Skip to content

Y
yii2
Commit 066989f0 by Qiang Xue
Options

Fixes #4425: generate cookie validation keys in local config files.

parent 2a8ca600
Showing with 85 additions and 32 deletions
apps/advanced/backend/config/main.php
...@@ -13,10 +13,6 @@ return [ ...@@ -13,10 +13,6 @@ return [
'bootstrap' => ['log'], 'bootstrap' => ['log'],
'modules' => [], 'modules' => [],
'components' => [ 'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
'user' => [ 'user' => [
'identityClass' => 'common\models\User', 'identityClass' => 'common\models\User',
'enableAutoLogin' => true, 'enableAutoLogin' => true,
......
apps/advanced/composer.json
...@@ -32,8 +32,7 @@ ...@@ -32,8 +32,7 @@
}, },
"scripts": { "scripts": {
"post-create-project-cmd": [ "post-create-project-cmd": [
"yii\\composer\\Installer::setPermission", "yii\\composer\\Installer::setPermission"
"yii\\composer\\Installer::generateCookieValidationKey"
] ]
}, },
"config": { "config": {
...@@ -46,10 +45,6 @@ ...@@ -46,10 +45,6 @@
"frontend/runtime", "frontend/runtime",
"frontend/web/assets" "frontend/web/assets"
],
"config": [
"frontend/config/main.php",
"backend/config/main.php"
] ]
} }
} }
apps/advanced/environments/dev/backend/config/main-local.php
<?php <?php
$config = []; $config = [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
if (!YII_ENV_TEST) { if (!YII_ENV_TEST) {
// configuration adjustments for 'dev' environment // configuration adjustments for 'dev' environment
......
apps/advanced/environments/dev/frontend/config/main-local.php
<?php <?php
$config = []; $config = [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
if (!YII_ENV_TEST) { if (!YII_ENV_TEST) {
// configuration adjustments for 'dev' environment // configuration adjustments for 'dev' environment
......
apps/advanced/environments/index.php
...@@ -9,9 +9,15 @@ ...@@ -9,9 +9,15 @@
* return [ * return [
* 'environment name' => [ * 'environment name' => [
* 'path' => 'directory storing the local files', * 'path' => 'directory storing the local files',
* 'writable' => [ * 'setWritable' => [
* // list of directories that should be set writable * // list of directories that should be set writable
* ], * ],
* 'setExecutable' => [
* // list of directories that should be set executable
* ],
* 'setCookieValidationKey' => [
* // list of config files that need to be inserted with automatically generated cookie validation keys
* ],
* ], * ],
* ]; * ];
* ``` * ```
...@@ -19,26 +25,34 @@ ...@@ -19,26 +25,34 @@
return [ return [
'Development' => [ 'Development' => [
'path' => 'dev', 'path' => 'dev',
'writable' => [ 'setWritable' => [
'backend/runtime', 'backend/runtime',
'backend/web/assets', 'backend/web/assets',
'frontend/runtime', 'frontend/runtime',
'frontend/web/assets', 'frontend/web/assets',
], ],
'executable' => [ 'setExecutable' => [
'yii', 'yii',
], ],
'setCookieValidationKey' => [
'backend/config/main-local.php',
'frontend/config/main-local.php',
],
], ],
'Production' => [ 'Production' => [
'path' => 'prod', 'path' => 'prod',
'writable' => [ 'setWritable' => [
'backend/runtime', 'backend/runtime',
'backend/web/assets', 'backend/web/assets',
'frontend/runtime', 'frontend/runtime',
'frontend/web/assets', 'frontend/web/assets',
], ],
'executable' => [ 'setExecutable' => [
'yii', 'yii',
], ],
'setCookieValidationKey' => [
'backend/config/main-local.php',
'frontend/config/main-local.php',
],
], ],
]; ];
apps/advanced/environments/prod/backend/config/main-local.php
<?php <?php
return [ return [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
]; ];
apps/advanced/environments/prod/frontend/config/main-local.php
<?php <?php
return [ return [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
]; ];
apps/advanced/frontend/config/main.php
...@@ -12,10 +12,6 @@ return [ ...@@ -12,10 +12,6 @@ return [
'bootstrap' => ['log'], 'bootstrap' => ['log'],
'controllerNamespace' => 'frontend\controllers', 'controllerNamespace' => 'frontend\controllers',
'components' => [ 'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
'user' => [ 'user' => [
'identityClass' => 'common\models\User', 'identityClass' => 'common\models\User',
'enableAutoLogin' => true, 'enableAutoLogin' => true,
......
apps/advanced/init
...@@ -14,6 +14,10 @@ ...@@ -14,6 +14,10 @@
* @license http://www.yiiframework.com/license/ * @license http://www.yiiframework.com/license/
*/ */
if (!extension_loaded('mcrypt')) {
die('The mcrypt PHP extension is required by Yii2.');
}
$params = getParams(); $params = getParams();
$root = str_replace('\\', '/', __DIR__); $root = str_replace('\\', '/', __DIR__);
$envs = require("$root/environments/index.php"); $envs = require("$root/environments/index.php");
...@@ -68,17 +72,10 @@ foreach ($files as $file) { ...@@ -68,17 +72,10 @@ foreach ($files as $file) {
} }
} }
if (isset($env['writable'])) { $callbacks = ['setCookieValidationKey', 'setWritable', 'setExecutable'];
foreach ($env['writable'] as $writable) { foreach ($callbacks as $callback) {
echo " chmod 0777 $writable\n"; if (!empty($env[$callback])) {
@chmod("$root/$writable", 0777); $callback($root, $env[$callback]);
}
}
if (isset($env['executable'])) {
foreach ($env['executable'] as $executable) {
echo " chmod 0755 $executable\n";
@chmod("$root/$executable", 0755);
} }
} }
...@@ -167,3 +164,32 @@ function getParams() ...@@ -167,3 +164,32 @@ function getParams()
} }
return $params; return $params;
} }
function setWritable($root, $paths)
{
foreach ($paths as $writable) {
echo " chmod 0777 $writable\n";
@chmod("$root/$writable", 0777);
}
}
function setExecutable($root, $paths)
{
foreach ($paths as $executable) {
echo " chmod 0755 $executable\n";
@chmod("$root/$executable", 0755);
}
}
function setCookieValidationKey($root, $paths)
{
foreach ($paths as $file) {
echo " generating cookie validation key $file\n";
$file = $root . '/' . $file;
$length = 32;
$bytes = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
$key = strtr(substr(base64_encode($bytes), 0, $length), '+/=', '_-.');
$content = preg_replace('/(("|\')cookieValidationKey("|\')\s*=>\s*)(""|\'\')/', "\\1'$key'", file_get_contents($file));
file_put_contents($file, $content);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment