From d4842cd614ecc4d067fb8472f4d0f42e5c96fdc0 Mon Sep 17 00:00:00 2001
From: Dominik Hebeler <dominik@suma-ev.de>
Date: Thu, 11 Mar 2021 12:00:23 +0100
Subject: [PATCH] Differentiating between invalid key and empty key
---
app/Http/Controllers/KeyController.php | 21 ++------
app/Http/Middleware/RemoveKey.php | 2 +-
app/Models/Key.php | 60 ++++++++++------------
resources/lang/de/key.php | 5 +-
resources/less/metager/pages/key-dark.less | 2 +-
resources/less/metager/pages/key.less | 10 ++++
resources/views/key.blade.php | 31 ++++++-----
7 files changed, 65 insertions(+), 66 deletions(-)
diff --git a/app/Http/Controllers/KeyController.php b/app/Http/Controllers/KeyController.php
index 5ba8f76f8..a62d24942 100644
--- a/app/Http/Controllers/KeyController.php
+++ b/app/Http/Controllers/KeyController.php
@@ -14,34 +14,23 @@ class KeyController extends Controller
// How many Ad Free searches should a user get max when he creates a new key
const KEYCHANGE_ADFREE_SEARCHES = 150;
- public function index(Request $request)
+ public function index(\App\Models\Key $key, Request $request)
{
- $redirUrl = $request->input('redirUrl', "");
- $cookie = Cookie::get('key');
- $key = $request->input('keyToSet', '');
-
- if (empty($key) && empty($cookie)) {
- $key = 'enter_key_here';
- } elseif (empty($key) && !empty($cookie)) {
- $key = $cookie;
- } elseif (!empty($key)) {
- $key = $request->input('key');
- }
-
$cookieLink = LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('loadSettings', Cookie::get()));
return view('key')
->with('title', trans('titles.key'))
- ->with('cookie', $key)
+ ->with('keystatus', $key->getStatus())
+ ->with('cookie', $key->key)
->with('cookieLink', $cookieLink);
}
public function setKey(Request $request)
{
- $redirUrl = $request->input('redirUrl', "");
$keyToSet = $request->input('keyToSet');
$key = new Key($request->input('keyToSet', ''));
- if ($key->getStatus()) {
+ $status = $key->getStatus();
+ if ($status !== null) {
# Valid Key
$host = $request->header("X_Forwarded_Host", "");
if (empty($host)) {
diff --git a/app/Http/Middleware/RemoveKey.php b/app/Http/Middleware/RemoveKey.php
index 5b1c0be94..a65dbf1da 100644
--- a/app/Http/Middleware/RemoveKey.php
+++ b/app/Http/Middleware/RemoveKey.php
@@ -17,7 +17,7 @@ class RemoveKey
public function handle($request, Closure $next)
{
// Check if a wrong Key Cookie is set and if so remove it
- if(Cookie::has("key") && !app('App\Models\Key')->getStatus()){
+ if(Cookie::has("key") && app('App\Models\Key')->getStatus() === null){
return redirect(route("removeCookie", ["ir" => url()->full()]));
}
return $next($request);
diff --git a/app/Models/Key.php b/app/Models/Key.php
index c5689c0e2..f078b3e56 100644
--- a/app/Models/Key.php
+++ b/app/Models/Key.php
@@ -9,7 +9,7 @@ use \Carbon\Carbon;
class Key
{
public $key;
- public $status; # valid key = true, invalid key = false, unidentified key = null
+ public $status; # Null If Key invalid | false if valid but has no adFreeSearches | true if valid and has adFreeSearches
private $keyserver = "https://key.metager.de/";
private $keyinfo;
@@ -27,35 +27,29 @@ class Key
{
if ($this->key !== '' && $this->status === null) {
$this->updateStatus();
- if(empty($this->status)){
+ if($this->status === null){
// The user provided an invalid key which we will log to fail2ban
$fail2banEnabled = config("metager.metager.fail2ban_enabled");
- if(empty($fail2banEnabled) || !$fail2banEnabled || !env("fail2banurl", false) || !env("fail2banuser") || !env("fail2banpassword")){
- return false;
+ if (!empty($fail2banEnabled) && $fail2banEnabled && !empty(env("fail2banurl", false)) && !empty(env("fail2banuser")) && !empty(env("fail2banpassword"))) {
+ // Submit fetch job to worker
+ $mission = [
+ "resulthash" => "captcha",
+ "url" => env("fail2banurl") . "/mgkeytry/",
+ "useragent" => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
+ "username" => env("fail2banuser"),
+ "password" => env("fail2banpassword"),
+ "headers" => [
+ "ip" => Request::ip()
+ ],
+ "cacheDuration" => 0,
+ "name" => "Captcha",
+ ];
+ $mission = json_encode($mission);
+ Redis::rpush(\App\MetaGer::FETCHQUEUE_KEY, $mission);
}
-
- // Submit fetch job to worker
- $mission = [
- "resulthash" => "captcha",
- "url" => env("fail2banurl") . "/mgkeytry/",
- "useragent" => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
- "username" => env("fail2banuser"),
- "password" => env("fail2banpassword"),
- "headers" => [
- "ip" => Request::ip()
- ],
- "cacheDuration" => 0,
- "name" => "Captcha",
- ];
- $mission = json_encode($mission);
- Redis::rpush(\App\MetaGer::FETCHQUEUE_KEY, $mission);
}
}
- if ($this->status === null || $this->status === false) {
- return false;
- } else {
- return true;
- }
+ return $this->status;
}
public function updateStatus()
@@ -73,15 +67,15 @@ class Key
try {
$link = $this->keyserver . "v2/key/". urlencode($this->key);
$result = json_decode(file_get_contents($link, false, $context));
- $this->keyinfo = $result;
- if ($result->{'apiAccess'} == 'unlimited') {
- $this->status = true;
- return true;
- } else if ($result->{'apiAccess'} == 'normal' && $result->{'adFreeSearches'} > 0){
- $this->status = true;
+ if(!empty($result)){
+ $this->keyinfo = $result;
+ if($this->keyinfo->adFreeSearches > 0 || $this->keyinfo->apiAccess === "unlimited"){
+ $this->status = true;
+ }else{
+ $this->status = false;
+ }
return true;
- } else {
- $this->status = false;
+ }else{
return false;
}
} catch (\ErrorException $e) {
diff --git a/resources/lang/de/key.php b/resources/lang/de/key.php
index 9582222c4..3c8076ed4 100644
--- a/resources/lang/de/key.php
+++ b/resources/lang/de/key.php
@@ -4,7 +4,7 @@ return [
'h1' => "Schlüssel für Ihre werbefreie Suche",
'p1' => 'MetaGer bietet <a href=":url1">SUMA-EV Mitgliedern</a> und großzügigen <a href=":url2">Spendern</a> einen Schlüssel an, mit dem sie Zugriff auf ein Kontingent an werbefreien Suchen haben.',
'p2' => 'Auf dieser Seite können Sie Ihren Schlüssel (sofern bekannt) eingeben. Wir speichern diesen mit Hilfe eines Cookies auf Ihrem PC. Auf diese Weise sendet Ihr Browser den Schlüssel automatisch bei jeder durchgeführten Suche an uns, sodass wir die Werbung für Sie entfernen können.',
- 'p3' => 'Wenn Sie sich den Cookie anschauen steht dort drin "key=xxxx". Wir verwenden diesen dementsprechend nicht für Tracking-Zwecke. Er wird auch zu keinem Zeitpunkt in irgendeiner Form von uns gespeichert oder geloggt.',
+ 'p3' => 'Wenn Sie sich den Cookie anschauen steht dort drin "key=xxxx". Er wird zu keinem Zeitpunkt in irgendeiner Form von uns gespeichert oder geloggt. Wir verwenden diesen insbesondere auch nicht für Tracking-Zwecke',
'p4' => 'Wichtig: Um diese Funktion nutzen zu können, müssen Sie Cookies in Ihrem Browser zugelassen haben. Die Einstellung bleibt dann solange gespeichert, wie Ihr Browser Cookies speichert.',
'p5' => 'Um den Schlüssel darüber hinausgehend speichern zu können haben Sie folgende Möglichkeiten:',
'li1' => 'Richten Sie sich folgenden Link als Startseite/Lesezeichen ein:',
@@ -12,8 +12,9 @@ return [
'placeholder1' => 'Schlüssel eingeben...',
'removeKey' => 'aktuellen Schlüssel entfernen',
'invalidKey' => 'Der eingegebene Schlüssel ist ungültig',
+ 'empty' => 'Ihr Schlüssel ist zwar gültig, enthält aber keine werbefreien Suchen mehr.',
'backLink' => 'Zurück zur letzten Seite',
'custom.h3' => 'Wunsch-Schlüssel',
'custom.p1' => 'Mitglieder des SUMA-EV haben die Möglichkeit, sich einen eigenen Schlüssel auszusuchen.',
- 'custom.a1' => 'Wunsch-Schlüssel erstellen'
+ 'custom.a1' => 'Wunsch Schlüssel einrichten'
];
diff --git a/resources/less/metager/pages/key-dark.less b/resources/less/metager/pages/key-dark.less
index 7a84e3ad7..ecfdd63f4 100644
--- a/resources/less/metager/pages/key-dark.less
+++ b/resources/less/metager/pages/key-dark.less
@@ -8,7 +8,7 @@
.card-medium;
margin: 8px 0;
.error {
- color: red;
+ color: #fd5757;
text-align: center;
font-weight: bold;
}
diff --git a/resources/less/metager/pages/key.less b/resources/less/metager/pages/key.less
