wip

I have tested this with png and jpeg/jpg which both work but most other image types should work as well.
![image](/attachments/25318577-d48c-4902-93b3-9adbb8b954e7)

Co-authored-by: Jan Klattenhoff <j.klattenhoff@neusta.de>
Reviewed-on: sites/file-explorer#12
Co-authored-by: jank1619 <jan@kjan.email>
Co-committed-by: jank1619 <jan@kjan.email>

.ddev/config.yaml

@@ -7,8 +7,8 @@ xdebug_enabled: false
 additional_hostnames: []
 additional_fqdns: []
 database:
-    type: mariadb
+    type: postgres
-    version: "10.11"
+    version: "17"
 use_dns_when_possible: true
 composer_version: "2"
 web_environment: []

.gitea/workflows/build.yaml

@@ -7,10 +7,10 @@ on:
       - main
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: remote
     steps:
-      - uses: actions/checkout@v4
+      - uses: https://git.simonis.lol/actions/checkout@v4
-      - uses: docker/login-action@v1
+      - uses: https://git.simonis.lol/actions/login@v1
         with:
           registry: git.simonis.lol
           username: ${{ vars.DOCKER_USER }}

assets/controllers/upload_file_controller.js

@@ -2,7 +2,6 @@ import { Controller } from '@hotwired/stimulus';
 
 export default class extends Controller {
     connect() {
-        console.log(this.element);
         this.element.querySelector('input').addEventListener('change', () => {
             this.element.querySelector('button[type="submit"]').click();
         });

composer.json

@@ -7,6 +7,7 @@
         "php": ">=8.2",
         "ext-ctype": "*",
         "ext-iconv": "*",
+        "knpuniversity/oauth2-client-bundle": "^2.18",
         "symfony/apache-pack": "^1.0",
         "symfony/asset-mapper": "^7.1",
         "symfony/console": "7.1.*",
@@ -15,14 +16,17 @@
         "symfony/flex": "^2",
         "symfony/form": "^7.1",
         "symfony/framework-bundle": "7.1.*",
+        "symfony/mime": "7.1.*",
         "symfony/runtime": "7.1.*",
+        "symfony/security-bundle": "7.1.*",
         "symfony/stimulus-bundle": "^2.22",
         "symfony/twig-bundle": "7.1.*",
         "symfony/ux-icons": "^2.22",
         "symfony/yaml": "7.1.*",
         "symfonycasts/tailwind-bundle": "^0.6.1",
         "twig/extra-bundle": "^2.12|^3.0",
-        "twig/twig": "^2.12|^3.0"
+        "twig/twig": "^2.12|^3.0",
+        "ext-fileinfo": "*"
     },
     "config": {
         "allow-plugins": {
@@ -75,6 +79,7 @@
         }
     },
     "require-dev": {
+        "symfony/maker-bundle": "^1.61",
         "symfony/stopwatch": "7.1.*",
         "symfony/web-profiler-bundle": "7.1.*"
     }

config/bundles.php

@@ -8,4 +8,7 @@ return [
     Symfonycasts\TailwindBundle\SymfonycastsTailwindBundle::class => ['all' => true],
     Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true],
     Symfony\Bundle\WebProfilerBundle\WebProfilerBundle::class => ['dev' => true, 'test' => true],
+    KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
+    Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
+    Symfony\Bundle\MakerBundle\MakerBundle::class => ['dev' => true],
 ];

config/packages/knpu_oauth2_client.yaml

@@ -0,0 +1,9 @@
+knpu_oauth2_client:
+    clients:
+        auth:
+            type: generic
+            provider_class: App\Security\UserProvider
+            client_id: '%env(AUTHENTIK_CLIENT_ID)%'
+            client_secret: '%env(AUTHENTIK_CLIENT_SECRET)%'
+            redirect_route: auth_callback
+            redirect_params: {}

