diff --git a/web/app/Http/Kernel.php b/web/app/Http/Kernel.php
index 9cdd848..7bc9cf6 100644
--- a/web/app/Http/Kernel.php
+++ b/web/app/Http/Kernel.php
@@ -15,6 +15,7 @@ class Kernel extends HttpKernel
*/
protected $middleware = [
// \App\Http\Middleware\TrustHosts::class,
+ \App\Http\Middleware\Cors::class,
\App\Http\Middleware\TrustProxies::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
@@ -39,6 +40,7 @@ class Kernel extends HttpKernel
'api' => [
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
+ \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
@@ -61,7 +63,6 @@ class Kernel extends HttpKernel
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
- 'cors' => \App\Http\Middleware\Cors::class,
- 'maintenance' => \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
+ 'maintenance' => \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
];
}
diff --git a/web/app/Http/Middleware/Cors.php b/web/app/Http/Middleware/Cors.php
index 897ddd4..782c590 100644
--- a/web/app/Http/Middleware/Cors.php
+++ b/web/app/Http/Middleware/Cors.php
@@ -17,9 +17,7 @@ class Cors
public function handle(Request $request, Closure $next)
{
$trustedHosts = explode(',', env('TRUSTED_HOSTS'));
-
$origin = parse_url($request->headers->get('origin'), PHP_URL_HOST);
-
$passCheck = false;
foreach($trustedHosts as &$host)
@@ -28,12 +26,23 @@ class Cors
$passCheck = true;
}
+ $allowedOrigin = ('http' . ($request->secure() ? 's' : null) . '://' . $origin);
+
+ if($passCheck && $request->getMethod() === 'OPTIONS' && $request->headers->has('Access-Control-Request-Method'))
+ {
+ return response('')
+ ->setStatusCode(204)
+ ->header('Access-Control-Allow-Origin', $allowedOrigin)
+ ->header('Access-Control-Allow-Methods', '*')
+ ->header('Access-Control-Max-Age', '86400');
+ }
+
$nextClosure = $next($request);
if($passCheck)
{
$nextClosure
- ->header('Access-Control-Allow-Origin', 'http' . ($request->secure() ? 's' : null) . '://' . $origin)
+ ->header('Access-Control-Allow-Origin', $allowedOrigin)
->header('Vary', 'origin');
}
diff --git a/web/app/Http/Middleware/PreventRequestsDuringMaintenance.php b/web/app/Http/Middleware/PreventRequestsDuringMaintenance.php
index aa2a98a..0eca73c 100644
--- a/web/app/Http/Middleware/PreventRequestsDuringMaintenance.php
+++ b/web/app/Http/Middleware/PreventRequestsDuringMaintenance.php
@@ -21,7 +21,7 @@ class PreventRequestsDuringMaintenance
*
* @var array
*/
- protected $except = ['banners/data'];
+ protected $except = ['banners/data', 'maintenance/bypass'];
/**
* Create a new middleware instance.
@@ -39,11 +39,12 @@ class PreventRequestsDuringMaintenance
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
+ * @param string $group
* @return mixed
*
* @throws \Symfony\Component\HttpKernel\Exception\HttpException
*/
- public function handle($request, Closure $next)
+ public function handle($request, Closure $next, $group = null)
{
if ($this->app->isDownForMaintenance()) {
$data = json_decode(file_get_contents($this->app->storagePath().'/framework/down'), true);
@@ -51,7 +52,7 @@ class PreventRequestsDuringMaintenance
if (isset($data['secret']) && $request->path() === $data['secret']) {
return $this->bypassResponse($data['secret']);
}
-
+
if ($this->hasValidBypassCookie($request, $data) ||
$this->inExceptArray($request)) {
return $next($request);
diff --git a/web/app/Models/WebsiteConfiguration.php b/web/app/Models/WebsiteConfiguration.php
new file mode 100644
index 0000000..9c05795
--- /dev/null
+++ b/web/app/Models/WebsiteConfiguration.php
@@ -0,0 +1,11 @@
+ ['api/*', 'sanctum/csrf-cookie'],
-
- 'allowed_methods' => ['*'],
-
- 'allowed_origins' => ['*'],
-
- 'allowed_origins_patterns' => [],
-
- 'allowed_headers' => ['*'],
-
- 'exposed_headers' => [],
-
- 'max_age' => 0,
-
- 'supports_credentials' => false,
-
-];
diff --git a/web/database/migrations/2021_12_18_202631_create_website_configurations_table.php b/web/database/migrations/2021_12_18_202631_create_website_configurations_table.php
new file mode 100644
index 0000000..d2f70d1
--- /dev/null
+++ b/web/database/migrations/2021_12_18_202631_create_website_configurations_table.php
@@ -0,0 +1,33 @@
+id();
+ $table->string('name');
+ $table->string('value');
+ $table->timestamps();
+ });
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::dropIfExists('website_configurations');
+ }
+}
diff --git a/web/database/seeders/DatabaseSeeder.php b/web/database/seeders/DatabaseSeeder.php
index 038af9a..6a9d088 100644
--- a/web/database/seeders/DatabaseSeeder.php
+++ b/web/database/seeders/DatabaseSeeder.php
@@ -6,6 +6,8 @@ use Illuminate\Database\Seeder;
use Database\Seeders\WebStatusSeeder;
+use Database\Seeders\WebConfigurationSeeder;
+
class DatabaseSeeder extends Seeder
{
/**
@@ -17,7 +19,8 @@ class DatabaseSeeder extends Seeder
{
$this->call([
WebStatusSeeder::class,
- FFlagSeeder::class
+ FFlagSeeder::class,
+ WebConfigurationSeeder::class
]);
}
}
