jon
/
Quill
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Mirror of Quill
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
324 Commits
2 Branches
0 Tags
2.9 MiB
Tree: eef5dddb7d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'eef5dddb7d'
${ noResults }
Quill/controllers/auth.php

360 lines
12 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
do the micropub post and redirect after it's created!
10 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
update indieauth client
3 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
integrates photo uploading in the main note interface Quill corrects the photo rotation based on exif data since iOS tends to take landscape photos and set the rotation bit when holding it in portrait mode.
9 years ago
only skip debugging screens if the endpoints are the same as before
9 years ago
update indieauth client
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
integrates photo uploading in the main note interface Quill corrects the photo rotation based on exif data since iOS tends to take landscape photos and set the rotation bit when holding it in portrait mode.
9 years ago
only skip debugging screens if the endpoints are the same as before
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
redo how auto-login works
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
redo how auto-login works
8 years ago
Support full automatic no-questions-asked login - ?me=.. on homepage redirects to auth - ?dontask=1 skips confirmation questions - "reply" and other parameters are transferred across login
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
provide option for choosing the scope to request update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
use IndieAuth Client instead of doing it manually still shows debug messages when missing endpoints to help people get started
6 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
update indieauth client
3 years ago
don't rely on the "me" in the callback URL closes #79
7 years ago
update indieauth client
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
update indieauth client
3 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
11 years ago
support media endpoint, autosave notes in local storage * looks for a media endpoint in the micropub config * if media endpoint is available, both the note interface and the editor will upload files to it instead of posting the photo directly * the note interface autosaves in-progress notes in localstorage
9 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
11 years ago
pass q=config in initial micropub config query fixes #54
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
redo how auto-login works
8 years ago
do the micropub post and redirect after it's created!
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
improvements to login UI, upgrades libraries makes the login experience a bit friendlier to non-developer users
6 years ago
do the micropub post and redirect after it's created!
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
redo how auto-login works
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
move some auth routes to auth.php
8 years ago
add reset login option
8 years ago
add support for token revocation
7 years ago
add reset login option
8 years ago
reset micropub config data
6 years ago
add reset login option
8 years ago
add support for token revocation
7 years ago
add reset login option
8 years ago
move some auth routes to auth.php
8 years ago
disable twitter stuff if no twitter client is set
5 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
disable twitter stuff if no twitter client is set
5 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
move some auth routes to auth.php
8 years ago
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  4. IndieAuth\Client::$clientID = Config::$base_url;
  5. IndieAuth\Client::$redirectURL = Config::$base_url.'auth/callback';
  7. $app->get('/auth/start', function() use($app) {
  8. $req = $app->request();
  10. $params = $req->params();
  12. $defaultScope = 'create update media';
  14. list($authorizationURL, $error) = IndieAuth\Client::begin($params['me'], $defaultScope);
  16. $me = IndieAuth\Client::normalizeMeURL($params['me']);
  18. // Double check for a micropub endpoint here for debugging purposes
  19. if(!$error) {
  20. $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  21. if(!$micropubEndpoint) {
  22. $error['error'] = 'missing_micropub_endpoint';
  23. }
  24. }
  26. if($error && in_array($error['error'], ['missing_authorization_endpoint','missing_token_endpoint','missing_micropub_endpoint'])) {
  27. // Display debug info for these particular errors
  29. $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  30. $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'] = IndieAuth\Client::discoverTokenEndpoint($me);
  31. $authorizationEndpoint = $_SESSION['indieauth']['authorization_endpoint'] = IndieAuth\Client::discoverAuthorizationEndpoint($me);
  33. $html = render('auth_start', array(
  34. 'title' => 'Sign In',
  35. 'me' => $me,
  36. 'authorizing' => $me,
  37. 'meParts' => parse_url($me),
  38. 'tokenEndpoint' => $tokenEndpoint,
  39. 'micropubEndpoint' => $micropubEndpoint,
  40. 'authorizationEndpoint' => $authorizationEndpoint,
  41. 'authorizationURL' => false
  42. ));
  43. $app->response()->body($html);
  44. return;
  45. }
  47. // Handle other errors like connection errors by showing a generic error page
  48. if($error) {
  49. $html = render('auth_error', array(
  50. 'title' => 'Sign In',
  51. 'error' => $error['error'],
  52. 'errorDescription' => $error['error_description'],
  53. ));
  54. $app->response()->body($html);
  55. return;
  56. }
  58. $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'] = IndieAuth\Client::discoverMicropubEndpoint($me);
  59. $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'] = IndieAuth\Client::discoverTokenEndpoint($me);
  60. $authorizationEndpoint = $_SESSION['indieauth']['authorization_endpoint'] = IndieAuth\Client::discoverAuthorizationEndpoint($me);
  62. if(k($params, 'redirect')) {
  63. $_SESSION['redirect_after_login'] = $params['redirect'];
  64. }
  65. if(k($params, 'reply')) {
  66. $_SESSION['reply'] = $params['reply'];
  67. }
  69. // If the user has already signed in before and has a micropub access token,
  70. // and the endpoints are all the same, skip the debugging screens and redirect
  71. // immediately to the auth endpoint.