config/packages/security.yaml

@@ -0,0 +1,48 @@
+security:
+    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
+    password_hashers:
+        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
+    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
+    providers:
+        # used to reload user from session & other features (e.g. switch_user)
+        app_user_provider:
+            id: App\Security\UserProvider
+
+    firewalls:
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+        main:
+            lazy: true
+            provider: app_user_provider
+            custom_authenticators:
+                - App\Security\Authenticator
+            form_login:
+                login_path: auth_entrypoint
+
+            # activate different ways to authenticate
+            # https://symfony.com/doc/current/security.html#the-firewall
+
+            # https://symfony.com/doc/current/security/impersonating_user.html
+            # switch_user: true
+
+    # Easy way to control access for large sections of your site
+    # Note: Only the *first* access control that matches will be used
+    access_control:
+        # - { path: ^/admin, roles: ROLE_ADMIN }
+        # - { path: ^/profile, roles: ROLE_USER }
+        - { path: ^/auth, roles: PUBLIC_ACCESS }
+        - { path: /, roles: ROLE_USER }
+
+when@test:
+    security:
+        password_hashers:
+            # By default, password hashers are resource intensive and take time. This is
+            # important to generate secure password hashes. In tests however, secure hashes
+            # are not important, waste resources and increase test times. The following
+            # reduces the work factor to the lowest possible values.
+            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
+                algorithm: auto
+                cost: 4 # Lowest possible value for bcrypt
+                time_cost: 3 # Lowest possible value for argon
+                memory_cost: 10 # Lowest possible value for argon

config/routes/security.yaml

@@ -0,0 +1,3 @@
+_security_logout:
+    resource: security.route_loader.logout
+    type: service

src/Controller/AuthenticationController.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace App\Controller;
+
+use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class AuthenticationController extends AbstractController
+{
+    #[Route(path: '/auth/callback', name: 'auth_callback', methods: Request::METHOD_GET)]
+    public function __invoke(ClientRegistry $clientRegistry): Response
+    {
+        dd($clientRegistry->getClient('auth')->fetchUser());
+    }
+
+    #[Route(path: '/auth/sso', name: 'auth_entrypoint', methods: Request::METHOD_GET)]
+    public function entrypoint(ClientRegistry $clientRegistry): Response
+    {
+        return $clientRegistry->getClient('auth')->redirect();
+    }
+}

src/Controller/HomeController.php

@@ -20,6 +20,12 @@ class HomeController extends AbstractController
     )]
     public function __invoke(FileSystemService $fileSystemService, string $dirs): Response
     {
+        if ($fileSystemService->isFile(substr_replace($dirs, '', -1))) {
+            return $this->render('file.html.twig', [
+                'file' => $fileSystemService->getFile((string) substr_replace($dirs, '', -1)),
+            ]);
+        }
+
         return $this->render('home.html.twig', [
             'content' => $fileSystemService->getDirs($dirs),
             'fileForm' => $this->createForm(UploadFileForm::class),

src/Controller/ServeFileController.php

@@ -0,0 +1,28 @@
+<?php declare(strict_types=1);
+
+namespace App\Controller;
+
+use App\Service\FileSystemService;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use Symfony\Component\HttpFoundation\ResponseHeaderBag;
+use Symfony\Component\Routing\Attribute\Route;
+
+class ServeFileController extends AbstractController
+{
+    public function __construct(private FileSystemService $fileSystemService)
+    {
+    }
+
+    #[Route("/serve/{filePath}", name: "serve_file")]
+    public function __invoke(string $filePath): BinaryFileResponse
+    {
+        $file = $this->fileSystemService->getFile($filePath);
+        $path = $file->getPath() . '/' . $file->getName();
+
+        $response = new BinaryFileResponse($path);
+        $response->setContentDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, $file->getName());
+
+        return $response;
+    }
+}

src/Controller/UploadController.php

@@ -23,7 +23,7 @@ class UploadController extends AbstractController
         $form  = $this->createForm(UploadFileForm::class, $fileData)->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
-            $fileSystemService->uploadFile($fileData->file);
+            $fileSystemService->uploadFile($fileData->files);
         }
 
