2019-05-09 18:54:39 +12:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
// Init
|
2019-10-01 17:57:41 +13:00
|
|
|
if (file_exists(__DIR__.'/../vendor/autoload.php')) {
|
|
|
|
|
require_once __DIR__.'/../vendor/autoload.php';
|
2019-08-01 08:35:42 +12:00
|
|
|
}
|
2019-05-09 18:54:39 +12:00
|
|
|
|
|
|
|
|
use Utopia\App;
|
|
|
|
|
use Utopia\Request;
|
|
|
|
|
use Utopia\Response;
|
|
|
|
|
use Auth\Auth;
|
|
|
|
|
use Database\Database;
|
|
|
|
|
use Database\Document;
|
|
|
|
|
use Database\Validator\Authorization;
|
|
|
|
|
use Database\Adapter\MySQL as MySQLAdapter;
|
|
|
|
|
use Database\Adapter\Redis as RedisAdapter;
|
|
|
|
|
use Utopia\Locale\Locale;
|
|
|
|
|
use Utopia\Registry\Registry;
|
2019-08-09 09:49:46 +12:00
|
|
|
use PHPMailer\PHPMailer\PHPMailer;
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
const APP_NAME = 'Appwrite';
|
|
|
|
|
const APP_DOMAIN = 'appwrite.io';
|
|
|
|
|
const APP_EMAIL_TEAM = 'team@'.APP_DOMAIN;
|
|
|
|
|
const APP_EMAIL_SECURITY = 'security@'.APP_DOMAIN;
|
|
|
|
|
const APP_USERAGENT = APP_NAME.'-Server/%s Please report abuse at '.APP_EMAIL_SECURITY;
|
|
|
|
|
const APP_MODE_ADMIN = 'admin';
|
|
|
|
|
const APP_PAGING_LIMIT = 15;
|
2020-02-10 18:54:26 +13:00
|
|
|
const APP_VERSION_STABLE = '0.5.0';
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
$register = new Registry();
|
|
|
|
|
$request = new Request();
|
|
|
|
|
$response = new Response();
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
/*
|
2019-05-09 18:54:39 +12:00
|
|
|
* ENV vars
|
|
|
|
|
*/
|
2019-10-01 17:57:41 +13:00
|
|
|
$env = $request->getServer('_APP_ENV', App::ENV_TYPE_PRODUCTION);
|
|
|
|
|
$domain = $request->getServer('HTTP_HOST', '');
|
2019-11-29 20:35:18 +13:00
|
|
|
$version = $request->getServer('_APP_VERSION', 'UNKNOWN');
|
2020-02-17 00:41:03 +13:00
|
|
|
$providers = include __DIR__.'/../app/config/providers.php'; // OAuth2 providers list
|
2020-01-26 10:32:05 +13:00
|
|
|
$platforms = include __DIR__.'/../app/config/platforms.php';
|
2020-01-06 00:28:54 +13:00
|
|
|
$locales = include __DIR__.'/../app/config/locales.php'; // Locales list
|
|
|
|
|
$collections = include __DIR__.'/../app/config/collections.php'; // Collections list
|
2019-10-01 17:57:41 +13:00
|
|
|
$redisHost = $request->getServer('_APP_REDIS_HOST', '');
|
|
|
|
|
$redisPort = $request->getServer('_APP_REDIS_PORT', '');
|
|
|
|
|
$utopia = new App('Asia/Tel_Aviv', $env);
|
2019-11-22 08:03:02 +13:00
|
|
|
$scheme = $request->getServer('REQUEST_SCHEME', '');
|
|
|
|
|
$port = (string) parse_url($scheme.'://'.$request->getServer('HTTP_HOST', ''), PHP_URL_PORT);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
Resque::setBackend($redisHost.':'.$redisPort);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-11-22 07:28:15 +13:00
|
|
|
define('COOKIE_DOMAIN',
|
|
|
|
|
(
|
|
|
|
|
$request->getServer('HTTP_HOST', null) === 'localhost' ||
|
2019-12-06 06:04:14 +13:00
|
|
|
$request->getServer('HTTP_HOST', null) === 'localhost:'.$port ||
|
|
|
|
|
(filter_var($request->getServer('HTTP_HOST', null), FILTER_VALIDATE_IP) !== false)
|
2019-11-22 07:28:15 +13:00
|
|
|
)
|
2019-11-13 07:42:58 +13:00
|
|
|
? null
|
2019-11-22 08:03:02 +13:00
|
|
|