  72. // This will still get a new access token when they finish logging in.
  73. $user = ORM::for_table('users')->where('url', $me)->find_one();
  74. if($user && $user->micropub_access_token
  75. && $user->micropub_endpoint == $micropubEndpoint
  76. && $user->token_endpoint == $tokenEndpoint
  77. && $user->authorization_endpoint == $authorizationEndpoint
  78. && !array_key_exists('restart', $params)) {
  80. // Request whatever scope was previously granted
  81. $authorizationURL = parse_url($authorizationURL);
  82. $authorizationURL['scope'] = $user->micropub_scope;
  83. $authorizationURL = http_build_url($authorizationURL);
  85. $app->redirect($authorizationURL, 302);
  87. } else {
  89. if(k($params, 'dontask') && $params['dontask']) {
  90. // Request whatever scope was previously granted
  91. $authorizationURL = parse_url($authorizationURL);
  92. $authorizationURL['scope'] = $user->micropub_scope ?: $defaultScope;
  93. $authorizationURL = http_build_url($authorizationURL);
  95. $_SESSION['dontask'] = 1;
  96. $app->redirect($authorizationURL, 302);
  97. }
  99. $html = render('auth_start', array(
  100. 'title' => 'Sign In',
  101. 'me' => $me,
  102. 'authorizing' => $me,
  103. 'meParts' => parse_url($me),
  104. 'tokenEndpoint' => $tokenEndpoint,
  105. 'micropubEndpoint' => $micropubEndpoint,
  106. 'authorizationEndpoint' => $authorizationEndpoint,
  107. 'authorizationURL' => $authorizationURL
  108. ));
  109. $app->response()->body($html);
  110. }
  111. });
  113. $app->get('/auth/redirect', function() use($app) {
  114. $req = $app->request();
  115. $params = $req->params();
  117. // Override scope from the form the user selects
  119. if(!isset($params['scope']))
  120. $params['scope'] = '';
  122. $authorizationURL = parse_url($params['authorization_url']);
  123. parse_str($authorizationURL['query'], $query);
  124. $query['scope'] = $params['scope'];
  125. $authorizationURL['query'] = http_build_query($query);
  126. $authorizationURL = http_build_url($authorizationURL);
  128. $app->redirect($authorizationURL);
  129. return;
  130. });
  132. $app->get('/auth/callback', function() use($app) {
  133. $req = $app->request();
  134. $params = $req->params();
  136. list($token, $error) = IndieAuth\Client::complete($params, true);
  138. if($error) {
  139. $html = render('auth_error', [
  140. 'title' => 'Auth Callback',
  141. 'error' => $error['error'],
  142. 'errorDescription' => $error['error_description'],
  143. ]);
  144. $app->response()->body($html);
  145. return;
  146. }
  148. $me = $token['me'];
  150. // Use the discovered endpoints saved in the session
  151. $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'];
  152. $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'];
  154. $redirectToDashboardImmediately = false;
  156. // If a valid access token was returned, store the token info in the session and they are signed in
  157. if(k($token['response'], array('me','access_token','scope'))) {
  159. $_SESSION['auth'] = $token['response'];
  160. $_SESSION['me'] = $me = $token['me'];
  162. $user = ORM::for_table('users')->where('url', $me)->find_one();
  163. if($user) {
  164. // Already logged in, update the last login date
  165. $user->last_login = date('Y-m-d H:i:s');
  166. // If they have logged in before and we already have an access token, then redirect to the dashboard now
  167. if($user->micropub_access_token)