         return $this->redirectToRoute('app_home');

src/Forms/UploadFileForm.php

@@ -17,7 +17,7 @@ class UploadFileForm extends AbstractType
     {
         $builder
             ->setAction($this->urlGenerator->generate('app_upload'))
-            ->add('file', FileType::class, [
+            ->add('files', FileType::class, [
             'attr' => ['class' => 'hidden'],
             'multiple' => true,
         ]);

src/Objects/DirContent.php

@@ -6,22 +6,27 @@ namespace App\Objects;
 
 use SplFileInfo;
 
-class DirContent
+readonly class DirContent
 {
     private function __construct(
-        private readonly string $name,
+        private string $name,
-        private readonly int $size,
+        private int $size,
-        private readonly string $type,
+        private string $type,
-    )
+        private string $path,
-    {
+        private string $content,
+        private string $mimeType,
+    ) {
     }
 
-    public static function make(SplFileInfo $fileInfo): DirContent
+    public static function make(SplFileInfo $fileInfo, string $content = ''): DirContent
     {
         return new self(
             $fileInfo->getBasename(),
             $fileInfo->getSize() ?? 0,
             $fileInfo->getType() ?? 'N/A',
+            $fileInfo->getPath(),
+            $content,
+            mime_content_type($fileInfo->getPath() . '/' . $fileInfo->getFilename()),
         );
     }
 
@@ -44,10 +49,25 @@ class DirContent
         return $this->type;
     }
 
-    private function getHumanReadableSize()
+    public function getPath(): string
+    {
+        return $this->path;
+    }
+
+    public function getContent(): string
+    {
+        return $this->content;
+    }
+
+    public function getMimeType(): string
+    {
+        return $this->mimeType;
+    }
+
+    private function getHumanReadableSize(): string
     {
         $bytes = $this->size;
-        $size = array('B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
+        $size = ['B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'];
         $factor = floor((strlen((string) $bytes) - 1) / 3);
 
         return sprintf("%.1f %s", $bytes / (1024 ** $factor), $size[$factor]);

src/Objects/UploadedFileData.php

@@ -7,7 +7,7 @@ use Symfony\Component\HttpFoundation\File\UploadedFile;
 class UploadedFileData
 {
     /**
-     * @var UploadedFile[] $file
+     * @var UploadedFile[] $files
      */
-    public array $file;
+    public array $files;
 }

src/Security/Authenticator.php

@@ -0,0 +1,43 @@
+<?php
+declare(strict_types=1);
+
+namespace App\Security;
+
+use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
+use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
+
+class Authenticator extends AbstractAuthenticator
+{
+    public function __construct(private ClientRegistry $clientRegistry)
+    {
+    }
+
+    public function supports(Request $request): ?bool
+    {
+        return $request->attributes->get('_route') === 'auth_callback';
+    }
+
+    public function authenticate(Request $request): Passport
+    {
+        dd($this->clientRegistry->getClient('auth')->getAccessToken());
+
+        return new SelfValidatingPassport(new UserBadge(''));
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
+    {
+        return null;
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+    {
+        dd($request );
+    }
+}

src/Security/User.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Security;
+
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class User implements UserInterface
+{
+    private string $email;
+
+    /**
+     * @var string[]
+     */
+    private array $roles = [];
+
+    public function getEmail(): ?string
+    {
+        return $this->email;
+    }
+
+    public function setEmail(string $email): static
+    {
+        $this->email = $email;
+
+        return $this;
+    }
+
+    public function getUserIdentifier(): string
+    {
+        return $this->email;
+    }
+
+    public function getRoles(): array
+    {
+        $roles = $this->roles;
+        $roles[] = 'ROLE_USER';
+
+        return array_unique($roles);
+    }
+
+    public function setRoles(array $roles): static
+    {
+        $this->roles = $roles;
+
+        return $this;
+    }
+
+    public function eraseCredentials(): void
+    {
+    }
+}

