Keeps the dashboard sessions from expiring. (#9263)

* Keeps the dashboard sessions from expiring. Route dashboard ajax calls through Laravel. Boots minimal cookies and sessions. Does not fix other pages for now, real fix is to fully port. * Check Laravel auth for the legacy calls. Display Laravel errors in the dashboard. legacy auth checks are mostly extraneous now.
2024-10-07 16:52:45 +00:00 · 2018-09-30 21:23:00 -05:00
parent c36a9e9abf
commit 14a168b2a9
9 changed files with 167 additions and 58 deletions
--- a/LibreNMS/Util/Laravel.php
+++ b/LibreNMS/Util/Laravel.php
@@ -33,6 +33,20 @@ use Log;
 class Laravel
 {
    public static function bootCli()
    {
        // make sure Laravel isn't already booted
        if (class_exists('App') && App::isBooted()) {
            return;
        }
        define('LARAVEL_START', microtime(true));
        $install_dir = realpath(__DIR__ . '/../..');
        $app = require_once $install_dir . '/bootstrap/app.php';
        $kernel = $app->make(\Illuminate\Contracts\Console\Kernel::class);
        $kernel->bootstrap();
    }
    public static function enableQueryDebug()
    {
        $db = Eloquent::DB();
--- a/app/Http/Controllers/LegacyController.php
+++ b/app/Http/Controllers/LegacyController.php
@@ -21,4 +21,14 @@ class LegacyController extends Controller
    {
        include base_path('html/legacy_api_v0.php');
    }
    public function dash()
    {
        ob_start();
        include base_path('html/legacy/ajax_dash.php');
        $output = ob_get_contents();
        ob_end_clean();
        return response($output, 200, ['Content-Type' => 'application/json']);
    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -41,6 +41,11 @@ class Kernel extends HttpKernel
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
        'minimal' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Session\Middleware\StartSession::class,
        ],
        'api' => [
            'bindings',
            'auth:token'
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@@ -35,6 +35,8 @@ class RouteServiceProvider extends ServiceProvider
     */
    public function map()
    {
        $this->mapLegacyRoutes();
        $this->mapApiRoutes();
        $this->mapWebRoutes();
@@ -42,6 +44,17 @@ class RouteServiceProvider extends ServiceProvider
        //
    }
    /**
     * Define legacy routes for the application.
     * Only initializing minimal middleware: Cookies and Session.
     */
    protected function mapLegacyRoutes()
    {
        Route::middleware('minimal')
            ->namespace($this->namespace)
            ->group(base_path('routes/legacy.php'));
    }
    /**
     * Define the "web" routes for the application.
     *
--- a/html/ajax_dash.php
+++ b/html/ajax_dash.php
@@ -1,62 +1,61 @@
 <?php
-/*
+/**
- * LibreNMS
+ * Laravel - A PHP Framework For Web Artisans
 *
- * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
+ * @package  Laravel
- *
+ * @author   Taylor Otwell <taylor@laravel.com>
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.  Please see LICENSE.txt at the top level of
 * the source code distribution for details.
 */
-use LibreNMS\Authentication\LegacyAuth;
+/*
 |--------------------------------------------------------------------------
 | Register The Auto Loader
 |--------------------------------------------------------------------------
 |
 | Composer provides a convenient, automatically generated class loader for
 | our application. We just need to utilize it! We'll simply require it
 | into the script here so that we don't have to worry about manual
 | loading any of our classes later on. It feels great to relax.
 |
 */
-$init_modules = array('web', 'auth');
+require __DIR__.'/../bootstrap/autoload.php';
 require realpath(__DIR__ . '/..') . '/includes/init.php';
-set_debug($_REQUEST['debug']);
+/*
 |--------------------------------------------------------------------------
 | Turn On The Lights
 |--------------------------------------------------------------------------
 |
 | We need to illuminate PHP development, so let us turn on the lights.
 | This bootstraps the framework and gets it ready for use, then it
 | will load up this application so that we can run it and send
 | the responses back to the browser and delight our users.
 |
 */
-header('Content-type: application/json');
+$app = require_once __DIR__.'/../bootstrap/app.php';
-if (!LegacyAuth::check()) {
+/*
-    $response = array(
+|--------------------------------------------------------------------------
-        'status'  => 'error',
+| Run The Application
-        'message' => 'Unauthenticated',
+|--------------------------------------------------------------------------
-    );
+|
-    echo _json_encode($response);
+| Once we have the application, we can handle the incoming request
-    exit;
+| through the kernel, and send the associated response back to
-}
+| the client's browser allowing them to enjoy the creative
 | and wonderful application we have prepared for them.