: '.'.parse_url($scheme.'://'.$request->getServer('HTTP_HOST', ''), PHP_URL_HOST));
|
2020-01-15 09:50:49 +13:00
|
|
|
define('COOKIE_SAMESITE', Response::COOKIE_SAMESITE_NONE);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
/*
|
2019-05-09 18:54:39 +12:00
|
|
|
* Registry
|
|
|
|
|
*/
|
2019-09-30 19:13:40 +13:00
|
|
|
$register->set('db', function () use ($request) { // Register DB connection
|
2019-10-01 17:57:41 +13:00
|
|
|
$dbHost = $request->getServer('_APP_DB_HOST', '');
|
|
|
|
|
$dbUser = $request->getServer('_APP_DB_USER', '');
|
|
|
|
|
$dbPass = $request->getServer('_APP_DB_PASS', '');
|
|
|
|
|
$dbScheme = $request->getServer('_APP_DB_SCHEMA', '');
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-07-10 02:01:08 +12:00
|
|
|
$pdo = new PDO("mysql:host={$dbHost};dbname={$dbScheme};charset=utf8mb4", $dbUser, $dbPass, array(
|
|
|
|
|
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8mb4',
|
2019-10-01 17:57:41 +13:00
|
|
|
PDO::ATTR_TIMEOUT => 5, // Seconds
|
2019-05-09 18:54:39 +12:00
|
|
|
));
|
|
|
|
|
|
|
|
|
|
// Connection settings
|
|
|
|
|
$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); // Return arrays
|
|
|
|
|
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Handle all errors with exceptions
|
|
|
|
|
|
|
|
|
|
return $pdo;
|
|
|
|
|
});
|
2019-09-30 19:13:40 +13:00
|
|
|
$register->set('influxdb', function () use ($request) { // Register DB connection
|
2019-07-30 05:37:25 +12:00
|
|
|
$host = $request->getServer('_APP_INFLUXDB_HOST', '');
|
|
|
|
|
$port = $request->getServer('_APP_INFLUXDB_PORT', '');
|
|
|
|
|
|
2019-09-30 19:13:40 +13:00
|
|
|
if (empty($host) || empty($port)) {
|
2019-10-01 17:57:41 +13:00
|
|
|
return;
|
2019-07-30 05:37:25 +12:00
|
|
|
}
|
2019-05-09 18:54:39 +12:00
|
|
|
|
|
|
|
|
$client = new InfluxDB\Client($host, $port, '', '', false, false, 5);
|
|
|
|
|
|
|
|
|
|
return $client;
|
|
|
|
|
});
|
2019-09-30 19:13:40 +13:00
|
|
|
$register->set('statsd', function () use ($request) { // Register DB connection
|
2019-08-07 19:56:08 +12:00
|
|
|
$host = $request->getServer('_APP_STATSD_HOST', 'telegraf');
|
2019-05-09 18:54:39 +12:00
|
|
|
$port = $request->getServer('_APP_STATSD_PORT', 8125);
|
|
|
|
|
|
|
|
|
|
$connection = new \Domnikl\Statsd\Connection\UdpSocket($host, $port);
|
|
|
|
|
$statsd = new \Domnikl\Statsd\Client($connection);
|
|
|
|
|
|
|
|
|
|
return $statsd;
|
|
|
|
|
});
|
2019-09-30 19:13:40 +13:00
|
|
|
$register->set('cache', function () use ($redisHost, $redisPort) { // Register cache connection
|
2019-05-09 18:54:39 +12:00
|
|
|
$redis = new Redis();
|
|
|
|
|
|
|
|
|
|
$redis->connect($redisHost, $redisPort);
|
2019-10-01 17:57:41 +13:00
|
|
|
|
2019-05-09 18:54:39 +12:00
|
|
|
return $redis;
|
|
|
|
|
});
|
2019-09-30 19:13:40 +13:00
|
|
|
$register->set('smtp', function () use ($request) {
|
2019-08-09 09:49:46 +12:00
|
|
|
$mail = new PHPMailer(true);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-08-09 09:49:46 +12:00
|
|
|
$mail->isSMTP();
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2020-01-12 02:58:02 +13:00
|
|
|
$username = $request->getServer('_APP_SMTP_USERNAME', null);
|
|
|
|
|
$password = $request->getServer('_APP_SMTP_PASSWORD', null);
|
2019-08-09 09:49:46 +12:00
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