src/Security/UserProvider.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Security;
+
+use League\OAuth2\Client\Provider\AbstractProvider;
+use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
+use League\OAuth2\Client\Token\AccessToken;
+use Psr\Http\Message\ResponseInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
+
+class UserProvider extends AbstractProvider implements UserProviderInterface
+{
+    public function loadUserByIdentifier($identifier): UserInterface
+    {
+        return new User();
+    }
+
+    public function refreshUser(UserInterface $user): UserInterface
+    {
+        return $user;
+    }
+
+    public function supportsClass(string $class): bool
+    {
+        return User::class === $class || is_subclass_of($class, User::class);
+    }
+
+    public function getBaseAuthorizationUrl(): string
+    {
+        return 'https://oauth.simonis.lol/application/o/authorize/';
+    }
+
+    public function getBaseAccessTokenUrl(array $params): string
+    {
+        return 'https://oauth.simonis.lol/application/o/token/';
+    }
+
+    public function getResourceOwnerDetailsUrl(AccessToken $token): string
+    {
+        return 'https://oauth.simonis.lol/application/o/userinfo/';
+    }
+
+    protected function getDefaultScopes(): array
+    {
+        return ['profile', 'email', 'openid'];
+    }
+
+    protected function checkResponse(ResponseInterface $response, $data): void
+    {
+        if (isset($data['error'])) {
+            throw new IdentityProviderException($data['error'], $response->getStatusCode(), $response);
+        }
+    }
+
+    protected function createResourceOwner(array $response, AccessToken $token)
+    {
+        dd($response);
+    }
+}

src/Service/FileSystemService.php

@@ -4,6 +4,7 @@ namespace App\Service;
 
 use App\Objects\DirContent;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
+use Symfony\Component\Filesystem\Exception\IOException;
 use Symfony\Component\Filesystem\Filesystem;
 use Symfony\Component\Finder\Finder;
 use Symfony\Component\HttpFoundation\File\UploadedFile;
@@ -23,7 +24,7 @@ class FileSystemService
     public function getDirs(string $dirs): array
     {
         $finder = new Finder();
-        $finder->in($this->dir . '/' . $dirs);
+        $finder->in($this->getTotalPath($dirs));
 
         $contents = [];
 
@@ -40,7 +41,40 @@ class FileSystemService
     public function uploadFile(array $files): void
     {
         foreach ($files as $file) {
-            $this->filesystem->dumpFile($this->dir . '/' . $file->getClientOriginalName(), $file->getContent());
+            $this->filesystem->dumpFile($this->getTotalPath($file->getClientOriginalName()), $file->getContent());
         }
     }
+
+    public function isFile(string $dirs): bool
+    {
+        try {
+            $this->filesystem->readFile($this->getTotalPath($dirs));
+        } catch (IOException) {
+            return false;
+        }
+
+        return true;
+    }
+
+    public function getFile(string $filePath): DirContent
+    {
+        $dirs = explode('/', $filePath);
+        $fileName = array_pop($dirs);
+
+        $finder = new Finder();
+        $finder->in($this->getTotalPath(implode('/', $dirs)));
+
+        foreach ($finder as $file) {
+            if ($file->getFilename() === $fileName) {
+                return DirContent::make($file, $this->filesystem->readFile($this->getTotalPath($filePath)));
+            }
+        }
+
+        throw new \RuntimeException('File not found');
+    }
+
+    private function getTotalPath(string $filePath): string
+    {
+        return $this->dir . '/' . $filePath;
+    }
 }

src/Service/Twig/RoutingService.php

@@ -16,7 +16,9 @@ class RoutingService
     {
         $dirsString = $request->attributes->get('dirs', '');
         $dirs = explode('/', $dirsString);
+        if (array_pop($dirs) === '') {
             array_pop($dirs);
+        }
 
         return $this->urlGenerator->generate('app_home', ['dirs' => implode('/', $dirs)]);
     }

