diff --git a/nginx.conf b/nginx.conf index e662d921a6..2c52227973 100644 --- a/nginx.conf +++ b/nginx.conf @@ -129,7 +129,7 @@ server { rewrite admin/api/(.*) /admin/api/index.php last; # Administration pages - rewrite admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|instance/edit|instance/update|instances|stopwords|system|update) /admin/front.php last; + rewrite admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|instance/edit|instance/update|instances|session-keep-alive|stopwords|system|update) /admin/front.php last; # REST API v3.0 and v3.1 rewrite ^api/v3\.[01]/(.*) /api/index.php last; diff --git a/phpmyfaq/.htaccess b/phpmyfaq/.htaccess index 78400aefad..5663c12801 100644 --- a/phpmyfaq/.htaccess +++ b/phpmyfaq/.htaccess @@ -143,7 +143,7 @@ Header set Access-Control-Allow-Headers "Content-Type, Authorization" # Administration API RewriteRule ^admin/api/(.*) admin/api/index.php [L,QSA] # Administration pages - RewriteRule ^admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|instance/edit|instance/update|instances|stopwords|system|update) admin/front.php [L,QSA] + RewriteRule ^admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|instance/edit|instance/update|instances|session-keep-alive|stopwords|system|update) admin/front.php [L,QSA] # Private APIs RewriteRule ^api/(autocomplete|bookmark/delete|bookmark/create|user/data/update|user/password/update|user/request-removal|user/remove-twofactor|contact|voting|register|captcha|share|comment/create|faq/create|question/create|webauthn/prepare|webauthn/register|webauthn/prepare-login|webauthn/login) api/index.php [L,QSA] # Setup APIs diff --git a/phpmyfaq/admin/session.keepalive.php b/phpmyfaq/admin/session.keepalive.php deleted file mode 100644 index c5002292e2..0000000000 --- a/phpmyfaq/admin/session.keepalive.php +++ /dev/null @@ -1,104 +0,0 @@ -. - * - * This Source Code Form is subject to the terms of the Mozilla Public License, - * v. 2.0. If a copy of the MPL was not distributed with this file, You can - * obtain one at https://mozilla.org/MPL/2.0/. - * - * @package phpMyFAQ - * @author Matteo Scaramuccia - * @author Thorsten Rinne - * @author Uwe Pries - * @copyright 2006-2024 phpMyFAQ Team - * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 - * @link https://www.phpmyfaq.de - * @since 2006-05-08 - */ - -use phpMyFAQ\Configuration; -use phpMyFAQ\Filter; -use phpMyFAQ\Language; -use phpMyFAQ\Session\Token; -use phpMyFAQ\Strings; -use phpMyFAQ\System; -use phpMyFAQ\Template\TwigWrapper; -use phpMyFAQ\Translation; -use phpMyFAQ\User\CurrentUser; -use Symfony\Component\Config\FileLocator; -use Symfony\Component\DependencyInjection\ContainerBuilder; -use Symfony\Component\DependencyInjection\Loader\PhpFileLoader; - -define('PMF_ROOT_DIR', dirname(__DIR__)); - -// -// Define the named constant used as a check by any included PHP file -// -const IS_VALID_PHPMYFAQ = null; - -// -// Bootstrapping -// -require PMF_ROOT_DIR . '/src/Bootstrap.php'; -require PMF_ROOT_DIR . '/translations/language_en.php'; - -// -// Service Containers -// -$container = new ContainerBuilder(); -$loader = new PhpFileLoader($container, new FileLocator(__DIR__)); -try { - $loader->load('../src/services.php'); -} catch (Exception $e) { - echo $e->getMessage(); -} - -$faqConfig = Configuration::getConfigurationInstance(); - -// -// Get language (default: english) -// -$language = Filter::filterInput(INPUT_GET, 'lang', FILTER_SANITIZE_SPECIAL_CHARS); -if (!is_null($language) && Language::isASupportedLanguage($language)) { - require PMF_ROOT_DIR . '/translations/language_' . $language . '.php'; -} - -// -// Set translation class -// -try { - Translation::create() - ->setLanguagesDir(PMF_TRANSLATION_DIR) - ->setDefaultLanguage('en') - ->setCurrentLanguage($language); -} catch (Exception $e) { - echo 'Error: ' . $e->getMessage(); -} - -// -// Initializing static string wrapper -// -Strings::init($language); - -$user = CurrentUser::getCurrentUser($faqConfig); - -$refreshTime = (PMF_AUTH_TIMEOUT - PMF_AUTH_TIMEOUT_WARNING) * 60; - -$twig = new TwigWrapper(PMF_ROOT_DIR . '/assets/templates'); -$template = $twig->loadTemplate('@admin/session-keepalive.twig'); - -$templateVars = [ - 'metaLanguage' => Translation::get('metaLanguage'), - 'phpMyFAQVersion' => System::getVersion(), - 'currentYear' => date('Y'), - 'isUserLoggedIn' => $user->isLoggedIn() && ($refreshTime > 0), - 'csrfToken' => Token::getInstance($container->get('session'))->getTokenString('admin-logout'), - 'msgConfirm' => sprintf(Translation::get('ad_session_expiring'), PMF_AUTH_TIMEOUT_WARNING), - 'sessionTimeout' => PMF_AUTH_TIMEOUT, - 'refreshTime' => $refreshTime, -]; - -echo $template->render($templateVars); diff --git a/phpmyfaq/assets/templates/admin/footer.twig b/phpmyfaq/assets/templates/admin/footer.twig index 616c4067eb..f2a38964c1 100644 --- a/phpmyfaq/assets/templates/admin/footer.twig +++ b/phpmyfaq/assets/templates/admin/footer.twig @@ -86,7 +86,7 @@ {% if isUserLoggedIn %} - {% endif %} diff --git a/phpmyfaq/assets/templates/admin/index.twig b/phpmyfaq/assets/templates/admin/index.twig index 1025ee1347..835db726ff 100644 --- a/phpmyfaq/assets/templates/admin/index.twig +++ b/phpmyfaq/assets/templates/admin/index.twig @@ -312,7 +312,7 @@ {% if isUserLoggedIn %} - {% endif %} diff --git a/phpmyfaq/assets/templates/admin/session-keepalive.twig b/phpmyfaq/assets/templates/admin/session-keepalive.twig index 76acbb3745..11d1a53b6e 100644 --- a/phpmyfaq/assets/templates/admin/session-keepalive.twig +++ b/phpmyfaq/assets/templates/admin/session-keepalive.twig @@ -1,5 +1,5 @@ - + diff --git a/phpmyfaq/src/admin-routes.php b/phpmyfaq/src/admin-routes.php index d6369c7eff..f5e0fa2832 100644 --- a/phpmyfaq/src/admin-routes.php +++ b/phpmyfaq/src/admin-routes.php @@ -20,6 +20,7 @@ use phpMyFAQ\Controller\Administration\ConfigurationController; use phpMyFAQ\Controller\Administration\ElasticsearchController; use phpMyFAQ\Controller\Administration\InstanceController; +use phpMyFAQ\Controller\Administration\SessionKeepAliveController; use phpMyFAQ\Controller\Administration\StopWordsController; use phpMyFAQ\Controller\Administration\SystemInformationController; use phpMyFAQ\Controller\Administration\UpdateController; @@ -74,6 +75,11 @@ 'controller' => [InstanceController::class, 'index'], 'methods' => 'GET' ], + 'admin.session.keepalive' => [ + 'path' => '/session-keep-alive', + 'controller' => [SessionKeepAliveController::class, 'index'], + 'methods' => 'GET' + ], 'admin.stopwords' => [ 'path' => '/stopwords', 'controller' => [StopwordsController::class, 'index'], diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/SessionKeepAliveController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/SessionKeepAliveController.php new file mode 100644 index 0000000000..6a7fb618dd --- /dev/null +++ b/phpmyfaq/src/phpMyFAQ/Controller/Administration/SessionKeepAliveController.php @@ -0,0 +1,59 @@ + + * @copyright 2024 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2024-11-23 + */ + +declare(strict_types=1); + +namespace phpMyFAQ\Controller\Administration; + +use phpMyFAQ\Core\Exception; +use phpMyFAQ\Filter; +use phpMyFAQ\Session\Token; +use phpMyFAQ\System; +use phpMyFAQ\Translation; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Routing\Attribute\Route; +use Twig\Error\LoaderError; + +class SessionKeepAliveController extends AbstractAdministrationController +{ + /** + * @throws Exception + * @throws LoaderError + * @throws \Exception + */ + #[Route('/session-keep-alive', name: 'admin.session.keepalive', methods: ['GET'])] + public function index(Request $request): Response + { + $language = Filter::filterVar($request->query->get('lang', 'en'), FILTER_SANITIZE_SPECIAL_CHARS); + $refreshTime = (PMF_AUTH_TIMEOUT - PMF_AUTH_TIMEOUT_WARNING) * 60; + + return $this->render( + '@admin/session-keepalive.twig', + [ + 'metaLanguage' => $language, + 'phpMyFAQVersion' => System::getVersion(), + 'currentYear' => date('Y'), + 'isUserLoggedIn' => $this->currentUser->isLoggedIn(), + 'csrfToken' => Token::getInstance($this->container->get('session'))->getTokenString('admin-logout'), + 'msgConfirm' => sprintf(Translation::get('ad_session_expiring'), PMF_AUTH_TIMEOUT_WARNING), + 'sessionTimeout' => PMF_AUTH_TIMEOUT, + 'refreshTime' => $refreshTime, + ] + ); + } +}