$mail->XMailer = 'Appwrite Mailer';
|
|
|
|
|
$mail->Host = $request->getServer('_APP_SMTP_HOST', 'smtp');
|
|
|
|
|
$mail->Port = $request->getServer('_APP_SMTP_PORT', 25);
|
|
|
|
|
$mail->SMTPAuth = (!empty($username) && !empty($password));
|
|
|
|
|
$mail->Username = $username;
|
|
|
|
|
$mail->Password = $password;
|
2020-01-12 02:58:02 +13:00
|
|
|
$mail->SMTPSecure = $request->getServer('_APP_SMTP_SECURE', false);
|
|
|
|
|
$mail->SMTPAutoTLS = false;
|
2019-08-09 09:49:46 +12:00
|
|
|
|
2020-02-12 23:38:31 +13:00
|
|
|
$from = urldecode($request->getServer('_APP_SYSTEM_EMAIL_NAME', APP_NAME.' Server'));
|
2020-02-08 12:41:45 +13:00
|
|
|
$email = $request->getServer('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM);
|
2020-02-08 12:19:13 +13:00
|
|
|
|
|
|
|
|
$mail->setFrom($email, $from);
|
|
|
|
|
$mail->addReplyTo($email, $from);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-08-09 09:49:46 +12:00
|
|
|
$mail->isHTML(true);
|
2019-09-28 13:48:50 +12:00
|
|
|
|
2019-08-09 09:49:46 +12:00
|
|
|
return $mail;
|
2019-05-09 18:54:39 +12:00
|
|
|
});
|
|
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
/*
|
2019-05-09 18:54:39 +12:00
|
|
|
* Localization
|
|
|
|
|
*/
|
|
|
|
|
$locale = $request->getParam('locale', $request->getHeader('X-Appwrite-Locale', null));
|
|
|
|
|
|
|
|
|
|
Locale::$exceptions = false;
|
|
|
|
|
|
2019-10-25 08:20:47 +13:00
|
|
|
Locale::setLanguage('af', include __DIR__.'/config/locales/af.php');
|
|
|
|
|
Locale::setLanguage('ar', include __DIR__.'/config/locales/ar.php');
|
|
|
|
|
Locale::setLanguage('bn', include __DIR__.'/config/locales/bn.php');
|
|
|
|
|
Locale::setLanguage('cat', include __DIR__.'/config/locales/cat.php');
|
|
|
|
|
Locale::setLanguage('cz', include __DIR__.'/config/locales/cz.php');
|
|
|
|
|
Locale::setLanguage('de', include __DIR__.'/config/locales/de.php');
|
|
|
|
|
Locale::setLanguage('en', include __DIR__.'/config/locales/en.php');
|
|
|
|
|
Locale::setLanguage('es', include __DIR__.'/config/locales/es.php');
|
|
|
|
|
Locale::setLanguage('fi', include __DIR__.'/config/locales/fi.php');
|
2019-10-26 18:31:29 +13:00
|
|
|
Locale::setLanguage('fo', include __DIR__.'/config/locales/fo.php');
|
2019-10-25 08:20:47 +13:00
|
|
|
Locale::setLanguage('fr', include __DIR__.'/config/locales/fr.php');
|
|
|
|
|
Locale::setLanguage('gr', include __DIR__.'/config/locales/gr.php');
|
|
|
|
|
Locale::setLanguage('he', include __DIR__.'/config/locales/he.php');
|
|
|
|
|
Locale::setLanguage('hi', include __DIR__.'/config/locales/hi.php');
|
|
|
|
|
Locale::setLanguage('hu', include __DIR__.'/config/locales/hu.php');
|
|
|
|
|
Locale::setLanguage('hy', include __DIR__.'/config/locales/hy.php');
|
|
|
|
|
Locale::setLanguage('id', include __DIR__.'/config/locales/id.php');
|
|
|
|
|
Locale::setLanguage('is', include __DIR__.'/config/locales/is.php');
|
|
|
|
|
Locale::setLanguage('it', include __DIR__.'/config/locales/it.php');
|
2019-11-18 18:05:10 +13:00
|
|
|
Locale::setLanguage('ja', include __DIR__.'/config/locales/ja.php');
|
2019-10-25 08:20:47 +13:00
|
|
|
Locale::setLanguage('jv', include __DIR__.'/config/locales/jv.php');
|
|
|
|
|
Locale::setLanguage('ko', include __DIR__.'/config/locales/ko.php');
|
|
|
|
|
Locale::setLanguage('lt', include __DIR__.'/config/locales/lt.php');
|
|
|
|
|
Locale::setLanguage('ml', include __DIR__.'/config/locales/ml.php');
|
|
|
|
|
Locale::setLanguage('ms', include __DIR__.'/config/locales/ms.php');
|
|
|
|
|
Locale::setLanguage('nl', include __DIR__.'/config/locales/nl.php');
|
|
|
|
|
Locale::setLanguage('no', include __DIR__.'/config/locales/no.php');
|
2019-10-28 08:00:23 +13:00
|
|
|
Locale::setLanguage('ph', include __DIR__.'/config/locales/ph.php');
|
2019-10-25 08:20:47 +13:00
|
|
|
Locale::setLanguage('pl', include __DIR__.'/config/locales/pl.php');
|
2019-11-01 20:55:58 +13:00
|
|
|
Locale::setLanguage('pn', include __DIR__.'/config/locales/pn.php');
|
2019-10-25 08:20:47 +13:00
|
|
|
Locale::setLanguage('pt-br', include __DIR__.'/config/locales/pt-br.php');
|
|
|
|
|
Locale::setLanguage('pt-pt', include __DIR__.'/config/locales/pt-pt.php');
|
|
|
|
|
Locale::setLanguage('ro', include __DIR__.'/config/locales/ro.php');
|
|
|
|
|
Locale::setLanguage('ru', include __DIR__ . '/config/locales/ru.php');
|
|
|
|
|
Locale::setLanguage('si', include __DIR__ . '/config/locales/si.php');
|
|
|
|
|
Locale::setLanguage('sl', include __DIR__ . '/config/locales/sl.php');
|
|
|
|
|
Locale::setLanguage('sq', include __DIR__ . '/config/locales/sq.php');
|
|
|
|
|
Locale::setLanguage('sv', include __DIR__ . '/config/locales/sv.php');
|
|
|
|
|
Locale::setLanguage('ta', include __DIR__ . '/config/locales/ta.php');
|
|
|
|
|
Locale::setLanguage('th', include __DIR__.'/config/locales/th.php');
|
|
|
|
|
Locale::setLanguage('tr', include __DIR__.'/config/locales/tr.php');
|
|
|
|
|
Locale::setLanguage('ua', include __DIR__.'/config/locales/ua.php');
|
|
|
|
|
Locale::setLanguage('vi', include __DIR__.'/config/locales/vi.php');
|
|
|
|
|
Locale::setLanguage('zh-cn', include __DIR__.'/config/locales/zh-cn.php');
|
|
|
|
|
Locale::setLanguage('zh-tw', include __DIR__.'/config/locales/zh-tw.php');
|
2019-10-03 21:20:00 +13:00
|
|
|
|
2019-10-09 17:33:33 +13:00
|
|
|
Locale::setDefault('en');
|
|
|
|
|
|
2019-10-25 08:17:11 +13:00
|
|
|
if (in_array($locale, $locales)) {
|
2019-05-09 18:54:39 +12:00
|
|
|
Locale::setDefault($locale);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
stream_context_set_default([ // Set global user agent and http settings
|
|
|
|
|
'http' => [
|
|
|
|
|
'method' => 'GET',
|
|
|
|
|
'user_agent' => sprintf(APP_USERAGENT, $version),
|
2019-10-01 17:57:41 +13:00
|
|
|
'timeout' => 2,
|
|
|
|
|
],
|
2019-05-09 18:54:39 +12:00
|
|
|
]);
|
|
|
|
|
|
2019-10-01 17:57:41 +13:00
|
|
|
/*
|
2019-05-09 18:54:39 +12:00
|
|
|
* Auth & Project Scope
|
|
|
|
|
*/
|
|
|
|
|
$consoleDB = new Database();
|
|
|
|
|
$consoleDB->setAdapter(new RedisAdapter(new MySQLAdapter($register), $register));
|
|
|
|
|
$consoleDB->setNamespace('app_console'); // Should be replaced with param if we want to have parent projects
|
2019-09-04 08:37:34 +12:00
|
|
|
$consoleDB->setMocks($collections);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
|
|
|
|
Authorization::disable();
|
|
|
|
|
|
|
|
|
|
$project = $consoleDB->getDocument($request->getParam('project', $request->getHeader('X-Appwrite-Project', null)));
|
|
|
|
|
|
|
|
|
|
Authorization::enable();
|
|
|
|
|
