mirrors/rss-bridge
1
0
Fork 0
mirror of https://github.com/RSS-Bridge/rss-bridge.git synced 2025-01-09 04:57:26 +03:00
Code Issues Projects Releases Packages Wiki Activity

fix: cache 400 and 404, and refactor token auth (#4388)

Browse source 
* fix(cache): also cache 400 and 404 responses

* refactor(token_auth)
This commit is contained in:
Dag 2025-01-03 06:19:24 +01:00 committed by GitHub
parent be51ba17df
commit 3fc38c15a3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 22 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
actions/DisplayAction.php
View file

@ -23,7 +23,7 @@ class DisplayAction implements ActionInterface
$noproxy = $request->get('_noproxy');
if (!$bridgeName) {
return new Response(render(__DIR__ . '/../templates/error.html.php', ['message' => 'Missing bridge parameter']), 400);
return new Response(render(__DIR__ . '/../templates/error.html.php', ['message' => 'Missing bridge name parameter']), 400);
}
$bridgeClassName = $this->bridgeFactory->createBridgeClassName($bridgeName);
if (!$bridgeClassName) {

2
actions/FrontpageAction.php
View file

@ -12,7 +12,7 @@ final class FrontpageAction implements ActionInterface
public function __invoke(Request $request): Response
{
$token = $request->attribute('token');
$token = $request->getAttribute('token');
$messages = [];
$activeBridges = 0;

2
lib/http.php
View file

@ -220,7 +220,7 @@ final class Request
return $clone;
}
public function attribute(string $key, $default = null)
public function getAttribute(string $key, $default = null)
{
return $this->attributes[$key] ?? $default;
}

9
middlewares/CacheMiddleware.php
View file

@ -13,7 +13,7 @@ class CacheMiddleware implements Middleware
public function __invoke(Request $request, $next): Response
{
$action = $request->attribute('action');
$action = $request->getAttribute('action');
if ($action !== 'DisplayAction') {
// We only cache DisplayAction (for now)
@ -43,9 +43,14 @@ class CacheMiddleware implements Middleware
/** @var Response $response */
$response = $next($request);
if (in_array($response->getCode(), [403, 429, 500, 503])) {
if ($response->getCode() === 200) {
// Do nothing because DisplayAction has already cached this on $cacheKey
} elseif (in_array($response->getCode(), [400, 403, 404, 429, 500, 503])) {
// Cache these responses for about ~10 mins on average
$this->cache->set($cacheKey, $response, 60 * 5 + rand(1, 60 * 10));
} else {
// Should never happen
$this->cache->set($cacheKey, $response, 60 * 5);
}
// For 1% of requests, prune cache

16
middlewares/TokenAuthenticationMiddleware.php
View file

@ -10,20 +10,24 @@ class TokenAuthenticationMiddleware implements Middleware
return $next($request);
}
// Always add token to request attribute
$request = $request->withAttribute('token', $request->get('token'));
$token = $request->get('token');
if (! $request->attribute('token')) {
if (! $token) {
return new Response(render(__DIR__ . '/../templates/token.html.php', [
'message' => 'Missing token',
'message' => 'Missing token',
'token' => '',
]), 401);
}
if (! hash_equals(Configuration::getConfig('authentication', 'token'), $request->attribute('token'))) {
if (! hash_equals(Configuration::getConfig('authentication', 'token'), $token)) {
return new Response(render(__DIR__ . '/../templates/token.html.php', [
'message' => 'Invalid token',
'message' => 'Invalid token',
'token' => $token,
]), 401);
}
$request = $request->withAttribute('token', $token);
return $next($request);
}
}

4
templates/token.html.php
View file

@ -13,8 +13,8 @@
<?= e($message) ?>
</p>
<form action="" method="get">
<form action="" method="get" autocomplete="off">
<label for="token">Token:</label>
<input type="password" name="token" id="token" placeholder="token">
<input type="text" name="token" id="token" placeholder="token" value="<?= e($token) ?>">
<input type="submit" value="OK">
</form>