eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-02-04 04:56:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

chore: some additional refvisions

Browse source 
Signed-off-by: Josh <josh.t.richards@gmail.com>
This commit is contained in:
Josh 2026-01-20 13:50:05 -05:00
parent 9c464bcf1d
commit 4a2d5bbfda
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
php/public/index.php
View file

@ -25,7 +25,6 @@ const AIO_MAX_EXECUTION_TIME = '7200'; // (2h) in case of a very slow inter
const AIO_SESSION_MAX_LIFETIME = '86400'; // (24h)
const AIO_COOKIE_LIFETIME = '0'; // Auto logout on browser close
const AIO_LOG_ERRORS_MAX_LEN = '0'; // Log whole log messages
const AIO_TWIG_CACHE_PATH = false; // e.g., __DIR__ . '/../var/twig-cache'
const AIO_DISPLAY_ERRORS = false;
@ -54,6 +53,7 @@ ini_set('session.save_path', $dataConst->GetSessionDirectory());
$app = AppFactory::create();
$responseFactory = $app->getResponseFactory();
// Register CSRF middleware (container-only)
$container->set(Guard::class, function () use ($responseFactory): Guard {
$guard = new Guard($responseFactory);
$guard->setPersistentTokenMode(true);
@ -61,15 +61,20 @@ $container->set(Guard::class, function () use ($responseFactory): Guard {
});
session_start();
// Activate CSRF middleware for all routes
$app->add(Guard::class);
// Setup and activate Twig middleware
$twig = Twig::create(__DIR__ . '/../templates/',
[ 'cache' => AIO_TWIG_CACHE_PATH ]
);
$app->add(TwigMiddleware::create($app, $twig));
// Add CSRF extension to Twig so templates can access CSRF tokens
$twig->addExtension(new \AIO\Twig\CsrfExtension($container->get(Guard::class)));
// Establish and activate authentication middleware for all routes
$app->add(new \AIO\Middleware\AuthMiddleware($container->get(\AIO\Auth\AuthManager::class)));
//-------------------------------------------------