use router interface more strictly

2026-01-11 17:58:41 +00:00 · 2022-12-24 23:56:56 +01:00 · 2022-12-24 23:56:56 +01:00 · a27b433ef4
commit a27b433ef4
parent 8d4736256f
4 changed files with 65 additions and 50 deletions
--- a/Message/Socket/PacketManager.php
+++ b/Message/Socket/PacketManager.php
@ -77,7 +77,7 @@ class PacketManager
        $response = new SocketResponse();

        $this->dispatcher->dispatch(
-            $this->router->route($data, RouteVerb::ANY, 'Socket', 1, $client->getAccount()),
+            $this->router->route($data, null, RouteVerb::ANY, 'Socket', 1, $client->getAccount()),
            $request,
            $response
        );
--- a/Router/RouterInterface.php
+++ b/Router/RouterInterface.php
@ -14,6 +14,8 @@ declare(strict_types=1);

 namespace phpOMS\Router;

+use phpOMS\Account\Account;
+
 /**
 * Router interface.
 *
@ -42,4 +44,52 @@ interface RouterInterface
     * @since 1.0.0
     */
    public function clear() : void;
+
+    /**
+     * Add route.
+     *
+     * @param string $route       Route regex
+     * @param mixed  $destination Destination e.g. Module:function string or callback
+     * @param int    $verb        Request verb
+     * @param bool   $csrf        Is CSRF token required
+     * @param array  $validation  Validation patterns
+     * @param string $dataPattern Data patterns
+     *
+     * @return void
+     *
+     * @since 1.0.0
+     */
+    public function add(
+        string $route,
+        mixed $destination,
+        int $verb = RouteVerb::GET,
+        bool $csrf = false,
+        array $validation = [],
+        string $dataPattern = ''
+    ) : void;
+
+    /**
+     * Route request.
+     *
+     * @param string  $uri     Route
+     * @param string  $csrf    CSRF token
+     * @param int     $verb    Route verb
+     * @param string  $app     Application name
+     * @param int     $orgId   Organization id
+     * @param Account $account Account
+     * @param array   $data    Data
+     *
+     * @return array
+     *
+     * @since 1.0.0
+     */
+    public function route(
+        string $uri,
+        string $csrf = null,
+        int $verb = RouteVerb::GET,
+        string $app = null,
+        int $orgId = null,
+        Account $account = null,
+        array $data = null
+    ) : array;
 }
--- a/Router/SocketRouter.php
+++ b/Router/SocketRouter.php
@ -82,22 +82,13 @@ final class SocketRouter implements RouterInterface
    }

    /**
-     * Add route.
-     *
-     * @param string $route       Route regex
-     * @param mixed  $destination Destination e.g. Module:function string or callback
-     * @param int    $verb        Request verb
-     * @param array  $validation  Validation patterns
-     * @param string $dataPattern Data patterns
-     *
-     * @return void
-     *
-     * @since 1.0.0
+     * {@inheritdoc}
     */
    public function add(
        string $route,
        mixed $destination,
        int $verb = RouteVerb::GET,
+        bool $csrf = false,
        array $validation = [],
        string $dataPattern = ''
    ) : void
@ -109,27 +100,18 @@ final class SocketRouter implements RouterInterface
        $this->routes[$route][] = [
            'dest'       => $destination,
            'verb'       => $verb,
+            'csrf'       => $csrf,
            'validation' => empty($validation) ? null : $validation,
            'pattern'    => empty($dataPattern) ? null : $dataPattern,
        ];
    }

    /**
-     * Route request.
-     *
-     * @param string  $uri     Route
-     * @param int     $verb    Route verb
-     * @param string  $app     Application name
-     * @param int     $orgId   Organization id
-     * @param Account $account Account
-     * @param array   $data    Data
-     *
-     * @return array
-     *
-     * @since 1.0.0
+     * {@inheritdoc}
     */
    public function route(
        string $uri,
+        string $csrf = null,
        int $verb = RouteVerb::GET,
        string $app = null,
        int $orgId = null,
@ -148,6 +130,11 @@ final class SocketRouter implements RouterInterface
                    || $verb === RouteVerb::ANY
                    || ($verb & $d['verb']) === $verb
                ) {
+                    // if csrf is required but not set
+                    if (isset($d['csrf']) && $d['csrf'] && $csrf === null) {
+                        return ['dest' => RouteStatus::INVALID_CSRF];
+                    }
+
                    // if permission check is invalid
                    if (isset($d['permission']) && !empty($d['permission'])
                        && ($account === null || $account instanceof NullAccount)
--- a/Router/WebRouter.php
+++ b/Router/WebRouter.php
@ -84,24 +84,14 @@ final class WebRouter implements RouterInterface
    }

    /**
-     * Add route.
-     *
-     * @param string $route       Route regex
-     * @param mixed  $destination Destination e.g. Module:function string or callback
-     * @param int    $verb        Request verb
-     * @param bool   $csrf        Is CSRF token required
-     * @param array  $validation  Validation patterns
-     * @param string $dataPattern Data patterns
-     *
-     * @return void
-     *
-     * @since 1.0.0
+     * {@inheritdoc}
     */
    public function add(
        string $route,
        mixed $destination,
        int $verb = RouteVerb::GET,
-        bool $csrf = false, array $validation = [],
+        bool $csrf = false,
+        array $validation = [],
        string $dataPattern = ''
    ) : void
    {
@ -119,19 +109,7 @@ final class WebRouter implements RouterInterface
    }

    /**
-     * Route request.
-     *
-     * @param string  $uri     Route
-     * @param string  $csrf    CSRF token
-     * @param int     $verb    Route verb
-     * @param string  $app     Application name
-     * @param int     $orgId   Organization id
-     * @param Account $account Account
-     * @param array   $data    Validation
-     *
-     * @return array
-     *
-     * @since 1.0.0
+     * {@inheritdoc}
     */
    public function route(
        string $uri,