  168. $redirectToDashboardImmediately = true;
  169. } else {
  170. // New user! Store the user in the database
  171. $user = ORM::for_table('users')->create();
  172. $user->url = $me;
  173. $user->date_created = date('Y-m-d H:i:s');
  174. }
  175. $user->authorization_endpoint = $_SESSION['indieauth']['authorization_endpoint'];
  176. $user->token_endpoint = $tokenEndpoint;
  177. $user->micropub_endpoint = $micropubEndpoint;
  178. $user->micropub_access_token = $token['response']['access_token'];
  179. $user->micropub_scope = $token['response']['scope'];
  180. $user->micropub_response = json_encode($token['response']);
  181. $user->save();
  182. $_SESSION['user_id'] = $user->id();
  184. // Make a request to the micropub endpoint to discover the syndication targets and media endpoint if any.
  185. // Errors are silently ignored here. The user will be able to retry from the new post interface and get feedback.
  186. get_micropub_config($user, ['q'=>'config']);
  187. }
  189. unset($_SESSION['indieauth']);
  191. if($redirectToDashboardImmediately || k($_SESSION, 'dontask')) {
  192. unset($_SESSION['dontask']);
  193. if(k($_SESSION, 'redirect_after_login')) {
  194. $dest = $_SESSION['redirect_after_login'];
  195. unset($_SESSION['redirect_after_login']);
  196. $app->redirect($dest, 302);
  197. } else {
  198. $query = [];
  199. if(k($_SESSION, 'reply')) {
  200. $query['reply'] = $_SESSION['reply'];
  201. unset($_SESSION['reply']);
  202. }
  203. $app->redirect('/new?' . http_build_query($query), 302);
  204. }
  205. } else {
  206. $tokenResponse = $token['response'];
  207. $parsed = @json_decode($tokenResponse);
  208. if($parsed)
  209. $tokenResponse = json_encode($parsed, JSON_PRETTY_PRINT+JSON_UNESCAPED_SLASHES);
  211. $html = render('auth_callback', array(
  212. 'title' => 'Sign In',
  213. 'me' => $me,
  214. 'authorizing' => $me,
  215. 'meParts' => parse_url($me),
  216. 'tokenEndpoint' => $tokenEndpoint,
  217. 'auth' => $token['auth'],
  218. 'response' => $tokenResponse,
  219. 'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false),
  220. 'destination' => (k($_SESSION, 'redirect_after_login') ?: '/new')
  221. ));
  222. $app->response()->body($html);
  223. }
  224. });
  226. $app->get('/signout', function() use($app) {
  227. unset($_SESSION['auth']);
  228. unset($_SESSION['me']);
  229. unset($_SESSION['auth_state']);
  230. unset($_SESSION['user_id']);
  231. $app->redirect('/', 302);
  232. });
  234. $app->post('/auth/reset', function() use($app) {
  235. if($user=require_login($app, false)) {
  236. revoke_micropub_token($user->micropub_access_token, $user->token_endpoint);
  238. $user->authorization_endpoint = '';
  239. $user->token_endpoint = '';
  240. $user->micropub_endpoint = '';
  241. $user->authorization_endpoint = '';
  242. $user->micropub_media_endpoint = '';
  243. $user->micropub_scope = '';
  244. $user->micropub_access_token = '';
  245. $user->syndication_targets = '';
  246. $user->supported_post_types = '';
  247. $user->save();
  249. unset($_SESSION['auth']);
  250. unset($_SESSION['me']);
  251. unset($_SESSION['auth_state']);
  252. unset($_SESSION['user_id']);
  253. }
  254. $app->redirect('/', 302);
  255. });
  257. $app->post('/auth/twitter', function() use($app) {
  258. if(!Config::$twitterClientID) {
  259. $app->response()['Content-type'] = 'application/json';
  260. $app->response()->body(json_encode(array(
