-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Middleware.php
144 lines (116 loc) · 4.12 KB
/
Middleware.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<?php
namespace App;
use \Scarlets\Route;
use \Scarlets\Error;
use \Scarlets\Route\Serve;
use \Scarlets\Library\Cache;
use \Scarlets\Library\Server;
use \Scarlets\Route\Middleware as Mainware;
class Middleware{
public static function register(){
// Get function list on this class
$currentClass = get_class();
$list = get_class_methods($currentClass);
// Register functions on route middleware
foreach ($list as $function) {
if($function === 'register')
continue;
Mainware::$register[$function] = $currentClass.'::'.$function;
}
}
public static function auth($type, $scope = 'public', $for = false){
if($type === 'api'){
Header::set('Content-type: application/json');
// Register a callback when any error was happen
\Scarlets::onShutdown(function(){
if(Error::$hasError)
Serve::end('{"error":"Internal server error"}', 500);
});
// Only authenticated user who can access
if($scope === 'private'){
// Handle user access token here
Auth\User::init();
self::origin('*');
// Prevent further execution if not authenticated
if(!Auth\User::$data || Auth\User::$data['userID'] === false)
Serve::end('{"error":"Authentication failed"}', 401);
}
// Public access but limited to your domain (You can read about CORS)
else
self::origin(['https://www.mywebsite.com', 'https://my.profile.com']);
return function(){
// Output all returned data from function as JSON
Serve::end(json_encode(Mainware::$pendingData), 200);
};
}
}
public static function html($type = 'public'){
if($type === 'public'){
// Pending all output
ob_start();
// On request finished
return function($headerData, $footerData){
$body = ob_get_clean();
// This will trigger 'special' router event on ScarletsFrame
// When using dynamic route mode
Serve::special($headerData);
// Output the body with header and footer
Serve::view('static.header', $headerData, true);
Serve::raw($body);
Serve::view('static.footer', $footerData, true);
$elapsed = 1;
if(\Scarlets::$isConsole)
$elapsed = round(microtime(true) - Server::$requestMicrotime, 5);
else
$elapsed = round(microtime(true) - $GLOBALS['startupWebsiteTime'], 5);
Serve::raw("\n<benchmark><!-- Dynamic page generated in ".$elapsed." seconds. --></benchmark>");
// Skip other routes
Serve::end();
};
}
throw new Exception("Middleware 'html:".$type."' was not registered");
}
public static function origin($allowed = '*'){
if(isset($_SERVER['HTTP_ORIGIN'])){
if($allowed === '*')
true;
elseif(is_array($allowed) && in_array($_SERVER['HTTP_ORIGIN'], $allowed))
true;
else
exit;
Header::set('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
Header::set('Access-Control-Allow-Credentials: true');
Header::set('Access-Control-Max-Age: 86400');
if(isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
Header::set('Access-Control-Allow-Methods: PUT, DELETE, GET, POST, OPTIONS');
if(isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
Header::set('Access-Control-Allow-Headers: '.$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
// Skip server process if it's only send options header
if($_SERVER['REQUEST_METHOD'] == 'OPTIONS')
exit;
}
}
public static function limit($request = 2, $seconds = 30){
$total = Cache::get('request.limit', 0);
if($total < $request){
// Set expiration when it's the first request only ($total == 0)
$expire = $total === 0 ? $seconds : 0;
// Put the request count on cache
Cache::set('request.limit', $total + 1, $expire);
// Continue request
return false;
}
// Block request
else{
Serve::status(404);
return true;
}
}
}
class Header{
public static function set($text){
if(\Scarlets::$isConsole)
\Scarlets\Library\Server::setHeader($text);
else header($text);
}
}