diff --git a/web/database/seeders/WebConfigurationSeeder.php b/web/database/seeders/WebConfigurationSeeder.php
new file mode 100644
index 0000000..cbc907f
--- /dev/null
+++ b/web/database/seeders/WebConfigurationSeeder.php
@@ -0,0 +1,27 @@
+ 'MaintenancePassword',
+ 'value' => json_encode(
+ [
+ 'combination' => ['g','t','o','r','i','a'],
+ 'password' => '@bs0lut3lyM@55!v3P@55w0rd'
+ ])
+ ]); // please please please please please please please change the default password
+ }
+}
diff --git a/web/resources/js/pages/Maintenance.js b/web/resources/js/pages/Maintenance.js
index 00e54ef..ce5ea11 100644
--- a/web/resources/js/pages/Maintenance.js
+++ b/web/resources/js/pages/Maintenance.js
@@ -1,13 +1,18 @@
// © XlXi 2021
// Graphictoria 5
+import axios from 'axios';
import React, { useRef, Suspense } from 'react';
import { Canvas, useFrame } from '@react-three/fiber';
import { Instances, Instance, PerspectiveCamera, useGLTF } from '@react-three/drei';
+import Config from '../config.js';
import SetTitle from '../Helpers/Title.js';
+var url = Config.BaseUrl.replace('http://', '');
+var protocol = Config.Protocol;
+
const randomVector = (r) => [r / 2 - Math.random() * r, r / 2 - Math.random() * r, r / 2 - Math.random() * r];
const randomEuler = () => [Math.random() * Math.PI, Math.random() * Math.PI, Math.random() * Math.PI];
const randomData = Array.from({ length: 2000 }, (r = 200) => ({ random: Math.random(), position: randomVector(r), rotation: randomEuler() }));
@@ -28,9 +33,18 @@ function MakeButtons()
}
}
-function DoButton(position)
+let ButtonHistory = []
+
+function DoButton(position, state)
{
- console.log(position);
+ ButtonHistory.push(position);
+ axios.post(protocol + 'apis.' + url + '/maintenance/bypass', {
+ 'password': state.passwordState,
+ 'buttons': ButtonHistory
+ })
+ .then((response) => {
+ console.log(response);
+ });
}
function Scene() {
@@ -82,6 +96,11 @@ function Camera({ ...props }){
class Maintenance extends React.Component {
+ constructor(props) {
+ super(props);
+ this.state = { passwordState: '' };
+ }
+
componentDidMount()
{
SetTitle("Maintenance");
@@ -103,11 +122,11 @@ class Maintenance extends React.Component {
Graphictoria is currently under maintenance.
Our cyborg team of highly trained code-monkes are working to make Graphictoria better. We'll be back soon!
-
+ this.setState({passwordState: changeEvent.target.value}) } value={ this.state.passwordState }/>
{
Buttons.map(character => (
-
+
))
}
diff --git a/web/routes/apis.php b/web/routes/apis.php
index 89005f4..83b699b 100644
--- a/web/routes/apis.php
+++ b/web/routes/apis.php
@@ -16,18 +16,20 @@ use App\Http\Controllers\GamesController;
|
*/
-Route::middleware(['cors', 'maintenance'])->group(function() {
- Route::get('/', function () {
- return 'API OK';
- });
-
- Route::get('/banners/data', [BannerController::class, 'getBanners']);
+Route::get('/', function(){
+ return 'API OK';
+});
- Route::get('/games/metadata', [GamesController::class, 'isAvailable']);
+Route::get('/banners/data', [BannerController::class, 'getBanners']);
- Route::fallback(function () {
- return response('{"errors":[{"code":404,"message":"NotFound"}]}', 404)
- ->header('Cache-Control', 'private')
- ->header('Content-Type', 'application/json; charset=utf-8');
- });
+Route::get('/games/metadata', [GamesController::class, 'isAvailable']);
+
+Route::post('/maintenance/bypass', function(){
+ return 'test';
+});
+
+Route::fallback(function(){
+ return response('{"errors":[{"code":404,"message":"NotFound"}]}', 404)
+ ->header('Cache-Control', 'private')
+ ->header('Content-Type', 'application/json; charset=utf-8');
});
\ No newline at end of file
diff --git a/web/routes/web.php b/web/routes/web.php
index b535b25..48230d2 100644
--- a/web/routes/web.php
+++ b/web/routes/web.php
@@ -13,42 +13,42 @@ use Illuminate\Support\Facades\Route;
|
*/
-Route::get('/javascript', function () {
+Route::get('/javascript', function(){
return view('javascript');
});
-Route::get('/', function () {
+Route::get('/', function(){
return view('main');
});
-Route::get('/login', function () {
+Route::get('/login', function(){
return view('main');
});
-Route::get('/register', function () {
+Route::get('/register', function(){
return view('main');
});
-Route::get('/passwordreset', function () {
+Route::get('/passwordreset', function(){
return view('main');
});
-Route::get('/legal/about-us', function () {
+Route::get('/legal/about-us', function(){
return view('main');
});
-Route::get('/legal/terms-of-service', function () {
+Route::get('/legal/terms-of-service', function(){
return view('main');
});
-Route::get('/legal/privacy-policy', function () {
+Route::get('/legal/privacy-policy', function(){
return view('main');
});
-Route::get('/legal/dmca', function () {
+Route::get('/legal/dmca', function(){
return view('main');
});
-Route::get('/games', function () {
+Route::get('/games', function(){
return view('main');
});
\ No newline at end of file