  261. 'result' => 'error'
  262. )));
  263. return;
  264. }
  266. if($user=require_login($app, false)) {
  267. $params = $app->request()->params();
  268. // User just auth'd with twitter, store the access token
  269. $user->twitter_access_token = $params['twitter_token'];
  270. $user->twitter_token_secret = $params['twitter_secret'];
  271. $user->save();
  273. $app->response()['Content-type'] = 'application/json';
  274. $app->response()->body(json_encode(array(
  275. 'result' => 'ok'
  276. )));
  277. } else {
  278. $app->response()['Content-type'] = 'application/json';
  279. $app->response()->body(json_encode(array(
  280. 'result' => 'error'
  281. )));
  282. }
  283. });
  285. function getTwitterLoginURL(&$twitter) {
  286. $request_token = $twitter->oauth('oauth/request_token', [
  287. 'oauth_callback' => Config::$base_url . 'auth/twitter/callback'
  288. ]);
  289. $_SESSION['twitter_auth'] = $request_token;
  290. return $twitter->url('oauth/authorize', ['oauth_token' => $request_token['oauth_token']]);
  291. }
  293. $app->get('/auth/twitter', function() use($app) {
  294. if(!Config::$twitterClientID) {
  295. $app->response()['Content-type'] = 'application/json';
  296. $app->response()->body(json_encode(array(
  297. 'result' => 'error'
  298. )));
  299. return;
  300. }
  302. $params = $app->request()->params();
  303. if($user=require_login($app, false)) {
  305. // If there is an existing Twitter token, check if it is valid
  306. // Otherwise, generate a Twitter login link
  307. $twitter_login_url = false;
  309. if(array_key_exists('login', $params)) {
  310. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret);
  311. $twitter_login_url = getTwitterLoginURL($twitter);
  312. } else {
  313. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  314. $user->twitter_access_token, $user->twitter_token_secret);
  316. if($user->twitter_access_token) {
  317. if($twitter->get('account/verify_credentials')) {
  318. $app->response()['Content-type'] = 'application/json';
  319. $app->response()->body(json_encode(array(
  320. 'result' => 'ok'
  321. )));
  322. return;
  323. } else {
  324. // If the existing twitter token is not valid, generate a login link
  325. $twitter_login_url = getTwitterLoginURL($twitter);
  326. }
  327. } else {
  328. $twitter_login_url = getTwitterLoginURL($twitter);
  329. }
  330. }
  332. $app->response()['Content-type'] = 'application/json';
  333. $app->response()->body(json_encode(array(
  334. 'url' => $twitter_login_url
  335. )));
  337. } else {
  338. $app->response()['Content-type'] = 'application/json';
  339. $app->response()->body(json_encode(array(
  340. 'result' => 'error'
  341. )));
  342. }
  343. });
  345. $app->get('/auth/twitter/callback', function() use($app) {
  346. if($user=require_login($app)) {
  347. $params = $app->request()->params();
  349. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  350. $_SESSION['twitter_auth']['oauth_token'], $_SESSION['twitter_auth']['oauth_token_secret']);
  351. $credentials = $twitter->oauth('oauth/access_token', ['oauth_verifier' => $params['oauth_verifier']]);
  353. $user->twitter_access_token = $credentials['oauth_token'];
  354. $user->twitter_token_secret = $credentials['oauth_token_secret'];
  355. $user->twitter_username = $credentials['screen_name'];
  356. $user->save();
  358. $app->redirect('/settings');
  359. }
  360. });