Skip to content

Y
yii2
Commit 066989f0 by Qiang Xue
Options

Fixes #4425: generate cookie validation keys in local config files.

parent 2a8ca600
Showing with 85 additions and 32 deletions
apps/advanced/backend/config/main.php
......@@ -13,10 +13,6 @@ return [
'bootstrap' => ['log'],
'modules' => [],
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
......
apps/advanced/composer.json
......@@ -32,8 +32,7 @@
},
"scripts": {
"post-create-project-cmd": [
"yii\\composer\\Installer::setPermission",
"yii\\composer\\Installer::generateCookieValidationKey"
"yii\\composer\\Installer::setPermission"
]
},
"config": {
......@@ -46,10 +45,6 @@
"frontend/runtime",
"frontend/web/assets"
],
"config": [
"frontend/config/main.php",
"backend/config/main.php"
]
}
}
apps/advanced/environments/dev/backend/config/main-local.php
<?php
$config = [];
$config = [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
if (!YII_ENV_TEST) {
// configuration adjustments for 'dev' environment
......
apps/advanced/environments/dev/frontend/config/main-local.php
<?php
$config = [];
$config = [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
if (!YII_ENV_TEST) {
// configuration adjustments for 'dev' environment
......
apps/advanced/environments/index.php
......@@ -9,9 +9,15 @@
* return [
* 'environment name' => [
* 'path' => 'directory storing the local files',
* 'writable' => [
* 'setWritable' => [
* // list of directories that should be set writable
* ],
* 'setExecutable' => [
* // list of directories that should be set executable
* ],
* 'setCookieValidationKey' => [
* // list of config files that need to be inserted with automatically generated cookie validation keys
* ],
* ],
* ];
* ```
......@@ -19,26 +25,34 @@
return [
'Development' => [
'path' => 'dev',
'writable' => [
'setWritable' => [
'backend/runtime',
'backend/web/assets',
'frontend/runtime',
'frontend/web/assets',
],
'executable' => [
'setExecutable' => [
'yii',
],
'setCookieValidationKey' => [
'backend/config/main-local.php',
'frontend/config/main-local.php',
],
],
'Production' => [
'path' => 'prod',
'writable' => [
'setWritable' => [
'backend/runtime',
'backend/web/assets',
'frontend/runtime',
'frontend/web/assets',
],
'executable' => [
'setExecutable' => [
'yii',
],
'setCookieValidationKey' => [
'backend/config/main-local.php',
'frontend/config/main-local.php',
],
],
];
apps/advanced/environments/prod/backend/config/main-local.php
<?php
return [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
apps/advanced/environments/prod/frontend/config/main-local.php
<?php
return [
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
],
];
apps/advanced/frontend/config/main.php
......@@ -12,10 +12,6 @@ return [
'bootstrap' => ['log'],
'controllerNamespace' => 'frontend\controllers',
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '',
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
......
apps/advanced/init
......@@ -14,6 +14,10 @@
* @license http://www.yiiframework.com/license/
*/
if (!extension_loaded('mcrypt')) {
die('The mcrypt PHP extension is required by Yii2.');
}
$params = getParams();
$root = str_replace('\\', '/', __DIR__);
$envs = require("$root/environments/index.php");
......@@ -68,17 +72,10 @@ foreach ($files as $file) {
}
}
if (isset($env['writable'])) {
foreach ($env['writable'] as $writable) {
echo " chmod 0777 $writable\n";
@chmod("$root/$writable", 0777);
}
}
if (isset($env['executable'])) {
foreach ($env['executable'] as $executable) {
echo " chmod 0755 $executable\n";
@chmod("$root/$executable", 0755);
$callbacks = ['setCookieValidationKey', 'setWritable', 'setExecutable'];
foreach ($callbacks as $callback) {
if (!empty($env[$callback])) {
$callback($root, $env[$callback]);
}
}
......@@ -167,3 +164,32 @@ function getParams()
}
return $params;
}
function setWritable($root, $paths)
{
foreach ($paths as $writable) {
echo " chmod 0777 $writable\n";
@chmod("$root/$writable", 0777);
}
}
function setExecutable($root, $paths)
{
foreach ($paths as $executable) {
echo " chmod 0755 $executable\n";
@chmod("$root/$executable", 0755);
}
}
function setCookieValidationKey($root, $paths)
{
foreach ($paths as $file) {
echo " generating cookie validation key $file\n";
$file = $root . '/' . $file;
$length = 32;
$bytes = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
$key = strtr(substr(base64_encode($bytes), 0, $length), '+/=', '_-.');
$content = preg_replace('/(("|\')cookieValidationKey("|\')\s*=>\s*)(""|\'\')/', "\\1'$key'", file_get_contents($file));
file_put_contents($file, $content);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment