diff --git a/Message/Socket/PacketManager.php b/Message/Socket/PacketManager.php index 37ef4ec70..403567d9b 100755 --- a/Message/Socket/PacketManager.php +++ b/Message/Socket/PacketManager.php @@ -77,7 +77,7 @@ class PacketManager $response = new SocketResponse(); $this->dispatcher->dispatch( - $this->router->route($data, RouteVerb::ANY, 'Socket', 1, $client->getAccount()), + $this->router->route($data, null, RouteVerb::ANY, 'Socket', 1, $client->getAccount()), $request, $response ); diff --git a/Router/RouterInterface.php b/Router/RouterInterface.php index 02833fbc6..d43babf66 100755 --- a/Router/RouterInterface.php +++ b/Router/RouterInterface.php @@ -14,6 +14,8 @@ declare(strict_types=1); namespace phpOMS\Router; +use phpOMS\Account\Account; + /** * Router interface. * @@ -42,4 +44,52 @@ interface RouterInterface * @since 1.0.0 */ public function clear() : void; + + /** + * Add route. + * + * @param string $route Route regex + * @param mixed $destination Destination e.g. Module:function string or callback + * @param int $verb Request verb + * @param bool $csrf Is CSRF token required + * @param array $validation Validation patterns + * @param string $dataPattern Data patterns + * + * @return void + * + * @since 1.0.0 + */ + public function add( + string $route, + mixed $destination, + int $verb = RouteVerb::GET, + bool $csrf = false, + array $validation = [], + string $dataPattern = '' + ) : void; + + /** + * Route request. + * + * @param string $uri Route + * @param string $csrf CSRF token + * @param int $verb Route verb + * @param string $app Application name + * @param int $orgId Organization id + * @param Account $account Account + * @param array $data Data + * + * @return array + * + * @since 1.0.0 + */ + public function route( + string $uri, + string $csrf = null, + int $verb = RouteVerb::GET, + string $app = null, + int $orgId = null, + Account $account = null, + array $data = null + ) : array; } diff --git a/Router/SocketRouter.php b/Router/SocketRouter.php index 31c5c4724..fa60fd6ad 100755 --- a/Router/SocketRouter.php +++ b/Router/SocketRouter.php @@ -82,22 +82,13 @@ final class SocketRouter implements RouterInterface } /** - * Add route. - * - * @param string $route Route regex - * @param mixed $destination Destination e.g. Module:function string or callback - * @param int $verb Request verb - * @param array $validation Validation patterns - * @param string $dataPattern Data patterns - * - * @return void - * - * @since 1.0.0 + * {@inheritdoc} */ public function add( string $route, mixed $destination, int $verb = RouteVerb::GET, + bool $csrf = false, array $validation = [], string $dataPattern = '' ) : void @@ -109,27 +100,18 @@ final class SocketRouter implements RouterInterface $this->routes[$route][] = [ 'dest' => $destination, 'verb' => $verb, + 'csrf' => $csrf, 'validation' => empty($validation) ? null : $validation, 'pattern' => empty($dataPattern) ? null : $dataPattern, ]; } /** - * Route request. - * - * @param string $uri Route - * @param int $verb Route verb - * @param string $app Application name - * @param int $orgId Organization id - * @param Account $account Account - * @param array $data Data - * - * @return array - * - * @since 1.0.0 + * {@inheritdoc} */ public function route( string $uri, + string $csrf = null, int $verb = RouteVerb::GET, string $app = null, int $orgId = null, @@ -148,6 +130,11 @@ final class SocketRouter implements RouterInterface || $verb === RouteVerb::ANY || ($verb & $d['verb']) === $verb ) { + // if csrf is required but not set + if (isset($d['csrf']) && $d['csrf'] && $csrf === null) { + return ['dest' => RouteStatus::INVALID_CSRF]; + } + // if permission check is invalid if (isset($d['permission']) && !empty($d['permission']) && ($account === null || $account instanceof NullAccount) diff --git a/Router/WebRouter.php b/Router/WebRouter.php index 4b2d6b128..db735d5ff 100755 --- a/Router/WebRouter.php +++ b/Router/WebRouter.php @@ -84,24 +84,14 @@ final class WebRouter implements RouterInterface } /** - * Add route. - * - * @param string $route Route regex - * @param mixed $destination Destination e.g. Module:function string or callback - * @param int $verb Request verb - * @param bool $csrf Is CSRF token required - * @param array $validation Validation patterns - * @param string $dataPattern Data patterns - * - * @return void - * - * @since 1.0.0 + * {@inheritdoc} */ public function add( string $route, mixed $destination, int $verb = RouteVerb::GET, - bool $csrf = false, array $validation = [], + bool $csrf = false, + array $validation = [], string $dataPattern = '' ) : void { @@ -119,19 +109,7 @@ final class WebRouter implements RouterInterface } /** - * Route request. - * - * @param string $uri Route - * @param string $csrf CSRF token - * @param int $verb Route verb - * @param string $app Application name - * @param int $orgId Organization id - * @param Account $account Account - * @param array $data Validation - * - * @return array - * - * @since 1.0.0 + * {@inheritdoc} */ public function route( string $uri,