URL generation (front&back) + fixed authJWT for SSR
This commit is contained in:
Julien Nahum
@@ -45,8 +45,8 @@ class SubscriptionController extends Controller
|
||||
$checkout = $checkoutBuilder
|
||||
->collectTaxIds()
|
||||
->checkout([
|
||||
'success_url' => url('/subscriptions/success'),
|
||||
'cancel_url' => url('/subscriptions/error'),
|
||||
'success_url' => front_url('/subscriptions/success'),
|
||||
'cancel_url' => front_url('/subscriptions/error'),
|
||||
'billing_address_collection' => 'required',
|
||||
'customer_update' => [
|
||||
'address' => 'auto',
|
||||
|
||||
@@ -8,6 +8,7 @@ use Tymon\JWTAuth\Exceptions\JWTException;
|
||||
|
||||
class AuthenticateJWT
|
||||
{
|
||||
const API_SERVER_SECRET_HEADER_NAME = 'x-api-secret';
|
||||
|
||||
/**
|
||||
* Verifies the JWT token and validates the IP and User Agent
|
||||
@@ -24,6 +25,13 @@ class AuthenticateJWT
|
||||
|
||||
// Validate IP and User Agent
|
||||
if ($payload) {
|
||||
if ($frontApiSecret = $request->header(self::API_SERVER_SECRET_HEADER_NAME)) {
|
||||
// If it's a trusted SSR request, skip the rest
|
||||
if ($frontApiSecret === config('app.front_api_secret')) {
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
$error = null;
|
||||
if (!\Hash::check($request->ip(), $payload->get('ip'))) {
|
||||
$error = 'Origin IP is invalid';
|
||||
|
||||
@@ -164,14 +164,14 @@ class StoreFormSubmissionJob implements ShouldQueue
|
||||
return null;
|
||||
}
|
||||
|
||||
if(filter_var($value, FILTER_VALIDATE_URL) !== FALSE && str_contains($value, parse_url(config('app.url'))['host'])) { // In case of prefill we have full url so convert to s3
|
||||
if(filter_var($value, FILTER_VALIDATE_URL) !== false && str_contains($value, parse_url(config('app.url'))['host'])) { // In case of prefill we have full url so convert to s3
|
||||
$fileName = basename($value);
|
||||
$path = FormController::ASSETS_UPLOAD_PATH . '/' . $fileName;
|
||||
$newPath = Str::of(PublicFormController::FILE_UPLOAD_PATH)->replace('?', $this->form->id);
|
||||
Storage::move($path, $newPath.'/'.$fileName);
|
||||
return $fileName;
|
||||
}
|
||||
|
||||
|
||||
if($this->isSkipForUpload($value)) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
@@ -157,12 +157,12 @@ class Form extends Model implements CachableAttributes
|
||||
if ($this->custom_domain) {
|
||||
return 'https://' . $this->custom_domain . '/forms/' . $this->slug;
|
||||
}
|
||||
return '/forms/' . $this->slug;
|
||||
return front_url('/forms/' . $this->slug);
|
||||
}
|
||||
|
||||
public function getEditUrlAttribute()
|
||||
{
|
||||
return url('/forms/' . $this->slug . '/show');
|
||||
return front_url('/forms/' . $this->slug . '/show');
|
||||
}
|
||||
|
||||
public function getSubmissionsCountAttribute()
|
||||
|
||||
@@ -48,7 +48,7 @@ class Template extends Model
|
||||
|
||||
public function getShareUrlAttribute()
|
||||
{
|
||||
return url('/form-templates/'.$this->slug);
|
||||
return front_url('/form-templates/'.$this->slug);
|
||||
}
|
||||
|
||||
public function setDescriptionAttribute($value)
|
||||
|
||||
@@ -17,7 +17,7 @@ class ResetPassword extends Notification
|
||||
{
|
||||
return (new MailMessage)
|
||||
->line('You are receiving this email because we received a password reset request for your account.')
|
||||
->action('Reset Password', url('password/reset/'.$this->token).'?email='.urlencode($notifiable->email))
|
||||
->action('Reset Password', front_url('password/reset/'.$this->token).'?email='.urlencode($notifiable->email))
|
||||
->line('If you did not request a password reset, no further action is required.');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,6 +36,6 @@ class FailedPaymentNotification extends Notification implements ShouldQueue
|
||||
->line(__('Please go to OpenForm, click on your name on the top right corner, and click on "Billing".
|
||||
You will then be able to update your card details. To avoid any service disruption, you can reply to this email whenever
|
||||
you updated your card details, and we\'ll manually attempt to charge your card.'))
|
||||
->action(__('Go to OpenForm'), url('/'));
|
||||
->action(__('Go to OpenForm'), front_url('/'));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ class DiscordHandler extends AbstractWebhookHandler
|
||||
$externalLinks[] = '[**🔗 Open Form**](' . $this->form->share_url . ')';
|
||||
}
|
||||
if(Arr::get($settings, 'link_edit_form', true)){
|
||||
$editFormURL = url('forms/' . $this->form->slug . '/show');
|
||||
$editFormURL = front_url('forms/' . $this->form->slug . '/show');
|
||||
$externalLinks[] = '[**✍️ Edit Form**](' . $editFormURL . ')';
|
||||
}
|
||||
if (Arr::get($settings, 'link_edit_submission', true) && $this->form->editable_submissions) {
|
||||
|
||||
@@ -27,7 +27,7 @@ class SlackHandler extends AbstractWebhookHandler
|
||||
$externalLinks[] = '*<' . $this->form->share_url . '|🔗 Open Form>*';
|
||||
}
|
||||
if(Arr::get($settings, 'link_edit_form', true)){
|
||||
$editFormURL = url('forms/' . $this->form->slug . '/show');
|
||||
$editFormURL = front_url('forms/' . $this->form->slug . '/show');
|
||||
$externalLinks[] = '*<' . $editFormURL . '|✍️ Edit Form>*';
|
||||
}
|
||||
if (Arr::get($settings, 'link_edit_submission', true) && $this->form->editable_submissions) {
|
||||
|
||||
11
app/helpers.php
Normal file
11
app/helpers.php
Normal file
@@ -0,0 +1,11 @@
|
||||
<?php
|
||||
|
||||
function front_url($path = '')
|
||||
{
|
||||
$baseUrl = config('app.front_url');
|
||||
if (!$baseUrl) {
|
||||
return $path;
|
||||
}
|
||||
|
||||
return rtrim($baseUrl, '/'). '/' . ltrim($path, '/');
|
||||
}
|
||||
Reference in New Issue
Block a user