introduced an option to replace the dynamic login url check with a cu…

…stom RegEx
jvm-tech · Aug 15, 2023 · b3a8c7f · b3a8c7f
1 parent e60c526
commit b3a8c7f
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 1 deletion.
diff --git a/Classes/Middleware/IPAllowListMiddleware.php b/Classes/Middleware/IPAllowListMiddleware.php
@@ -37,7 +37,11 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 return $handler->handle($request);
             }
 
-            preg_match('/^(' . ($this->settings['loginUri'] ?: 'neos') . ')?($|\/)/', $requestUri, $matches);
+            $regex = '/^(' . ($this->settings['loginUri'] ?: 'neos') . ')?($|\/)/';
+            if ($this->settings['loginUriRegex']) {
+                $regex = $this->settings['loginUriRegex'];
+            }
+            preg_match($regex, $requestUri, $matches);
             if ($matches) {
                 $serverParamsIpKeys = Arrays::getValueByPath($this->settings, 'allowedIPs.serverParamsIpKeys');
                 ksort($serverParamsIpKeys);

diff --git a/Configuration/Settings.yaml b/Configuration/Settings.yaml
@@ -2,6 +2,8 @@ JvMTECH:
   NeosHardening:
     loginUri: ''
     # loginUri: 'neos-random-suffix'
+    loginUriRegex: ''
+    # loginUriRegex: '/^(neos)?($|\/)/'
 
     # allowedIPs: []
     allowedIPs:

diff --git a/README.md b/README.md
@@ -22,6 +22,12 @@ composer require jvmtech/neos-hardening
     NeosHardening:
       loginUri: 'neos-random-suffix'
   ```
+- Replace the dynamic login url check with a custom RegEx (not needed if you just replace `loginUri`):
+  ```
+  JvMTECH:
+    NeosHardening:
+      loginUriRegex: '/^(neos)?($|\/)/'
+  ```
 - Limit login interface access to specified ip addresses:
   ```
   JvMTECH: