Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
Apq
/
SSPanel-Uim
mirror de https://github.com/Anankke/SSPanel-Uim.git
1
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

refactor: migrate pest config and improve code quality for CI compliance

Anankke há 2 meses atrás
pai
d9292458a3
commit
b45234121f
12 ficheiros alterados com 57 adições e 53 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 1 1
      app/predefine.php
  2. 1 1
      db/migrations/2025073100-refactor_mfa.php
  3. 6 6
      src/Controllers/AuthController.php
  4. 13 12
      src/Controllers/User/InfoController.php
  5. 6 6
      src/Controllers/User/MFAController.php
  6. 1 1
      src/Models/MFADevice.php
  7. 1 2
      src/Models/User.php
  8. 2 2
      src/Services/Cache.php
  9. 8 7
      src/Services/MFA/FIDO.php
  10. 3 3
      src/Services/MFA/TOTP.php
  11. 8 7
      src/Services/MFA/WebAuthn.php
  12. 7 5
      tests/Pest.php

+ 1 - 1
app/predefine.php
Ver Ficheiro 

@@ -3,7 +3,7 @@
 
 declare(strict_types=1);
 
 
 // Global constants
 
-if (!defined('BASE_PATH')) {
 
+if (! defined('BASE_PATH')) {
 
     define('BASE_PATH', __DIR__ . '/..');
 
 }
 
 const VERSION = '25.1.0';

+ 1 - 1
db/migrations/2025073100-refactor_mfa.php
Ver Ficheiro 

@@ -53,4 +53,4 @@ return new class() implements MigrationInterface {
 
 
         return 2024061600;
 
     }
 
-};
 
+};

+ 6 - 6
src/Controllers/AuthController.php
Ver Ficheiro 

@@ -105,7 +105,7 @@ final class AuthController extends BaseController
 
                 ->withJson([
 
                     'ret' => 1,
 
                     'msg' => '请完成二步认证',
 
-            ]);
 
+                ]);
 
         }
 
 
         $time = $rememberMe ? 86400 * ($_ENV['rememberMeDuration'] ?? 7) : 3600; // Cookie 过期时间
 
@@ -388,14 +388,14 @@ final class AuthController extends BaseController
 
 
     public function webauthnRequest(ServerRequest $request, Response $response, $next): ResponseInterface
 
     {
 
-        return $response->withJson(WebAuthn::AssertRequest());
 
+        return $response->withJson(WebAuthn::assertRequest());
 
     }
 
 
     public function webauthnHandle(ServerRequest $request, Response $response, $next): ResponseInterface
 
     {
 
         $data = $this->antiXss->xss_clean((array) $request->getParsedBody());
 
         $redir = $this->antiXss->xss_clean(Cookie::get('redir')) ?? '/user';
 
-        $result = WebAuthn::AssertHandle($data);
 
+        $result = WebAuthn::assertHandle($data);
 
         if ($result['ret'] === 1) {
 
             $user = $result['user'];
 
             if ($user === null) {
 
@@ -433,7 +433,7 @@ final class AuthController extends BaseController
 
         if ($user === null) {
 
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
 
         }
 
-        $result = TOTP::AssertHandle($user, $code);
 
+        $result = TOTP::assertHandle($user, $code);
 
         if ($result['ret'] === 1) {
 
             $redis->del('mfa_login_' . session_id());
 
             $rememberMe = $login_session['remember_me'];
 
@@ -462,7 +462,7 @@ final class AuthController extends BaseController
 
         if ($user === null) {
 
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
 
         }
 
-        return $response->withJson(FIDO::AssertRequest($user));
 
+        return $response->withJson(FIDO::assertRequest($user));
 
     }
 
 
     public function fidoHandle(ServerRequest $request, Response $response, $next): ResponseInterface
 
@@ -478,7 +478,7 @@ final class AuthController extends BaseController
 
         if ($user === null) {
 
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
 
         }
 
-        $result = FIDO::AssertHandle($user, $data);
 
+        $result = FIDO::assertHandle($user, $data);
 
         if ($result['ret'] === 1) {
 
             $redis->del('mfa_login_' . session_id());
 
