Skip to content

Commit 6453789

Browse files
najdanovicivannajdanovicivan
committed
Settings - Decouple from shield
1 parent da36ca3 commit 6453789

34 files changed

+164
-126
lines changed

composer.json

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,7 @@
2525
"slack": "https://codeigniterchat.slack.com"
2626
},
2727
"require": {
28-
"php": "^8.1",
29-
"codeigniter4/settings": "^2.1"
28+
"php": "^8.1"
3029
},
3130
"require-dev": {
3231
"codeigniter/phpstan-codeigniter": "^1.3",
@@ -42,7 +41,8 @@
4241
},
4342
"suggest": {
4443
"ext-curl": "Required to use the password validation rule via PwnedValidator class.",
45-
"ext-openssl": "Required to use the JWT Authenticator."
44+
"ext-openssl": "Required to use the JWT Authenticator.",
45+
"codeigniter4/settings": "Required to store groups and permissions in database"
4646
},
4747
"minimum-stability": "dev",
4848
"prefer-stable": true,

docs/addons/jwt.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ class LoginController extends BaseController
190190
}
191191

192192
// Get the credentials for login
193-
$credentials = $this->request->getJsonVar(setting('Auth.validFields'));
193+
$credentials = $this->request->getJsonVar(shieldSetting('Auth.validFields'));
194194
$credentials = array_filter($credentials);
195195
$credentials['password'] = $this->request->getJsonVar('password');
196196

docs/customization/redirect_urls.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ public function loginRedirect(): string
99
{
1010
$url = auth()->user()->inGroup('admin')
1111
? '/admin'
12-
: setting('Auth.redirects')['login'];
12+
: shieldSetting('Auth.redirects')['login'];
1313

1414
return $this->getUrl($url);
1515
}
@@ -27,7 +27,7 @@ public function loginRedirect(): string
2727
return '/admin';
2828
}
2929

30-
$url = setting('Auth.redirects')['login'];
30+
$url = shieldSetting('Auth.redirects')['login'];
3131

3232
return $this->getUrl($url);
3333
}
@@ -40,7 +40,7 @@ You can customize where a user is redirected to after registration in the `regis
4040
```php
4141
public function registerRedirect(): string
4242
{
43-
$url = setting('Auth.redirects')['register'];
43+
$url = shieldSetting('Auth.redirects')['register'];
4444

4545
return $this->getUrl($url);
4646
}
@@ -53,7 +53,7 @@ The logout redirect can also be overridden by the `logoutRedirect()` method of t
5353
```php
5454
public function logoutRedirect(): string
5555
{
56-
$url = setting('Auth.redirects')['logout'];
56+
$url = shieldSetting('Auth.redirects')['logout'];
5757

5858
return $this->getUrl($url);
5959
}

docs/guides/mobile_apps.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ class LoginController extends BaseController
2727
public function mobileLogin()
2828
{
2929
// Validate credentials
30-
$rules = setting('Validation.login') ?? [
30+
$rules = shieldSetting('Validation.login') ?? [
3131
'email' => config('Auth')->emailValidationRules,
3232
'password' => [
3333
'label' => 'Auth.password',
@@ -46,7 +46,7 @@ class LoginController extends BaseController
4646
}
4747

4848
// Get the credentials for login
49-
$credentials = $this->request->getPost(setting('Auth.validFields'));
49+
$credentials = $this->request->getPost(shieldSetting('Auth.validFields'));
5050
$credentials = array_filter($credentials);
5151
$credentials['password'] = $this->request->getPost('password');
5252

src/Authentication/Actions/Email2FA.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ public function show(): string
5050

5151
$this->createIdentity($user);
5252

53-
return $this->view(setting('Auth.views')['action_email_2fa'], ['user' => $user]);
53+
return $this->view(shieldSetting('Auth.views')['action_email_2fa'], ['user' => $user]);
5454
}
5555

5656
/**
@@ -89,11 +89,11 @@ public function handle(IncomingRequest $request)
8989
// Send the user an email with the code
9090
helper('email');
9191
$email = emailer(['mailType' => 'html'])
92-
->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
92+
->setFrom(shieldSetting('Email.fromEmail'), shieldSetting('Email.fromName') ?? '');
9393
$email->setTo($user->email);
9494
$email->setSubject(lang('Auth.email2FASubject'));
9595
$email->setMessage($this->view(
96-
setting('Auth.views')['action_email_2fa_email'],
96+
shieldSetting('Auth.views')['action_email_2fa_email'],
9797
['code' => $identity->secret, 'user' => $user, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date],
9898
['debug' => false],
9999
));
@@ -105,7 +105,7 @@ public function handle(IncomingRequest $request)
105105
// Clear the email
106106
$email->clear();
107107

108-
return $this->view(setting('Auth.views')['action_email_2fa_verify']);
108+
return $this->view(shieldSetting('Auth.views')['action_email_2fa_verify']);
109109
}
110110

