jjimenez/safekat
1
0
Fork 0
mirror of https://git.imnavajas.es/jjimenez/safekat.git synced 2025-07-25 22:52:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit realizando cambios en los roles de los usuarios

Browse Source
This commit is contained in:
Jaime Jimenez
2023-04-24 13:00:46 +02:00
parent 2d67588770
commit 8c4d77a598
6587 changed files with 365497 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
ci4/app/Filters/.gitkeep Normal file
View File

28
ci4/app/Filters/JWTAuthFilter.php Normal file
View File

@ -0,0 +1,28 @@
<?php
namespace App\Filters;
use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
use Exception;
class JWTAuthFilter implements FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
try {
helper('jwt');
jwtValidateRequest(jwtRequest($request->getServer('HTTP_AUTHORIZATION')));
return $request;
} catch (Exception $e) {
return Services::response()->setJSON(['error' => $e->getMessage()])->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
}
}

142
ci4/app/Filters/LoginAuthFilter.php Normal file
View File

@ -0,0 +1,142 @@
<?php
namespace App\Filters;
use App\Models\SettingsModel;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Exception;
class LoginAuthFilter implements FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
try {
if(!$this->validateIgnoreControllerAccess()){
$session = session();
$token = $session->get('token')??'';
$tfa = $session->get('tfa')??false;
$this->getSettings();
if (empty($token) || $tfa == true) {
return redirect()->to('/login');
}else{
$this->validateControllerAccess();
}
}
} catch (Exception $e) {
}
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
}
/**
* Access to controllers is valid.
*/
public function validateControllerAccess(){
$request = \Config\Services::request();
$uri = $request->uri;
$language = \Config\Services::language();
$language->setLocale(session()->lang);
$getWhiteList = $this->whiteListController();
foreach ($getWhiteList as $item){
if(strtolower($item) == $uri->getSegment(1)){
return true;
}
}
$getRules = json_decode(session()->get('rules')??'[]');
foreach ($this->whiteListMethod() as $item){
if(strtolower($item) == $uri->getSegment(2)){
return true;
}
}
foreach ($getRules as $key=>$value){
if(strtolower($key) == $uri->getSegment(1)){
if($uri->getTotalSegments() <= 1){
return true;
}
foreach ($value as $item){
if(strtolower($item) == $uri->getSegment(2)){
return true;
}
}
}
}
session()->setFlashdata('sweet', ['error',lang("App.dashboard_alert_rules")]);
header('Location: /home');
exit();
}
/**
* Returns the white list of allowed controllers.
*/
public function whiteListController(){
return [
'',
'BaseController',
'Home',
'Login',
'Oauth',
'Language',
'Api',
'Cron',
'lang',
'Ajax',
'Integration',
'Migrate',
'Test'
];
}
/**
* Returns the whitelist of public controllers.
*/
public function ignoreListController(){
return [
];
}
public function validateIgnoreControllerAccess(){
$request = \Config\Services::request();
$uri = $request->uri;
$getList = $this->ignoreListController();
foreach ($getList as $item){
if(strtolower($item) == $uri->getSegment(1)){
return true;
}
}
return false;
}
public function whiteListMethod(){
return [
'initController',
'__construct',
'validateControllerAccess',
'whiteListController',
'whiteListMethod'
];
}
public function getSettings(){
// Get Settings
$session = session();
$settingsBase = new SettingsModel();
$settings = $settingsBase->first()??[];
$session->set('settings', $settings);
if(empty($session->get('lang'))) {
$session->set('lang', $settings['default_language'] ?? 'en');
}
}
}

43
ci4/app/Filters/ThrottlerFilter.php Normal file
View File

@ -0,0 +1,43 @@
<?php
namespace App\Filters;
use App\Models\SettingsModel;
use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
use Exception;
class ThrottlerFilter implements FilterInterface
{
use ResponseTrait;
public function before(RequestInterface $request, $arguments = null)
{
try {
$throttler = Services::throttler();
$ip = $request->getIPAddress();
$settingsBase = new SettingsModel();
$settings = $settingsBase->first()??[];
if(!$settings['enable_api']){
return Services::response()->setJSON(['error' => 'ApiRest is currently disabled.'])->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
if($settings['block_external_api']){
if($ip != $settings['ip_allowed_api']??''){
return Services::response()->setJSON(['error' => 'Endpoint access from external domains is not allowed.'])->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
if ($throttler->check($ip, 60, MINUTE) === false)
{
return Services::response()->setStatusCode(429);
}
}
} catch (Exception $e) {
return Services::response()->setJSON(['error' => $e->getMessage()])->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
}
}