             $rememberMe = $login_session['remember_me'];

+ 13 - 12
src/Controllers/User/InfoController.php
Ver Ficheiro 

@@ -34,18 +34,19 @@ final class InfoController extends BaseController
 
     {
 
         $themes = Tools::getDir(BASE_PATH . '/resources/views');
 
         $methods = Tools::getSsMethod();
 
-        $webauthnDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'passkey')->get()->toArray());
 
-        $totpDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'totp')->get()->toArray());
 
-        $fidoDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'fido')->get()->toArray());
 
-
 
-        return $response->write($this->view()
 
-            ->assign('user', $this->user)
 
-            ->assign('themes', $themes)
 
-            ->assign('methods', $methods)
 
-            ->assign('webauthnDevices', $webauthnDevices)
 
-            ->assign('totpDevices', $totpDevices)
 
-            ->assign('fidoDevices', $fidoDevices)
 
-            ->fetch('user/edit.tpl')
 
+        $webauthnDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'passkey')->get()->toArray());
 
+        $totpDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'totp')->get()->toArray());
 
+        $fidoDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'fido')->get()->toArray());
 
+
 
+        return $response->write(
 
+            $this->view()
 
+                ->assign('user', $this->user)
 
+                ->assign('themes', $themes)
 
+                ->assign('methods', $methods)
 
+                ->assign('webauthnDevices', $webauthnDevices)
 
+                ->assign('totpDevices', $totpDevices)
 
+                ->assign('fidoDevices', $fidoDevices)
 
+                ->fetch('user/edit.tpl')
 
         );
 
     }

+ 6 - 6
src/Controllers/User/MFAController.php
Ver Ficheiro 

@@ -21,13 +21,13 @@ final class MFAController extends BaseController
 
 {
 
     public function webauthnRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
-        return $response->withJson(WebAuthn::RegisterRequest($this->user));
 
+        return $response->withJson(WebAuthn::registerRequest($this->user));
 
     }
 
 
     public function webauthnRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
         try {
 
-            return $response->withJson(WebAuthn::RegisterHandle($this->user, $this->antiXss->xss_clean($request)));
 
+            return $response->withJson(WebAuthn::registerHandle($this->user, $this->antiXss->xss_clean($request)));
 
         } catch (Exception $e) {
 
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
 
         }
 
@@ -55,13 +55,13 @@ final class MFAController extends BaseController
 
 
     public function totpRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
-        return $response->withJson(TOTP::RegisterRequest($this->user));
 
+        return $response->withJson(TOTP::registerRequest($this->user));
 
     }
 
 
     public function totpRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
         try {
 
-            return $response->withJson(TOTP::RegisterHandle($this->user, $this->antiXss->xss_clean($request->getParam('code', ''))));
 
+            return $response->withJson(TOTP::registerHandle($this->user, $this->antiXss->xss_clean($request->getParam('code', ''))));
 
         } catch (Exception $e) {
 
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
 
         }
 
@@ -88,13 +88,13 @@ final class MFAController extends BaseController
 
 
     public function fidoRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
-        return $response->withJson(FIDO::RegisterRequest($this->user));
 
+        return $response->withJson(FIDO::registerRequest($this->user));
 
     }
 
 
     public function fidoRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
 
     {
 
         try {
 
-            return $response->withJson(FIDO::RegisterHandle($this->user, $this->antiXss->xss_clean($request->getParsedBody())));
 
+            return $response->withJson(FIDO::registerHandle($this->user, $this->antiXss->xss_clean($request->getParsedBody())));
 
         } catch (Exception $e) {
 
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
 
         }

+ 1 - 1
src/Models/MFADevice.php
Ver Ficheiro 

@@ -22,4 +22,4 @@ final class MFADevice extends Model
 
 {
 
     protected $connection = 'default';
 
     protected $table = 'mfa_devices';
 
-}
 
+}

+ 1 - 2
src/Models/User.php
Ver Ficheiro 

@@ -332,8 +332,7 @@ final class User extends Model
 
         $hasTotp = $totp !== null;
 
         if (! $hasFido && ! $hasTotp) {
 
             return ['require' => false];
 
-        } else {
 
-            return ['require' => true, 'fido' => $hasFido, 'totp' => $hasTotp];
 
         }
 
+        return ['require' => true, 'fido' => $hasFido, 'totp' => $hasTotp];
 
     }
 
 }

+ 2 - 2
src/Services/Cache.php
Ver Ficheiro 

@@ -14,9 +14,9 @@ final class Cache
 
         $redis = new Redis();
 
         $redis->connect($config['host'], $config['port'], $config['connectTimeout']);
 
         // 认证
 
-        if (! empty($config['auth']['user']) && ! empty($config['auth']['pass'])) {
 
+        if (($config['auth']['user'] ?? '') !== '' && ($config['auth']['pass'] ?? '') !== '') {
 
             $redis->auth([$config['auth']['user'], $config['auth']['pass']]);
 
-        } elseif (! empty($config['auth']['pass'])) {
 
+        } elseif (($config['auth']['pass'] ?? '') !== '') {
 
             $redis->auth($config['auth']['pass']);
 
         }
 
         // 选择数据库

+ 8 - 7
src/Services/MFA/FIDO.php
Ver Ficheiro 

@@ -1,5 +1,7 @@
 
 <?php
 
 
+declare(strict_types=1);
 
+
 
 namespace App\Services\MFA;
 
 
 use App\Models\MFADevice;
 
@@ -16,10 +18,9 @@ use Webauthn\PublicKeyCredentialDescriptor;
 
 use Webauthn\PublicKeyCredentialRequestOptions;
 
 use Webauthn\PublicKeyCredentialSource;
 
 
-class FIDO
 
+final class FIDO
 
 {
 
-
 
-    public static function RegisterRequest(User $user): array
 
+    public static function registerRequest(User $user): array
 
     {
 
         $rpEntity = WebAuthn::generateRPEntity();
 
         $userEntity = WebAuthn::generateUserEntity($user);
 
@@ -41,7 +42,7 @@ class FIDO
 
         return json_decode($jsonObject, true);
 
     }
 
 
-    public static function RegisterHandle(User $user, array $data): array
 
+    public static function registerHandle(User $user, array $data): array
 
     {
 
         $serializer = WebAuthn::getSerializer();
 
         try {
 
@@ -88,7 +89,7 @@ class FIDO
 
         return ['ret' => 1, 'msg' => '注册成功'];
 
     }
 
 
-    public static function AssertRequest(User $user): array
 
+    public static function assertRequest(User $user): array
 
     {
 
         try {
 
             $serializer = WebAuthn::getSerializer();
 
@@ -122,7 +123,7 @@ class FIDO
 
         }
 
     }
 
 
-    public static function AssertHandle(?User $user, array $data): array
 
+    public static function assertHandle(?User $user, array $data): array
 
     {
 
         $serializer = WebAuthn::getSerializer();
 
         $publicKeyCredential = $serializer->deserialize(json_encode($data), PublicKeyCredential::class, 'json');
 
@@ -162,4 +163,4 @@ class FIDO
 
         $redis->del('fido_assertion_' . session_id());
 
         return ['ret' => 1, 'msg' => '验证成功', 'userid' => $user->id];
 
     }
 
-}
 
+}

+ 3 - 3
src/Services/MFA/TOTP.php
Ver Ficheiro 

@@ -21,7 +21,7 @@ final class TOTP
 
         return $ga->createSecret(32);
 
     }
 
 
-    public static function RegisterRequest(User $user): array
 
+    public static function registerRequest(User $user): array
 
     {
 
         try {
 
             $TOTPDevice = (new MFADevice())->where('userid', $user->id)
 
@@ -56,7 +56,7 @@ final class TOTP
 
         return 'otpauth://totp/' . rawurlencode($_ENV['appName']) . ':' . rawurlencode($user->email) . '?secret=' . $token . '&issuer=' . rawurlencode($_ENV['appName']);
 
