From c235d4bda46d4adcd71b35e1fa3c8a88ac8eae4f Mon Sep 17 00:00:00 2001 From: Malf Furious Date: Mon, 22 Feb 2016 22:57:23 -0500 Subject: Create a basic flow for the application Root controller This applies the rules for requiring or forbiding the use of SSL/HTTPS and reorganizes the rest of root's handle() function (that is, the check for displaying sysconf, auth, or a placeholder message). --- app/controller/root.control.php | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/app/controller/root.control.php b/app/controller/root.control.php index 2c60faf..5b5dd8f 100644 --- a/app/controller/root.control.php +++ b/app/controller/root.control.php @@ -1,6 +1,7 @@ normalizeArgv($argv); try { - /* First, make sure the system configuration file has been included */ + /* Assert that the system config file exists and has been included */ if (!$this->scrottConfExists()) { $ctrl = new Sysconf(); $ctrl->handle($argv); + return; } - /* TODO */ - /* TODO -- only auth if logged out */ - else if (!$this->getCurrentUser()) + /* Assert we are running over HTTP(S), whichever is desired */ + switch ($_SCROTT['settSSL']) { - $ctrl = new Auth(); - $ctrl->handle($argv); + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + default: + switch (Setting::settSSL()) + { + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + } } - else + /* Assert that a user is logged in */ + if (!$this->getCurrentUser()) { - echo "logged in as:!"; - echo "
";
-                var_dump($this->getCurrentUser());
-                echo "
"; + $ctrl = new Auth(); + $ctrl->handle($argv); + return; } + + /* TODO */ + echo "ALL GOOD!
"; } catch (Exception $e) -- cgit v1.2.3