index c1367a3f8..53f581e49 100644
--- a/resources/less/metager/pages/key.less
+++ b/resources/less/metager/pages/key.less
@@ -24,4 +24,14 @@
text-align: center;
margin-top: 16px;
}
+
+ #remove-key {
+ margin-top: 8px;
+ }
+
+ #enter-key-form {
+ display: flex;
+ justify-content: center;
+ gap: 4px;
+ }
}
\ No newline at end of file
diff --git a/resources/views/key.blade.php b/resources/views/key.blade.php
index e00cce4d7..7edb1652b 100644
--- a/resources/views/key.blade.php
+++ b/resources/views/key.blade.php
@@ -19,12 +19,13 @@
<p>{{ trans('key.p2') }}</p>
<p>{{ trans('key.p3') }}</p>
<p>{{ trans('key.p4') }}</p>
+ @if(isset($keystatus) && $keystatus !== null)
<p>{{ trans('key.p5') }}</p>
<ol>
<li>
@lang ('key.li1')
<div class="copyLink">
- <input id="loadSettings" class="loadSettings" type="text" value="{{$cookieLink}}">
+ <input id="loadSettings" class="loadSettings" type="text" value="{{$cookieLink}}" readonly>
<button class="js-only btn btn-default" onclick="var copyText = document.getElementById('loadSettings');copyText.select();copyText.setSelectionRange(0, 99999);document.execCommand('copy');">@lang('settings.copy')</button>
</div>
</li>
@@ -32,37 +33,41 @@
<li>
@lang('key.li2')
<div class="copyLink">
- <input id="searchString" class="loadSettings" type="text" value="{{route("resultpage", ["key" => $cookie]) . "&eingabe=%s"}}">
+ <input id="searchString" class="loadSettings" type="text" value="{{route("resultpage", ["key" => $cookie]) . "&eingabe=%s"}}" readonly>
<button class="js-only btn btn-default" onclick="var copyText = document.getElementById('searchString');copyText.select();copyText.setSelectionRange(0, 99999);document.execCommand('copy');">@lang('settings.copy')</button>
</div>
</li>
</ol>
+ @endif
</div>
@if(app('App\Models\Key')->canChange())
<div class="section">
<h3>@lang('key.custom.h3')</h3>
<p>@lang('key.custom.p1')</p>
- <a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('changeKeyOne')) }}">@lang('key.custom.a1')</a>
+ <a class="btn btn-default" href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('changeKeyOne')) }}">@lang('key.custom.a1')</a>
</div>
@endif
<div class="section">
+ @if(isset($keystatus) && $keystatus === false)
+ <p class="error">@lang('key.empty')</p>
+ @endif
+ @if(isset($keyValid) && $keyValid === false)
+ <p class="error">@lang('key.invalidKey')</p>
+ @endif
<div id="form-wrapper">
- <form method="post">
+ <form id="enter-key-form" method="post">
<input type="hidden" name="redirUrl" value="{{ Request::input('redirUrl', '') }}" />
- <input type="text" name="keyToSet" value="{{$cookie === 'enter_key_here' ? '' : $cookie}}" placeholder="@lang('key.placeholder1')" autofocus>
- <button type="submit" class="btn btn-success">OK</button>
+ <input type="text" name="keyToSet" value="{{$cookie === '' ? '' : $cookie}}" placeholder="@lang('key.placeholder1')" autofocus>
+ <button type="submit" class="btn btn-default">OK</button>
</form>
- @if($cookie !== 'enter_key_here')
- <form method="post" action="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), action('KeyController@removeKey', ['redirUrl' => url()->full()])) }}">
+ @if(isset($keystatus) && $keystatus !== null)
+ <form id="remove-key" method="post" action="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), action('KeyController@removeKey', ['redirUrl' => url()->full()])) }}">
<input type="hidden" name="redirUrl" value="{{ Request::input('redirUrl', '') }}" />
<button type="submit" class="btn btn-default">@lang('key.removeKey')</button>
</form>
@endif
- </div>
- @if(isset($keyValid) && $keyValid === false)
- <p class="error">@lang('key.invalidKey')</p>
- @endif
- @if(Request::input('redirUrl', '') !== '')
+ </div>
+ @if(Request::input('redirUrl', '') !== '' && parse_url(Request::input('redirUrl', ''), PHP_URL_HOST) === parse_url(url()->full(), PHP_URL_HOST))
<div id="back-link"><a href="{{Request::input('redirUrl')}}">@lang('key.backLink')</a></div>
@endif
</div>
--
GitLab