     }
 
 
-    public static function RegisterHandle(User $user, string $code): array
 
+    public static function registerHandle(User $user, string $code): array
 
     {
 
         $redis = (new Cache())->initRedis();
 
         $token = $redis->get('totp_register_' . session_id());
 
@@ -79,7 +79,7 @@ final class TOTP
 
         return ['ret' => 1, 'msg' => '注册成功'];
 
     }
 
 
-    public static function AssertHandle(User $user, string $code): array
 
+    public static function assertHandle(User $user, string $code): array
 
     {
 
         try {
 
             $TOTPDevice = (new MFADevice())->where('userid', $user->id)

+ 8 - 7
src/Services/MFA/WebAuthn.php
Ver Ficheiro 

@@ -1,5 +1,7 @@
 
 <?php
 
 
+declare(strict_types=1);
 
+
 
 namespace App\Services\MFA;
 
 
 use App\Models\MFADevice;
 
@@ -35,11 +37,11 @@ use Webauthn\PublicKeyCredentialRpEntity;
 
 use Webauthn\PublicKeyCredentialSource;
 
 use Webauthn\PublicKeyCredentialUserEntity;
 
 
-class WebAuthn
 
+final class WebAuthn
 
 {
 
     public static int $timeout = 30_000;
 
 
-    public static function RegisterRequest(User $user): array
 
+    public static function registerRequest(User $user): array
 
     {
 
         $redis = (new Cache())->initRedis();
 
         try {
 
@@ -113,7 +115,7 @@ class WebAuthn
 
         return $factory->create();
 
     }
 
 
-    public static function AssertRequest(): array
 
+    public static function assertRequest(): array
 
     {
 
         try {
 
             $publicKeyCredentialRequestOptions = self::getPublicKeyCredentialRequestOptions();
 
@@ -140,7 +142,7 @@ class WebAuthn
 
         );
 
     }
 
 
-    public static function AssertHandle(array $data): array
 
+    public static function assertHandle(array $data): array
 
     {
 
         $serializer = self::getSerializer();
 
         $publicKeyCredential = $serializer->deserialize(json_encode($data), PublicKeyCredential::class, 'json');
 
@@ -160,7 +162,6 @@ class WebAuthn
 
         }
 
         $redis = (new Cache())->initRedis();
 
         try {
 
-
 
             $publicKeyCredentialRequestOptions = $serializer->deserialize(
 
                 $redis->get('webauthn_assertion_' . session_id()),
 
                 PublicKeyCredentialRequestOptions::class,
 
@@ -194,7 +195,7 @@ class WebAuthn
 
         );
 
     }
 
 
-    public static function RegisterHandle(User $user, array $data): array
 
+    public static function registerHandle(User $user, array $data): array
 
     {
 
         try {
 
             $serializer = self::getSerializer();
 
@@ -254,4 +255,4 @@ class WebAuthn
 
             ceremonyStepManager: $creationCSM
 
         );
 
     }
 
-}
 
+}

+ 7 - 5
pest.php → tests/Pest.php
Ver Ficheiro 

@@ -1,13 +1,15 @@
 
 <?php
 
 
+declare(strict_types=1);
 
+
 
 /**
 
  * Pest PHP configuration file
 
- * 
+ *
 
  * This file is loaded before each test run
 
  */
 
 
-use Tests\TestCase;
 
 use Tests\SlimTestCase;
 
+use Tests\TestCase;
 
 
 // Base test case for all tests
 
 uses(TestCase::class)->in('Unit');
 
@@ -18,11 +20,11 @@ function resetEnv(): void
 
 {
 
     // Store original ENV values
 
     static $originalEnv = null;
 
-    
+
 
     if ($originalEnv === null) {
 
         $originalEnv = $_ENV;
 
     }
 
-    
+
 
     // Reset to original
 
     $_ENV = $originalEnv;
 
 }
 
@@ -74,4 +76,4 @@ dataset('node_types', [
 
     ['shadowsocks_relay', 11],
 
     ['vmess', 1],
 
     ['trojan', 2],
 
-]);
 
+]);