Keeps the dashboard sessions from expiring. (#9263)

* Keeps the dashboard sessions from expiring. Route dashboard ajax calls through Laravel. Boots minimal cookies and sessions. Does not fix other pages for now, real fix is to fully port. * Check Laravel auth for the legacy calls. Display Laravel errors in the dashboard. legacy auth checks are mostly extraneous now.
2024-09-21 10:28:13 +00:00 · 2018-09-30 21:23:00 -05:00 · 2018-09-30 21:23:00 -05:00 · 14a168b2a9
commit 14a168b2a9
parent c36a9e9abf
9 changed files with 167 additions and 58 deletions
--- a/LibreNMS/Util/Laravel.php
+++ b/LibreNMS/Util/Laravel.php
@ -33,6 +33,20 @@ use Log;

 class Laravel
 {
+    public static function bootCli()
+    {
+        // make sure Laravel isn't already booted
+        if (class_exists('App') && App::isBooted()) {
+            return;
+        }
+
+        define('LARAVEL_START', microtime(true));
+        $install_dir = realpath(__DIR__ . '/../..');
+        $app = require_once $install_dir . '/bootstrap/app.php';
+        $kernel = $app->make(\Illuminate\Contracts\Console\Kernel::class);
+        $kernel->bootstrap();
+    }
+
    public static function enableQueryDebug()
    {
        $db = Eloquent::DB();
--- a/app/Http/Controllers/LegacyController.php
+++ b/app/Http/Controllers/LegacyController.php
@ -21,4 +21,14 @@ class LegacyController extends Controller
    {
        include base_path('html/legacy_api_v0.php');
    }
+
+    public function dash()
+    {
+        ob_start();
+        include base_path('html/legacy/ajax_dash.php');
+        $output = ob_get_contents();
+        ob_end_clean();
+
+        return response($output, 200, ['Content-Type' => 'application/json']);
+    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -41,6 +41,11 @@ class Kernel extends HttpKernel
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

+        'minimal' => [
+            \App\Http\Middleware\EncryptCookies::class,
+            \Illuminate\Session\Middleware\StartSession::class,
+        ],
+
        'api' => [
            'bindings',
            'auth:token'
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@ -35,6 +35,8 @@ class RouteServiceProvider extends ServiceProvider
     */
    public function map()
    {
+        $this->mapLegacyRoutes();
+
        $this->mapApiRoutes();

        $this->mapWebRoutes();
@ -42,6 +44,17 @@ class RouteServiceProvider extends ServiceProvider
        //
    }

+    /**
+     * Define legacy routes for the application.
+     * Only initializing minimal middleware: Cookies and Session.
+     */
+    protected function mapLegacyRoutes()
+    {
+        Route::middleware('minimal')
+            ->namespace($this->namespace)
+            ->group(base_path('routes/legacy.php'));
+    }
+
    /**
     * Define the "web" routes for the application.
     *
--- a/html/ajax_dash.php
+++ b/html/ajax_dash.php
@ -1,62 +1,61 @@
 <?php

-/*
- * LibreNMS
+/**
+ * Laravel - A PHP Framework For Web Artisans
 *
- * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
- *
- * This program is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation, either version 3 of the License, or (at your
- * option) any later version.  Please see LICENSE.txt at the top level of
- * the source code distribution for details.
+ * @package  Laravel
+ * @author   Taylor Otwell <taylor@laravel.com>
 */

-use LibreNMS\Authentication\LegacyAuth;
+/*
+|--------------------------------------------------------------------------
+| Register The Auto Loader
+|--------------------------------------------------------------------------
+|
+| Composer provides a convenient, automatically generated class loader for
+| our application. We just need to utilize it! We'll simply require it
+| into the script here so that we don't have to worry about manual
+| loading any of our classes later on. It feels great to relax.
+|
+*/

-$init_modules = array('web', 'auth');
-require realpath(__DIR__ . '/..') . '/includes/init.php';
+require __DIR__.'/../bootstrap/autoload.php';

-set_debug($_REQUEST['debug']);
+/*
+|--------------------------------------------------------------------------
+| Turn On The Lights
+|--------------------------------------------------------------------------
+|
+| We need to illuminate PHP development, so let us turn on the lights.
+| This bootstraps the framework and gets it ready for use, then it
+| will load up this application so that we can run it and send
+| the responses back to the browser and delight our users.
+|
+*/

-header('Content-type: application/json');
+$app = require_once __DIR__.'/../bootstrap/app.php';

-if (!LegacyAuth::check()) {
-    $response = array(
-        'status'  => 'error',
-        'message' => 'Unauthenticated',
-    );
-    echo _json_encode($response);
-    exit;
-}
+/*
+|--------------------------------------------------------------------------
+| Run The Application
+|--------------------------------------------------------------------------
+|
+| Once we have the application, we can handle the incoming request
+| through the kernel, and send the associated response back to
+| the client's browser allowing them to enjoy the creative
+| and wonderful application we have prepared for them.
+|
+*/

-$type = $vars['type'];
+$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);

-if ($type == 'placeholder') {
-    $output = "<span style='text-align:left;'><br><h3>Click on the Edit Dashboard button (next to the list of dashboards) to add widgets</h3><br><h4><strong>Remember:</strong> You can only move & resize widgets when you're in <strong>Edit Mode</strong>.</h4><span>";
-    $status = 'ok';
-    $title = 'Placeholder';
-} elseif (is_file('includes/common/'.$type.'.inc.php')) {
-    $results_limit     = 10;
-    $typeahead_limit   = $config['webui']['global_search_result_limit'];
-    $no_form           = true;
-    $unique_id         = str_replace(array("-","."), "_", uniqid($type, true));
-    $widget_id         = $vars['id'];
-    $widget_settings   = json_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?', array($widget_id)), true);
-    $widget_dimensions = $vars['dimensions'];
-    if (!empty($vars['settings'])) {
-        define('SHOW_SETTINGS', true);
-    }
-    include 'includes/common/'.$type.'.inc.php';
-    $output = implode('', $common_output);
-    $status = 'ok';
-    $title  = display($widget_settings['title']) ?: ucfirst(display($type));
-}
+// rewrite the request uri
+$_SERVER['REQUEST_URI'] = '/legacy_ajax_dash';

-$response = array(
-                  'status' => $status,
-                  'html' => $output,
-                  'title' => $title,
-                 );
+$response = $kernel->handle(
+    $request = Illuminate\Http\Request::capture()
+);

-echo _json_encode($response);
+$response->send();
+
+$kernel->terminate($request, $response);
--- a/html/legacy/ajax_dash.php
+++ b/html/legacy/ajax_dash.php
@ -0,0 +1,64 @@
+<?php
+
+/*
+ * LibreNMS
+ *
+ * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.  Please see LICENSE.txt at the top level of
+ * the source code distribution for details.
+ * @package  Laravel
+ * @author   Taylor Otwell <taylor@laravel.com>
+ */
+
+use LibreNMS\Authentication\LegacyAuth;
+
+$init_modules = ['web', 'auth'];
+require realpath(__DIR__ . '/../..') . '/includes/init.php';
+
+set_debug(isset($_REQUEST['debug']) && $_REQUEST['debug']);
+
+header('Content-type: application/json');
+
+if (!LegacyAuth::check()) {
+    $response = array(
+        'status'  => 'error',
+        'message' => 'Unauthenticated',
+    );
+    echo _json_encode($response);
+    exit;
+}
+
+$type = isset($vars['type']) ? $vars['type'] : 'placeholder';
+
+if ($type == 'placeholder') {
+    $output = "<span style='text-align:left;'><br><h3>Click on the Edit Dashboard button (next to the list of dashboards) to add widgets</h3><br><h4><strong>Remember:</strong> You can only move & resize widgets when you're in <strong>Edit Mode</strong>.</h4><span>";
+    $status = 'ok';
+    $title = 'Placeholder';
+} elseif (is_file('includes/common/'.$type.'.inc.php')) {
+    $results_limit     = 10;
+    $typeahead_limit   = $config['webui']['global_search_result_limit'];
+    $no_form           = true;
+    $unique_id         = str_replace(array("-","."), "_", uniqid($type, true));
+    $widget_id         = $vars['id'];
+    $widget_settings   = json_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?', array($widget_id)), true);
+    $widget_dimensions = $vars['dimensions'];
+    if (!empty($vars['settings'])) {
+        define('SHOW_SETTINGS', true);
+    }
+    include 'includes/common/'.$type.'.inc.php';
+    $output = implode('', $common_output);
+    $status = 'ok';
+    $title  = display($widget_settings['title']) ?: ucfirst(display($type));
+}
+
+$response = array(
+                  'status' => $status,
+                  'html' => $output,
+                  'title' => $title,
+                 );
+
+echo _json_encode($response);
--- a/html/pages/front/tiles.php
+++ b/html/pages/front/tiles.php
@ -653,9 +653,13 @@ if (strpos($dash_config, 'globe') !== false) {
                    $("#widget_body_"+id).html('<div class="alert alert-info">' + data.message + '</div>');
                }
            },
-            error: function () {
+            error: function (data) {
+                if (data.responseJSON.error) {
+                    $("#widget_body_"+id).html('<div class="alert alert-info">' + data.responseJSON.error + '</div>');
+                } else {
                    $("#widget_body_"+id).html('<div class="alert alert-info">Problem with backend</div>');
                }
+            }
        });
    }

--- a/includes/init.php
+++ b/includes/init.php
@ -93,13 +93,7 @@ if (module_selected('alerts', $init_modules)) {
 }

 if (module_selected('laravel', $init_modules)) {
-    // make sure Laravel isn't already booted
-    if (!class_exists('App') || !App::isBooted()) {
-        define(LARAVEL_START, microtime(true));
-        $app = require_once $install_dir . '/bootstrap/app.php';
-        $kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
-        $kernel->bootstrap();
-    }
+    \LibreNMS\Util\Laravel::bootCli();
 }

 if (!module_selected('nodb', $init_modules)) {
--- a/routes/legacy.php
+++ b/routes/legacy.php
@ -0,0 +1,6 @@
+<?php
+
+
+Route::group(['middleware' => ['auth'], 'guard' => 'auth'], function () {
+    Route::any('legacy_ajax_dash', 'LegacyController@dash');
+});