implement form tokens

4 months ago · be100a1420
7 changed files with 158 additions and 8 deletions
--- a/src/Controller/ModuleController.php
+++ b/src/Controller/ModuleController.php
@ -129,18 +129,28 @@ class ModuleController extends AbstractController
				@@ -129,18 +129,28 @@ class ModuleController extends AbstractController
        Request $request
    ): Response
    {
+        // Connect memcached
+        $memcached = new \Memcached();
+        $memcached->addServer(
+            $this->getParameter('app.memcached.host'),
+            $this->getParameter('app.memcached.port')
+        );
+
+        // Create token
+        $token = crc32(
+            microtime(true) + rand()
+        );
+
+        $memcached->add(
+            $token,
+            time()
+        );
+
        // Check user session exist
        $username = false;

        if (!empty($request->cookies->get('KEVACHAT_SESSION')) && preg_match('/[A-z0-9]{32}/', $request->cookies->get('KEVACHAT_SESSION')))
        {
-            // Connect memcached
-            $memcached = new \Memcached();
-            $memcached->addServer(
-                $this->getParameter('app.memcached.host'),
-                $this->getParameter('app.memcached.port')
-            );
-
            // Check username exist for this session
            if ($value = $memcached->get($request->cookies->get('KEVACHAT_SESSION')))
            {
@ -203,6 +213,7 @@ class ModuleController extends AbstractController
				@@ -203,6 +213,7 @@ class ModuleController extends AbstractController
                'error'     => $request->get('error'),
                'warning'   => $request->get('warning'),
                'sign'      => $sign,
+                'token'     => $token,
                'message'   => $message,
                'username'  => $username,
                'cost'      => $this->getParameter('app.add.post.cost.kva'),
@ -223,10 +234,28 @@ class ModuleController extends AbstractController
				@@ -223,10 +234,28 @@ class ModuleController extends AbstractController
        Request $request
    ): Response
    {
+        // Connect memcached
+        $memcached = new \Memcached();
+        $memcached->addServer(
+            $this->getParameter('app.memcached.host'),
+            $this->getParameter('app.memcached.port')
+        );
+
+        // Create token
+        $token = crc32(
+            microtime(true) + rand()
+        );
+
+        $memcached->add(
+            $token,
+            time()
+        );
+
        return $this->render(
            'default/module/room.html.twig',
            [
                'request' => $request,
+                'token'   => $token,
                'cost'    => $this->getParameter('app.add.room.cost.kva')
            ]
        );
--- a/src/Controller/RoomController.php
+++ b/src/Controller/RoomController.php
@ -442,6 +442,29 @@ class RoomController extends AbstractController
				@@ -442,6 +442,29 @@ class RoomController extends AbstractController
        }
        */

+        // Validate form token
+        if ($memcached->get($request->get('token')))
+        {
+            $memcached->delete(
+                $request->get('token')
+            );
+        }
+
+        else
+        {
+            return $this->redirectToRoute(
+                'room_namespace',
+                [
+                    'mode'      => $request->get('mode'),
+                    'namespace' => $request->get('namespace'),
+                    'message'   => $request->get('message'),
+                    'sign'      => $request->get('sign'),
+                    'error'     => $translator->trans('Session token expired'),
+                    '_fragment' => 'latest'
+                ]
+            );
+        }
+
        // Validate access to the room namespace
        if
        (
@ -794,6 +817,26 @@ class RoomController extends AbstractController
				@@ -794,6 +817,26 @@ class RoomController extends AbstractController
            $request->get('name')
        );

+        // Validate form token
+        if ($memcached->get($request->get('token')))
+        {
+            $memcached->delete(
+                $request->get('token')
+            );
+        }
+
+        else
+        {
+            return $this->redirectToRoute(
+                'room_list',
+                [
+                    'mode'  => $request->get('mode'),
+                    'name'  => $name,
+                    'error' => $translator->trans('Session token expired')
+                ]
+            );
+        }
+
        // Validate kevacoin key requirements
        if (mb_strlen($name) < 1 || mb_strlen($name) > 520)
        {
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@ -159,6 +159,23 @@ class UserController extends AbstractController
				@@ -159,6 +159,23 @@ class UserController extends AbstractController
        ?Request $request
    ): Response
    {
+        // Connect memcached
+        $memcached = new \Memcached();
+        $memcached->addServer(
+            $this->getParameter('app.memcached.host'),
+            $this->getParameter('app.memcached.port')
+        );
+
+        // Create token
+        $token = crc32(
+            microtime(true) + rand()
+        );
+
+        $memcached->add(
+            $token,
+            time()
+        );
+
        // Check user session does not exist to continue
        if (!empty($request->cookies->get('KEVACHAT_SESSION')))
        {
@ -172,6 +189,7 @@ class UserController extends AbstractController
				@@ -172,6 +189,7 @@ class UserController extends AbstractController
            'default/user/join.html.twig',
            [
                'request' => $request,
+                'token'   => $token,
                'cost'    => $this->getParameter('app.add.user.cost.kva')
            ]
        );
@ -189,6 +207,23 @@ class UserController extends AbstractController
				@@ -189,6 +207,23 @@ class UserController extends AbstractController
        ?Request $request
    ): Response
    {
+        // Connect memcached
+        $memcached = new \Memcached();
+        $memcached->addServer(
+            $this->getParameter('app.memcached.host'),
+            $this->getParameter('app.memcached.port')
+        );
+
+        // Create token
+        $token = crc32(
+            microtime(true) + rand()
+        );
+
+        $memcached->add(
+            $token,
+            time()
+        );
+
        // Check user session does not exist to continue
        if (!empty($request->cookies->get('KEVACHAT_SESSION')))
        {
@ -201,7 +236,8 @@ class UserController extends AbstractController
				@@ -201,7 +236,8 @@ class UserController extends AbstractController
        return $this->render(
            'default/user/login.html.twig',
            [
-                'request' => $request
+                'request' => $request,
+                'token'   => $token
            ]
        );
    }
@ -298,6 +334,25 @@ class UserController extends AbstractController
				@@ -298,6 +334,25 @@ class UserController extends AbstractController
            ),
        );

+        // Validate form token
+        if ($memcached->get($request->get('token')))
+        {
+            $memcached->delete(
+                $request->get('token')
+            );
+        }
+
+        else
+        {
+            return $this->redirectToRoute(
+                'user_add',
+                [
+                    'username' => $request->get('username'),
+                    'error'    => $translator->trans('Session token expired')
+                ]
+            );
+        }
+
        // Validate remote IP limits
        if ($delay = (int) $memcached->get($memory))
        {
@ -629,6 +684,25 @@ class UserController extends AbstractController
				@@ -629,6 +684,25 @@ class UserController extends AbstractController
            $this->getParameter('app.memcached.port')
        );

+        // Validate form token
+        if ($memcached->get($request->get('token')))
+        {
+            $memcached->delete(
+                $request->get('token')
+            );
+        }
+
+        else
+        {
+            return $this->redirectToRoute(
+                'user_login',
+                [
+                    'username' => $request->get('username'),
+                    'error'    => $translator->trans('Session token expired')
+                ]
+            );
+        }
+
        // Check client connection
        if (!$client = $this->_client())
        {
--- a/templates/default/module/post.html.twig
+++ b/templates/default/module/post.html.twig
@ -34,5 +34,6 @@
				@@ -34,5 +34,6 @@
        {% if cost %}
            <span>{{ 'cost: %s KVA' | format(cost) | trans }}</span>
        {% endif %}
+        <input type="hidden" name="token" value="{{ token }}" />
    </form>
 {% endif %}
--- a/templates/default/module/room.html.twig
+++ b/templates/default/module/room.html.twig
@ -10,4 +10,5 @@
				@@ -10,4 +10,5 @@
    {% if cost %}
        <span>{{ 'cost: %s KVA' | format(cost) | trans }}</span>
    {% endif %}
+    <input type="hidden" name="token" value="{{ token }}" />
 </form>
--- a/templates/default/user/join.html.twig
+++ b/templates/default/user/join.html.twig
@ -19,5 +19,6 @@
				@@ -19,5 +19,6 @@
        {% if cost %}
            <span>{{ 'cost: %s KVA' | format(cost) | trans }}</span>
        {% endif %}
+        <input type="hidden" name="token" value="{{ token }}" />
    </form>
 {% endblock %}
--- a/templates/default/user/login.html.twig
+++ b/templates/default/user/login.html.twig
@ -11,5 +11,6 @@
				@@ -11,5 +11,6 @@
        <input type="password" name="password" id="password" value="" />
        <a href="{{ path('user_join') }}">{{ 'Create account' | trans }}</a>
        <button type="submit">{{ 'login' | trans }}</button>
+        <input type="hidden" name="token" value="{{ token }}" />
    </form>
 {% endblock %}