symfony.lock

@@ -1,4 +1,16 @@
 {
+    "knpuniversity/oauth2-client-bundle": {
+        "version": "2.18",
+        "recipe": {
+            "repo": "github.com/symfony/recipes-contrib",
+            "branch": "main",
+            "version": "1.20",
+            "ref": "1ff300d8c030f55c99219cc55050b97a695af3f6"
+        },
+        "files": [
+            "config/packages/knpu_oauth2_client.yaml"
+        ]
+    },
     "symfony/apache-pack": {
         "version": "1.0",
         "recipe": {
@@ -69,6 +81,15 @@
             "src/Kernel.php"
         ]
     },
+    "symfony/maker-bundle": {
+        "version": "1.61",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "1.0",
+            "ref": "fadbfe33303a76e25cb63401050439aa9b1a9c7f"
+        }
+    },
     "symfony/routing": {
         "version": "7.1",
         "recipe": {
@@ -82,6 +103,19 @@
             "config/routes.yaml"
         ]
     },
+    "symfony/security-bundle": {
+        "version": "7.1",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "6.4",
+            "ref": "2ae08430db28c8eb4476605894296c82a642028f"
+        },
+        "files": [
+            "config/packages/security.yaml",
+            "config/routes/security.yaml"
+        ]
+    },
     "symfony/stimulus-bundle": {
         "version": "2.22",
         "recipe": {

templates/_partials/_table.html.twig

@@ -27,14 +27,14 @@
 
 {{ form_start(fileForm, {'attr': {'data-controller': 'upload-file'}}) }}
 <div class="flex items-center justify-center max-w-4xl mt-5">
-    <label for="upload_file_form_file"
+    <label for="upload_file_form_files"
            class="flex flex-col items-center justify-center w-full h-64 border-2 border-gray-300 border-dashed rounded-lg cursor-pointer bg-gray-50 dark:hover:bg-gray-800 dark:bg-gray-700 hover:bg-gray-100 dark:border-gray-600 dark:hover:border-gray-500 dark:hover:bg-gray-600">
         <div class="flex flex-col items-center justify-center pt-5 pb-6">
             {{ ux_icon('file:upload', {height: '64px', width: '64px'}) }}
             <p class="mb-2 text-sm text-gray-500 dark:text-gray-400"><span class="font-semibold">Click to upload</span>
                 or drag and drop</p>
         </div>
-        {{ form_widget(fileForm.file) }}
+        {{ form_widget(fileForm.files) }}
         <button type="submit" class="hidden"></button>
     </label>
 </div>

templates/file.html.twig

@@ -0,0 +1,25 @@
+{% extends 'base.html.twig' %}
+
+{% block title %}
+    {{ file.name }}
+{% endblock %}
+
+{% block body %}
+    <div class="max-w-2xl mx-auto my-8 p-6 bg-white shadow-lg rounded-lg border">
+        <a href="{{ routing_service.goBack(app.request) }}" class="inline-flex items-center text-blue-600 hover:text-blue-800 font-medium transition-colors">
+            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="2"
+                 stroke="currentColor" class="w-5 h-5 mr-2">
+                <path stroke-linecap="round" stroke-linejoin="round" d="M15 19l-7-7 7-7"/>
+            </svg>
+            Back
+        </a>
+
+        <div class="mt-6 text-gray-700 overflow-auto max-h-96">
+            {% if file.mimeType starts with 'image' %}
+                <img src="{{ path('serve_file', {filePath: file.name}) }}" alt="">
+            {% else %}
+                <p class="whitespace-pre-wrap leading-relaxed break-all text-balance">{{ file.content|raw }}</p>
+            {% endif %}
+        </div>
+    </div>
+{% endblock %}

templates/home.html.twig

@@ -3,7 +3,7 @@
 {% block title %}Home{% endblock %}
 
 {% block body %}
-    <center class="container mt-5">
+    <center class="container mt-5 mx-auto">
         {% include '_partials/_table.html.twig' %}
     </center>
 {% endblock %}