|
|
|
|
|
$console = $consoleDB->getDocument('console');
|
|
|
|
|
|
|
|
|
|
$mode = $request->getParam('mode', $request->getHeader('X-Appwrite-Mode', 'default'));
|
|
|
|
|
|
2020-02-17 20:16:11 +13:00
|
|
|
Auth::setCookieName('a_session_'.$project->getId());
|
2019-05-09 18:54:39 +12:00
|
|
|
|
2019-09-30 19:13:40 +13:00
|
|
|
if (APP_MODE_ADMIN === $mode) {
|
2020-02-17 20:16:11 +13:00
|
|
|
Auth::setCookieName('a_session_'.$console->getId());
|
2019-05-09 18:54:39 +12:00
|
|
|
}
|
|
|
|
|
|
2020-01-15 09:50:49 +13:00
|
|
|
$session = Auth::decodeSession(
|
|
|
|
|
$request->getCookie(Auth::$cookieName, // Get sessions
|
|
|
|
|
$request->getCookie(Auth::$cookieName.'_legacy', // Get fallback session from old clients (no SameSite support)
|
|
|
|
|
$request->getHeader('X-Appwrite-Key', '')))); // Get API Key
|
2019-10-01 17:57:41 +13:00
|
|
|
Auth::$unique = $session['id'];
|
|
|
|
|
Auth::$secret = $session['secret'];
|
2019-05-09 18:54:39 +12:00
|
|
|
|
|
|
|
|
$projectDB = new Database();
|
|
|
|
|
$projectDB->setAdapter(new RedisAdapter(new MySQLAdapter($register), $register));
|
2020-02-17 20:16:11 +13:00
|
|
|
$projectDB->setNamespace('app_'.$project->getId());
|
2019-09-04 08:37:34 +12:00
|
|
|
$projectDB->setMocks($collections);
|
2019-05-09 18:54:39 +12:00
|
|
|
|
|
|
|
|
$user = $projectDB->getDocument(Auth::$unique);
|
|
|
|
|
|
2019-09-30 19:13:40 +13:00
|
|
|
if (APP_MODE_ADMIN === $mode) {
|
2019-05-09 18:54:39 +12:00
|
|
|
$user = $consoleDB->getDocument(Auth::$unique);
|
|
|
|
|
|
|
|
|
|
$user
|
2020-02-17 20:16:11 +13:00
|
|
|
->setAttribute('$id', 'admin-'.$user->getAttribute('$id'))
|
2019-05-09 18:54:39 +12:00
|
|
|
;
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-17 20:16:11 +13:00
|
|
|
if (empty($user->getId()) // Check a document has been found in the DB
|
2019-05-09 18:54:39 +12:00
|
|
|
|| Database::SYSTEM_COLLECTION_USERS !== $user->getCollection() // Validate returned document is really a user document
|
|
|
|
|
|| !Auth::tokenVerify($user->getAttribute('tokens', []), Auth::TOKEN_TYPE_LOGIN, Auth::$secret)) { // Validate user has valid login token
|
2020-02-17 20:16:11 +13:00
|
|
|
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
2019-05-09 18:54:39 +12:00
|
|
|
}
|
|
|
|
|
|
2019-09-30 19:13:40 +13:00
|
|
|
if (APP_MODE_ADMIN === $mode) {
|
|
|
|
|
if (!empty($user->search('teamId', $project->getAttribute('teamId'), $user->getAttribute('memberships')))) {
|
2019-05-09 18:54:39 +12:00
|
|
|
Authorization::disable();
|
2019-09-30 19:13:40 +13:00
|
|
|
} else {
|
2020-02-17 20:16:11 +13:00
|
|
|
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
2019-05-09 18:54:39 +12:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Set project mail
|
2020-02-08 12:41:45 +13:00
|
|
|
$register->get('smtp')
|
|
|
|
|
->setFrom(
|
|
|
|
|
$request->getServer('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM),
|
2020-02-17 20:16:11 +13:00
|
|
|
($project->getId() === 'console')
|
2020-02-12 23:38:31 +13:00
|
|
|
? urldecode($request->getServer('_APP_SYSTEM_EMAIL_NAME', APP_NAME.' Server'))
|
2020-02-10 20:34:02 +13:00
|
|
|
: sprintf(Locale::getText('account.emails.team'), $project->getAttribute('name')
|
2020-02-08 12:41:45 +13:00
|
|
|
)
|
|
|
|
|
);
|