111111
/**
@@ -131,7 +131,7 @@ public function verify(IncomingRequest $request)
131131
if (! $authenticator->checkAction($identity, $postedToken)) {
132132
session()->setFlashdata('error', lang('Auth.invalid2FAToken'));
133133

134-
return $this->view(setting('Auth.views')['action_email_2fa_verify']);
134+
return $this->view(shieldSetting('Auth.views')['action_email_2fa_verify']);
135135
}
136136

137137
// Get our login redirect url

src/Authentication/Actions/EmailActivator.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -65,11 +65,11 @@ public function show(): string
6565
// Send the email
6666
helper('email');
6767
$email = emailer(['mailType' => 'html'])
68-
->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
68+
->setFrom(shieldSetting('Email.fromEmail'), shieldSetting('Email.fromName') ?? '');
6969
$email->setTo($userEmail);
7070
$email->setSubject(lang('Auth.emailActivateSubject'));
7171
$email->setMessage($this->view(
72-
setting('Auth.views')['action_email_activate_email'],
72+
shieldSetting('Auth.views')['action_email_activate_email'],
7373
['code' => $code, 'user' => $user, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date],
7474
['debug' => false],
7575
));
@@ -82,7 +82,7 @@ public function show(): string
8282
$email->clear();
8383

8484
// Display the info page
85-
return $this->view(setting('Auth.views')['action_email_activate_show'], ['user' => $user]);
85+
return $this->view(shieldSetting('Auth.views')['action_email_activate_show'], ['user' => $user]);
8686
}
8787

8888
/**
@@ -117,7 +117,7 @@ public function verify(IncomingRequest $request)
117117
if (! $authenticator->checkAction($identity, $postedToken)) {
118118
session()->setFlashdata('error', lang('Auth.invalidActivateToken'));
119119

120-
return $this->view(setting('Auth.views')['action_email_activate_show']);
120+
return $this->view(shieldSetting('Auth.views')['action_email_activate_show']);
121121
}
122122

123123
$user = $authenticator->getUser();

src/Authentication/Authenticators/Session.php

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -193,7 +193,7 @@ public function attempt(array $credentials): Result
193193
*/
194194
public function startUpAction(string $type, User $user): bool
195195
{
196-
$actionClass = setting('Auth.actions')[$type] ?? null;
196+
$actionClass = shieldSetting('Auth.actions')[$type] ?? null;
197197

198198
if ($actionClass === null) {
199199
return false;
@@ -414,7 +414,7 @@ private function checkUserState(): void
414414

415415
// No User Info in Session.
416416
// Check remember-me token.
417-
if (setting('Auth.sessionConfig')['allowRemembering']) {
417+
if (shieldSetting('Auth.sessionConfig')['allowRemembering']) {
418418
if ($this->checkRememberMe()) {
419419
$this->setAuthAction();
420420
}
@@ -470,7 +470,7 @@ private function setAuthAction(): bool
470470
return false;
471471
}
472472

473-
$authActions = setting('Auth.actions');
473+
$authActions = shieldSetting('Auth.actions');
474474

475475
foreach ($authActions as $actionClass) {
476476
if ($actionClass === null) {
@@ -513,7 +513,7 @@ private function getIdentitiesForAction(User $user): array
513513
*/
514514
private function getActionTypes(): array
515515
{
516-
$actions = setting('Auth.actions');
516+
$actions = shieldSetting('Auth.actions');
517517
$types = [];
518518

519519
foreach ($actions as $actionClass) {
@@ -608,7 +608,7 @@ private function getRememberMeToken(): ?string
608608
/** @var IncomingRequest $request */
609609
$request = service('request');
610610

611-
$cookieName = setting('Cookie.prefix') . setting('Auth.sessionConfig')['rememberCookieName'];
611+
$cookieName = shieldSetting('Cookie.prefix') . shieldSetting('Auth.sessionConfig')['rememberCookieName'];
612612

613613
return $request->getCookie($cookieName);
614614
}
@@ -679,15 +679,15 @@ public function startLogin(User $user): void
679679
*/
680680
protected function getSessionUserInfo(): array
681681
{
682-
return session(setting('Auth.sessionConfig')['field']) ?? [];
682+
return session(shieldSetting('Auth.sessionConfig')['field']) ?? [];
683683
}
684684

685685
/**
686686
* Removes User Info in Session
687687
*/
688688
protected function removeSessionUserInfo(): void
689689
{
690-
session()->remove(setting('Auth.sessionConfig')['field']);
690+
session()->remove(shieldSetting('Auth.sessionConfig')['field']);
691691
}
692692

693693
/**
@@ -711,7 +711,7 @@ protected function setSessionUserKey(string $key, $value): void
711711
{
712712
$sessionUserInfo = $this->getSessionUserInfo();
713713
$sessionUserInfo[$key] = $value;
714-
session()->set(setting('Auth.sessionConfig')['field'], $sessionUserInfo);
714+
session()->set(shieldSetting('Auth.sessionConfig')['field'], $sessionUserInfo);
715715
}
716716

717717
/**
@@ -721,7 +721,7 @@ protected function removeSessionUserKey(string $key): void
721721
{
722722
$sessionUserInfo = $this->getSessionUserInfo();
723723
unset($sessionUserInfo[$key]);
724-
session()->set(setting('Auth.sessionConfig')['field'], $sessionUserInfo);
724+
session()->set(shieldSetting('Auth.sessionConfig')['field'], $sessionUserInfo);
725725
}
726726

727727
/**
@@ -759,7 +759,7 @@ public function login(User $user): void
759759

760760
private function issueRememberMeToken(): void
761761
{
762-
if ($this->shouldRemember && setting('Auth.sessionConfig')['allowRemembering']) {
762+
if ($this->shouldRemember && shieldSetting('Auth.sessionConfig')['allowRemembering']) {
763763
$this->rememberUser($this->user);
764764

765765
// Reset so it doesn't mess up future calls.
@@ -785,10 +785,10 @@ private function removeRememberCookie(): void
785785

786786
// Remove remember-me cookie
787787
$response->deleteCookie(
788-
setting('Auth.sessionConfig')['rememberCookieName'],
789-
setting('Cookie.domain'),
790-
setting('Cookie.path'),
791-
setting('Cookie.prefix'),
788+
shieldSetting('Auth.sessionConfig')['rememberCookieName'],
789+
shieldSetting('Cookie.domain'),
790+
shieldSetting('Cookie.path'),
791+
shieldSetting('Cookie.prefix'),
792792
);
793793
}
794794

@@ -926,7 +926,7 @@ protected function rememberUser(User $user): void
926926

927927
private function calcExpires(): Time
928928
{
929-
$rememberLength = setting('Auth.sessionConfig')['rememberLength'];
929+
$rememberLength = shieldSetting('Auth.sessionConfig')['rememberLength'];
930930

931931
return Time::now()->addSeconds($rememberLength);
932932
}
@@ -942,13 +942,13 @@ private function setRememberMeCookie(string $rawToken): void
942942
// Save it to the user's browser in a cookie.
943943
// Create the cookie
944944
$response->setCookie(
945-
setting('Auth.sessionConfig')['rememberCookieName'],
945+
shieldSetting('Auth.sessionConfig')['rememberCookieName'],
946946
$rawToken, // Value
947-
setting('Auth.sessionConfig')['rememberLength'], // # Seconds until it expires
948-
setting('Cookie.domain'),
949-
setting('Cookie.path'),
950-
setting('Cookie.prefix'),
951-
setting('Cookie.secure'), // Only send over HTTPS?
947+
shieldSetting('Auth.sessionConfig')['rememberLength'], // # Seconds until it expires
948+
shieldSetting('Cookie.domain'),
949+
shieldSetting('Cookie.path'),
950+
shieldSetting('Cookie.prefix'),
951+
shieldSetting('Cookie.secure'), // Only send over HTTPS?
952952
true, // Hide from Javascript?
953953
);
954954
}

src/Authorization/Groups.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ class Groups
2727
*/
2828
public function info(string $group): ?Group
2929
{
30-
$info = setting('AuthGroups.groups')[strtolower($group)] ?? null;
30+
$info = shieldSetting('AuthGroups.groups')[strtolower($group)] ?? null;
3131

3232
if (empty($info)) {
3333
return null;
@@ -47,7 +47,7 @@ public function save(Group $group): void
4747
throw new RuntimeException(lang('Auth.missingTitle'));
4848
}
4949

50-
$groups = setting('AuthGroups.groups');
50+
$groups = shieldSetting('AuthGroups.groups');
5151

5252
$alias = $group->alias;
5353

@@ -61,6 +61,6 @@ public function save(Group $group): void
6161
];
6262

6363
// Save it
64-
setting('AuthGroups.groups', $groups);
64+
shieldSetting('AuthGroups.groups', $groups);
6565
}
6666
}

src/Authorization/Traits/Authorizable.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -267,7 +267,7 @@ public function can(string ...$permissions): bool
267267
$this->populateGroups();
268268

269269
// Get the group matrix
270-
$matrix = setting('AuthGroups.matrix');
270+
$matrix = shieldSetting('AuthGroups.matrix');
271271

272272
foreach ($permissions as $permission) {
273273
// Permission must contain a scope and action
@@ -422,6 +422,6 @@ private function saveGroupsOrPermissions(string $type, $model, array $cache): vo
422422
*/
423423
private function getConfigPermissions(): array
424424
{
425-
return array_keys(setting('AuthGroups.permissions'));
425+
return array_keys(shieldSetting('AuthGroups.permissions'));
426426
}
427427
}

0 commit comments

Comments
 (0)