diff options
Diffstat (limited to 'Bugzilla/Quantum/Plugin')
| -rw-r--r-- | Bugzilla/Quantum/Plugin/BasicAuth.pm | 40 | ||||
| -rw-r--r-- | Bugzilla/Quantum/Plugin/BlockIP.pm | 24 | ||||
| -rw-r--r-- | Bugzilla/Quantum/Plugin/Glue.pm | 41 |
3 files changed, 70 insertions, 35 deletions
diff --git a/Bugzilla/Quantum/Plugin/BasicAuth.pm b/Bugzilla/Quantum/Plugin/BasicAuth.pm new file mode 100644 index 000000000..e17273404 --- /dev/null +++ b/Bugzilla/Quantum/Plugin/BasicAuth.pm @@ -0,0 +1,40 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# This Source Code Form is "Incompatible With Secondary Licenses", as +# defined by the Mozilla Public License, v. 2.0. +package Bugzilla::Quantum::Plugin::BasicAuth; +use 5.10.1; +use Mojo::Base qw(Mojolicious::Plugin); + +use Bugzilla::Logging; +use Carp; + +sub register { + my ( $self, $app, $conf ) = @_; + + $app->renderer->add_helper( + basic_auth => sub { + my ( $c, $realm, $auth_user, $auth_pass ) = @_; + my $req = $c->req; + my ( $user, $password ) = $req->url->to_abs->userinfo =~ /^([^:]+):(.*)/; + + unless ( $realm && $auth_user && $auth_pass ) { + croak 'basic_auth() called with missing parameters.'; + } + + unless ( $user eq $auth_user && $password eq $auth_pass ) { + WARN('username and password do not match'); + $c->res->headers->www_authenticate("Basic realm=\"$realm\""); + $c->res->code(401); + $c->rendered; + return 0; + } + + return 1; + } + ); +} + +1;
\ No newline at end of file diff --git a/Bugzilla/Quantum/Plugin/BlockIP.pm b/Bugzilla/Quantum/Plugin/BlockIP.pm index fbfffad66..058ecbf64 100644 --- a/Bugzilla/Quantum/Plugin/BlockIP.pm +++ b/Bugzilla/Quantum/Plugin/BlockIP.pm @@ -4,38 +4,38 @@ use Mojo::Base 'Mojolicious::Plugin'; use Bugzilla::Memcached; -use constant BLOCK_TIMEOUT => 60*60; +use constant BLOCK_TIMEOUT => 60 * 60; -my $MEMCACHED = Bugzilla::Memcached->_new()->{memcached}; +my $MEMCACHED = Bugzilla::Memcached->new()->{memcached}; sub register { my ( $self, $app, $conf ) = @_; - $app->hook(before_routes => \&_before_routes); - $app->helper(block_ip => \&_block_ip); - $app->helper(unblock_ip => \&_unblock_ip); + $app->hook( before_routes => \&_before_routes ); + $app->helper( block_ip => \&_block_ip ); + $app->helper( unblock_ip => \&_unblock_ip ); } sub _block_ip { - my ($class, $ip) = @_; - $MEMCACHED->set("block_ip:$ip" => 1, BLOCK_TIMEOUT) if $MEMCACHED; + my ( $class, $ip ) = @_; + $MEMCACHED->set( "block_ip:$ip" => 1, BLOCK_TIMEOUT ) if $MEMCACHED; } sub _unblock_ip { - my ($class, $ip) = @_; + my ( $class, $ip ) = @_; $MEMCACHED->delete("block_ip:$ip") if $MEMCACHED; } sub _before_routes { - my ( $c ) = @_; + my ($c) = @_; return if $c->stash->{'mojo.static'}; my $ip = $c->tx->remote_address; - if ($MEMCACHED && $MEMCACHED->get("block_ip:$ip")) { + if ( $MEMCACHED && $MEMCACHED->get("block_ip:$ip") ) { $c->block_ip($ip); $c->res->code(429); - $c->res->message("Too Many Requests"); - $c->res->body("Too Many Requests"); + $c->res->message('Too Many Requests'); + $c->res->body('Too Many Requests'); $c->finish; } } diff --git a/Bugzilla/Quantum/Plugin/Glue.pm b/Bugzilla/Quantum/Plugin/Glue.pm index 54a360003..ea21429bd 100644 --- a/Bugzilla/Quantum/Plugin/Glue.pm +++ b/Bugzilla/Quantum/Plugin/Glue.pm @@ -11,7 +11,6 @@ use Mojo::Base 'Mojolicious::Plugin'; use Try::Tiny; use Bugzilla::Constants; -use Bugzilla::Quantum::Template; use Bugzilla::Logging; use Bugzilla::RNG (); use JSON::MaybeXS qw(decode_json); @@ -20,10 +19,10 @@ sub register { my ( $self, $app, $conf ) = @_; my %D; - if ($ENV{BUGZILLA_HTTPD_ARGS}) { - my $args = decode_json($ENV{BUGZILLA_HTTPD_ARGS}); + if ( $ENV{BUGZILLA_HTTPD_ARGS} ) { + my $args = decode_json( $ENV{BUGZILLA_HTTPD_ARGS} ); foreach my $arg (@$args) { - if ($arg =~ /^-D(\w+)$/) { + if ( $arg =~ /^-D(\w+)$/ ) { $D{$1} = 1; } else { @@ -35,6 +34,7 @@ sub register { # hypnotoad is weird and doesn't look for MOJO_LISTEN itself. $app->config( hypnotoad => { + proxy => 1, listen => [ $ENV{MOJO_LISTEN} ], }, ); @@ -49,30 +49,32 @@ sub register { sub { Bugzilla::RNG::srand(); srand(); - eval { Bugzilla->dbh->ping }; + try { Bugzilla->dbh->ping }; } ); $app->hook( before_dispatch => sub { my ($c) = @_; - if ($D{HTTPD_IN_SUBDIR}) { + if ( $D{HTTPD_IN_SUBDIR} ) { my $path = $c->req->url->path; - $path =~ s{^/bmo}{}s; - $c->req->url->path($path); + if ( $path =~ s{^/bmo}{}s ) { + $c->stash->{bmo_prefix} = 1; + $c->req->url->path($path); + } } - Log::Log4perl::MDC->put(request_id => $c->req->request_id); + Log::Log4perl::MDC->put( request_id => $c->req->request_id ); } ); Bugzilla::Extension->load_all(); - if ($app->mode ne 'development') { + if ( $app->mode ne 'development' ) { Bugzilla->preload_features(); - DEBUG("preloading templates"); + DEBUG('preloading templates'); Bugzilla->preload_templates(); - DEBUG("done preloading templates"); + DEBUG('done preloading templates'); } - $app->secrets([Bugzilla->localconfig->{side_wide_secret}]); + $app->secrets( [ Bugzilla->localconfig->{side_wide_secret} ] ); $app->renderer->add_handler( 'bugzilla' => sub { @@ -90,23 +92,16 @@ sub register { # The controller $vars->{c} = $c; my $name = $options->{template}; - unless ($name =~ /\./) { + unless ( $name =~ /\./ ) { $name = sprintf '%s.%s.tmpl', $options->{template}, $options->{format}; } my $template = Bugzilla->template; $template->process( $name, $vars, $output ) - or die $template->error; + or die $template->error; } ); - $app->log( - MojoX::Log::Log4perl::Tiny->new( - logger => Log::Log4perl->get_logger(ref $app) - ) - ); + $app->log( MojoX::Log::Log4perl::Tiny->new( logger => Log::Log4perl->get_logger( ref $app ) ) ); } - - - 1; |