authentication is ready

itminedu · Feb 9, 2016 · f9f928f · f9f928f
1 parent 1c28c58
commit f9f928f
Show file tree

Hide file tree

Showing 25 changed files with 637 additions and 210 deletions.
diff --git a/composer.json b/composer.json
@@ -30,6 +30,7 @@
         "slim/slim": "^3.0",
         "slim/twig-view": "^2.0",
         "zendframework/zend-authentication": "^2.0",
+        "zendframework/zend-crypt": "^2.0",
         "zendframework/zend-eventmanager": "^3.0",
         "zendframework/zend-ldap": "^2.0",
         "zendframework/zend-permissions-acl": "^2.0"

diff --git a/composer.lock b/composer.lock
diff --git a/config/app.config.php b/config/app.config.php
@@ -12,9 +12,9 @@
     'modules' => [
         'module/authentication/bootstrap.php',
         'module/authorization/bootstrap.php',
-        'module/sch_ldap/bootstrap.php',
+        // 'module/sch_ldap/bootstrap.php',
         'module/sch_sso/bootstrap.php',
-        'module/sch_auto_create/bootstrap.php',
+        // 'module/sch_auto_create/bootstrap.php',
         'module/application/bootstrap.php',
     ],
     'cache_config' => 'data/cache/config/settings.php',

diff --git a/config/local.php b/config/local.php
diff --git a/...on/src/Authentication/RedbeanListener.php → ...ig/settings/authentication.local.php.dist b/...on/src/Authentication/RedbeanListener.php → ...ig/settings/authentication.local.php.dist
@@ -1,23 +1,17 @@
 <?php
 /**
- * gredu_labs.
- *
+ * gredu_labs
+ * 
  * @link https://github.com/eellak/gredu_labs for the canonical source repository
- *
  * @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
  * @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
  */
 
-namespace GrEduLabs\Application\Authentication;
-
-class RedbeanListener
-{
-    public function __invoke(callable $stop, $identity, $credential)
-    {
-        if (!$identity || !$credential) {
-            return false;
-        }
-
-        $stop();
-    }
-}
+return [
+    'authentication' => [
+        'bcrypt' => [
+            'salt' => '',
+            'cost' => 14,
+        ],
+    ],
+];
diff --git a/config/settings/ldap.local.php.dist b/config/settings/ldap.local.php.dist
@@ -27,7 +27,4 @@ return [
         'tryUsernameSplit'       => true,
         'networkTimeout'         => null,
     ],
-    'sso' => [
-        'allowed' => '&(physicaldeliveryofficename=ΕΠΙΣΗΜΟΣ ΛΟΓΑΡΙΑΣΜΟΣ)(umdobject=account)',
-    ],
 ];
diff --git a/config/settings/nav.global.php b/config/settings/nav.global.php
@@ -48,18 +48,5 @@
             // ],
 
         ],
-        'main-right' => [
-            'login' => [
-                'label' => 'Σύνδεση',
-                'route' => 'user.login',
-                'icon'  => 'unlock',
-            ],
-            'logout' => [
-                'label' => 'Αποσύνδεση',
-                'route' => 'user.logout',
-                'id'    => 'nav-logout',
-                'icon'  => 'lock',
-            ],
-        ],
     ],
 ];
diff --git a/config/settings/sso.local.php.dist b/config/settings/sso.local.php.dist
@@ -8,18 +8,35 @@
  */
 
 return [
-    'phpcas' => [
-        'serverVersion'         => 'S1',
-        'proxy'                 => false,
-        'serverHostname'        => '',
-        'serverPort'            => 443,
-        'serverUri'             => '/cas',
-        'changeSessionId'       => false,
-        'handleLogoutRequests'  => true,
-        'allowedClients'        => [],
-        'lang'                  => 'CAS_Languages_Greek',
-        'casServerCaCert'       => '',
-        'casServerCnValidate'   => '',
-        'noCasServerValidation' => true,
+
+    'sso' => [
+        'phpcas' => [
+            'serverVersion'         => 'S1',
+            'proxy'                 => false,
+            'serverHostname'        => '',
+            'serverPort'            => 443,
+            'serverUri'             => '/cas',
+            'changeSessionId'       => false,
+            'handleLogoutRequests'  => true,
+            'allowedClients'        => [],
+            'lang'                  => 'CAS_Languages_Greek',
+            'casServerCaCert'       => '',
+            'casServerCnValidate'   => '',
+            'noCasServerValidation' => true,
+        ],
+
+        'allowed' => [
+            [
+                'physicaldeliveryofficename' => '/^ΕΠΙΣΗΜΟΣ ΛΟΓΑΡΙΑΣΜΟΣ$/i',
+                'umdobject' => '/^account$/i',
+            ],
+        ],
+    ],
+    'acl' => [
+        'guards' => [
+            'routes' => [
+                ['/user/logout/sso', ['guest'], ['get']],
+            ],
+        ],
     ],
 ];
diff --git a/config/settings/twig.global.php b/config/settings/twig.global.php
@@ -10,7 +10,9 @@
 
 return [
     'view' => [
-        'template_path' => 'module/application/templates',
+        'template_path' => [
+            'module/application/templates',
+        ],
         'twig'          => [
             'cache'       => 'data/cache/templates',
             'debug'       => false,

diff --git a/module/application/bootstrap.php b/module/application/bootstrap.php
@@ -58,36 +58,10 @@
         return $logger;
     };
 
-    $container['authenticate_redbean_listener'] = function ($c) {
-        return new GrEduLabs\Application\Authentication\RedbeanListener();
-    };
-
     $container['csrf'] = function ($c) {
         return new \Slim\Csrf\Guard();
     };
 
-    $events = $container['events'];
-    $events('on', 'bootstrap', function () use ($container) {
-        session_name('GrEduLabs');
-        session_start();
-
-        // setup RedbeanPHP
-
-        RedBeanPHP\R::setup(
-            $container['settings']['db']['dsn'],
-            $container['settings']['db']['user'],
-            $container['settings']['db']['pass']
-        );
-
-        define('REDBEAN_MODEL_PREFIX', 'GrEduLabs\\Application\\Model\\');
-
-    }, 10000000);
-
-    $events('on', 'bootstrap', function () use ($container) {
-        $container['router']->getNamedRoute('user.login')->add('csrf');
-    });
-
-    $events('on', 'authenticate', $container['authenticate_redbean_listener']);
 
     $container['GrEduLabs\\Application\\Action\\Index'] = function ($c) {
         return new GrEduLabs\Application\Action\Index($c['view']);
@@ -109,6 +83,32 @@
         return new GrEduLabs\Application\Action\School\Assets($c->get('view'));
     };
 
+    $events = $container['events'];
+    $events('on', 'bootstrap', function () use ($container) {
+        session_name('GrEduLabs');
+        session_start();
+
+        // setup RedbeanPHP
+
+        RedBeanPHP\R::setup(
+            $container['settings']['db']['dsn'],
+            $container['settings']['db']['user'],
+            $container['settings']['db']['pass']
+        );
+
+        define('REDBEAN_MODEL_PREFIX', 'GrEduLabs\\Application\\Model\\');
+
+    }, 10000000);
+
+    $events('on', 'bootstrap', function () use ($container) {
+        try {
+            $container['router']->getNamedRoute('user.login')->add('csrf');
+        } catch (\RuntimeException $e) {
+            // eat it
+        }
+    });
+
+
     $app->get('/', 'GrEduLabs\\Application\\Action\\Index')->setName('index');
     $app->group('/school', function () {
         $this->get('', 'GrEduLabs\\Application\\Action\\School\\Index')->setName('school');

diff --git a/module/application/src/Twig/Extension/Navigation.php b/module/application/src/Twig/Extension/Navigation.php
@@ -96,9 +96,13 @@ public function setCurrentRole($role)
     /**
      *
      */
-    public function nav($root = null)
+    public function nav($root)
     {
-        $navigation = (null !== $root) ? $this->navigation[$root] : $this->navigation;
+        if (!isset($this->navigation[$root]) || !is_array($this->navigation[$root])) {
+            return [];
+        }
+
+        $navigation = $this->navigation[$root];
 
         $aclFilter = function ($page) {
             if (!$this->acl) {

diff --git a/module/application/templates/flash.twig b/module/application/templates/flash.twig
@@ -1,7 +1,10 @@
 {% for class, messages in flash() %}
-<ul class="list-unstyled alert alert-{{ class }}" role="alert">
+<ul class="list-unstyled alert alert-{{ class }} alert-dismissible" role="alert">
+    <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+        <span aria-hidden="true"><i class="fa fa-close"></i></span>
+    </button>
     {% for message in messages %}
-    <li>{{ message }}</li>
+    <li>{{ message|raw }}</li>
     {% endfor %}
 </ul>
 {% endfor %}
diff --git a/module/application/templates/index.twig b/module/application/templates/index.twig
@@ -3,8 +3,5 @@
     <div class="jumbotron">
         <h1>Σχολικά εργαστήρια</h1>
         <p class="lead">Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam vel volutpat diam, vitae consectetur libero. Sed et sem et nisi aliquet condimentum. Morbi id magna iaculis, dictum lectus vitae, suscipit nisl. Proin molestie dolor vitae pulvinar tristique. Integer egestas varius lorem id scelerisque. Praesent velit metus, egestas facilisis iaculis id, auctor nec mi. Suspendisse ultrices laoreet justo eget viverra.</p>
-    {% if not identity() %}
-        <p><a class="btn btn-lg btn-success" href="{{ path_for('user.login') }}" role="button">Σύνδεση</a></p>
-    {% endif %}
     </div>
 {% endblock %}