) {
|
if(res.data.ready) {
|
||||||
window.location.href = '/auth/raw/mastodon/preflight?d=' + domain + '&dsh=' + res.data.dsh;
|
window.location.href = '/auth/raw/mastodon/preflight?d=' + domain + '&dsh=' + res.data.dsh;
|
||||||
}
|
}
|
||||||
|
@ -95,9 +106,13 @@
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
.then(domain => {
|
.then(domain => {
|
||||||
if (!domain) throw null;
|
if (!domain || domain.length < 2 || domain.indexOf('.') == -1) {
|
||||||
|
swal('Oops!', "Please enter a valid domain!", 'error');
|
||||||
|
return;
|
||||||
|
};
|
||||||
|
|
||||||
if(domain.startsWith('https://')) {
|
if(domain.startsWith('http')) {
|
||||||
|
swal('Oops!', "The domain you enter should not start with http(s://)\nUse the domain format, like mastodon.social", 'error');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
@extends('layouts.app')
|
@extends('layouts.app')
|
||||||
|
|
||||||
@section('content')
|
@section('content')
|
||||||
<remote-auth-start-component />
|
<remote-auth-start-component :config='{!!\App\Services\Account\RemoteAuthService::getConfig()!!}'/>
|
||||||
@endsection
|
@endsection
|
||||||
|
|
||||||
@push('scripts')
|
@push('scripts')
|
||||||
|
|
Loading…
Reference in a new issue