 |
 */
-$type = $vars['type'];
+$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
-if ($type == 'placeholder') {
+// rewrite the request uri
-    $output = "<span style='text-align:left;'><br><h3>Click on the Edit Dashboard button (next to the list of dashboards) to add widgets</h3><br><h4><strong>Remember:</strong> You can only move & resize widgets when you're in <strong>Edit Mode</strong>.</h4><span>";
+$_SERVER['REQUEST_URI'] = '/legacy_ajax_dash';
    $status = 'ok';
    $title = 'Placeholder';
 } elseif (is_file('includes/common/'.$type.'.inc.php')) {
    $results_limit     = 10;
    $typeahead_limit   = $config['webui']['global_search_result_limit'];
    $no_form           = true;
    $unique_id         = str_replace(array("-","."), "_", uniqid($type, true));
    $widget_id         = $vars['id'];
    $widget_settings   = json_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?', array($widget_id)), true);
    $widget_dimensions = $vars['dimensions'];
    if (!empty($vars['settings'])) {
        define('SHOW_SETTINGS', true);
    }
    include 'includes/common/'.$type.'.inc.php';
    $output = implode('', $common_output);
    $status = 'ok';
    $title  = display($widget_settings['title']) ?: ucfirst(display($type));
 }
-$response = array(
+$response = $kernel->handle(
-                  'status' => $status,
+    $request = Illuminate\Http\Request::capture()
-                  'html' => $output,
+);
                  'title' => $title,
                 );
-echo _json_encode($response);
+$response->send();
 $kernel->terminate($request, $response);
--- a/html/legacy/ajax_dash.php
+++ b/html/legacy/ajax_dash.php
@@ -0,0 +1,64 @@
 <?php
 /*
 * LibreNMS
 *
 * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.  Please see LICENSE.txt at the top level of
 * the source code distribution for details.
 * @package  Laravel
 * @author   Taylor Otwell <taylor@laravel.com>
 */
 use LibreNMS\Authentication\LegacyAuth;
 $init_modules = ['web', 'auth'];
 require realpath(__DIR__ . '/../..') . '/includes/init.php';
 set_debug(isset($_REQUEST['debug']) && $_REQUEST['debug']);
 header('Content-type: application/json');
 if (!LegacyAuth::check()) {
    $response = array(
        'status'  => 'error',
        'message' => 'Unauthenticated',
    );
    echo _json_encode($response);
    exit;
 }
 $type = isset($vars['type']) ? $vars['type'] : 'placeholder';
 if ($type == 'placeholder') {
    $output = "<span style='text-align:left;'><br><h3>Click on the Edit Dashboard button (next to the list of dashboards) to add widgets</h3><br><h4><strong>Remember:</strong> You can only move & resize widgets when you're in <strong>Edit Mode</strong>.</h4><span>";
    $status = 'ok';
    $title = 'Placeholder';
 } elseif (is_file('includes/common/'.$type.'.inc.php')) {
    $results_limit     = 10;
    $typeahead_limit   = $config['webui']['global_search_result_limit'];
    $no_form           = true;
    $unique_id         = str_replace(array("-","."), "_", uniqid($type, true));
    $widget_id         = $vars['id'];
    $widget_settings   = json_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?', array($widget_id)), true);
    $widget_dimensions = $vars['dimensions'];
    if (!empty($vars['settings'])) {
        define('SHOW_SETTINGS', true);
    }
    include 'includes/common/'.$type.'.inc.php';
    $output = implode('', $common_output);
    $status = 'ok';
    $title  = display($widget_settings['title']) ?: ucfirst(display($type));
 }
 $response = array(
                  'status' => $status,
                  'html' => $output,
                  'title' => $title,
                 );
 echo _json_encode($response);
--- a/html/pages/front/tiles.php
+++ b/html/pages/front/tiles.php
@@ -653,8 +653,12 @@ if (strpos($dash_config, 'globe') !== false) {
                    $("#widget_body_"+id).html('<div class="alert alert-info">' + data.message + '</div>');
                }
            },
-            error: function () {
+            error: function (data) {
-                $("#widget_body_"+id).html('<div class="alert alert-info">Problem with backend</div>');
+                if (data.responseJSON.error) {
                    $("#widget_body_"+id).html('<div class="alert alert-info">' + data.responseJSON.error + '</div>');
                } else {
                    $("#widget_body_"+id).html('<div class="alert alert-info">Problem with backend</div>');
                }
            }
        });
    }
--- a/includes/init.php
+++ b/includes/init.php
@@ -93,13 +93,7 @@ if (module_selected('alerts', $init_modules)) {
 }
 if (module_selected('laravel', $init_modules)) {
-    // make sure Laravel isn't already booted
+    \LibreNMS\Util\Laravel::bootCli();
    if (!class_exists('App') || !App::isBooted()) {
        define(LARAVEL_START, microtime(true));
        $app = require_once $install_dir . '/bootstrap/app.php';
        $kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
        $kernel->bootstrap();
    }
 }
 if (!module_selected('nodb', $init_modules)) {
--- a/routes/legacy.php
+++ b/routes/legacy.php
@@ -0,0 +1,6 @@
 <?php
 Route::group(['middleware' => ['auth'], 'guard' => 'auth'], function () {
    Route::any('legacy_ajax_dash', 'LegacyController@dash');
 });