~fkooman/vpn-user-portal

b9664276a81daf324eb087587a47756a03e5551a — François Kooman 7 months ago 5133435 mysql-sessions
support MySQL for session storage
6 files changed, 30 insertions(+), 74 deletions(-)

M composer.json
M composer.lock
M config/config.php.example
R schema/{2021041501.schema => 2021042201.schema}
M src/Storage.php
M web/index.php
M composer.json => composer.json +3 -3
@@ 49,13 49,13 @@
        "ext-spl": "*",
        "fkooman/jwt": "2.x-dev",
        "fkooman/oauth2-server": "7.x-dev",
        "fkooman/secookie": "6.x-dev",
        "fkooman/secookie": "mysql-dev",
        "php": ">=7.4"
    },
    "require-dev": {
        "ext-json": "*",
        "phpunit/phpunit": "^9",
        "fkooman/saml-sp": "2.x-dev"
        "phpunit/phpunit": "^9"

    },
    "suggest": {
        "ext-ldap": "Support LDAP user authentication",

M composer.lock => composer.lock +5 -59
@@ 4,7 4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
    "content-hash": "4a524356ef1ddf7010fd041699f82c84",
    "content-hash": "782f2952492406a494451f961c18afe1",
    "packages": [
        {
            "name": "fkooman/jwt",


@@ 104,11 104,11 @@
        },
        {
            "name": "fkooman/secookie",
            "version": "v6.x-dev",
            "version": "dev-mysql",
            "source": {
                "type": "git",
                "url": "https://git.sr.ht/~fkooman/php-secookie",
                "reference": "4971473d274c80f84cf4a6c6eb36a7479aff3918"
                "reference": "3e8051fe689553b16b123c0e1e8974feff366d84"
            },
            "require": {
                "ext-date": "*",


@@ 144,7 144,7 @@
                "email": "fkooman@tuxed.net",
                "source": "https://git.sr.ht/~fkooman/php-secookie"
            },
            "time": "2021-03-25T11:53:58+00:00"
            "time": "2021-04-22T16:30:08+00:00"
        }
    ],
    "packages-dev": [


@@ 218,59 218,6 @@
            "time": "2020-11-10T18:47:58+00:00"
        },
        {
            "name": "fkooman/saml-sp",
            "version": "v2.x-dev",
            "source": {
                "type": "git",
                "url": "https://git.sr.ht/~fkooman/php-saml-sp",
                "reference": "7a4f45383e20adc5dbea511e93d1eb6491eeea63"
            },
            "require": {
                "ext-curl": "*",
                "ext-date": "*",
                "ext-dom": "*",
                "ext-filter": "*",
                "ext-hash": "*",
                "ext-libxml": "*",
                "ext-openssl": "*",
                "ext-pcre": "*",
                "ext-sodium": "*",
                "ext-spl": "*",
                "ext-zlib": "*",
                "fkooman/secookie": "6.x-dev",
                "php": ">=7.4"
            },
            "require-dev": {
                "phpunit/phpunit": "^9"
            },
            "type": "project",
            "autoload": {
                "psr-4": {
                    "fkooman\\SAML\\SP\\": "src/"
                }
            },
            "autoload-dev": {
                "psr-4": {
                    "fkooman\\SAML\\SP\\Tests\\": "tests/"
                }
            },
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "email": "fkooman@tuxed.net",
                    "name": "François Kooman"
                }
            ],
            "description": "Secure SAML Service Provider",
            "support": {
                "email": "fkooman@tuxed.net",
                "source": "https://git.sr.ht/~fkooman/php-saml-sp"
            },
            "time": "2021-04-06T20:54:08+00:00"
        },
        {
            "name": "myclabs/deep-copy",
            "version": "1.10.2",
            "source": {


@@ 2298,8 2245,7 @@
    "stability-flags": {
        "fkooman/jwt": 20,
        "fkooman/oauth2-server": 20,
        "fkooman/secookie": 20,
        "fkooman/saml-sp": 20
        "fkooman/secookie": 20
    },
    "prefer-stable": true,
    "prefer-lowest": false,

M config/config.php.example => config/config.php.example +5 -0
@@ 33,6 33,11 @@ return [
//        'dbUser' => 'user',
//        'dbPass' => 'pass',
//    ],

    // where to store the session
    // DEFAULT: file
    //'sessionStorage' => 'file',
    //'sessionStorage' => 'mysql',
    

//    // LDAP

R schema/2021041501.schema => schema/2021042201.schema +4 -0
@@ 57,3 57,7 @@ CREATE TABLE user_log(
  log_message TEXT NOT NULL,
  user_id VARCHAR(255) NOT NULL REFERENCES users(user_id) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS sessions(
  session_id VARCHAR(255) PRIMARY KEY,
  session_data TEXT
);

M src/Storage.php => src/Storage.php +1 -1
@@ 19,7 19,7 @@ use PDO;

class Storage implements StorageInterface
{
    const CURRENT_SCHEMA_VERSION = '2021041501';
    const CURRENT_SCHEMA_VERSION = '2021042201';

    private PDO $db;


M web/index.php => web/index.php +12 -11
@@ 15,6 15,7 @@ $baseDir = dirname(__DIR__);
use fkooman\Jwt\Keys\EdDSA\SecretKey;
use fkooman\SeCookie\Cookie;
use fkooman\SeCookie\CookieOptions;
use fkooman\SeCookie\MysqlSessionStorage;
use fkooman\SeCookie\Session;
use fkooman\SeCookie\SessionOptions;
use LC\Portal\CA\VpnCa;


@@ 104,12 105,22 @@ try {
                ->withMaxAge(60 * 60 * 24 * 90)  // 90 days
        )
    );

    $db = new PDO(
        $config->s('Db')->requireString('dbDsn', 'sqlite://'.$baseDir.'/data/db.sqlite'),
        $config->s('Db')->optionalString('dbUser'),
        $config->s('Db')->optionalString('dbPass')
    );
    $storage = new Storage($db, $baseDir.'/schema');
    $storage->update();

    $seSession = new SeSession(
        new Session(
            SessionOptions::init(),
            $cookieOptions
                ->withPath($request->getRoot())
                ->withSameSiteLax()
                ->withSameSiteLax(),
            'mysql' === $config->requireString('sessionStorage', 'file') ? new MysqlSessionStorage($db) : null
        )
    );



@@ 138,16 149,6 @@ try {

    $tpl->addDefault($templateDefaults);

    $storage = new Storage(
        new PDO(
            $config->s('Db')->requireString('dbDsn', 'sqlite://'.$baseDir.'/data/db.sqlite'),
            $config->s('Db')->optionalString('dbUser'),
            $config->s('Db')->optionalString('dbPass')
        ),
        $baseDir.'/schema'
    );
    $storage->update();

    $service = new Service();
    $service->addBeforeHook(new CsrfProtectionHook());
    $service->addBeforeHook(new LanguageSwitcherHook(array_keys($supportedLanguages), $seCookie));