further finalisation of implementing UniFi API Client version 2.0.X

enforce secure cookies when the tool is accessed via HTTPS
Art-of-WiFi · Nov 28, 2024 · de07fb1 · de07fb1
1 parent ff0d89c
commit de07fb1
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 16 deletions.
diff --git a/ajax/fetch_collection.php b/ajax/fetch_collection.php
@@ -134,6 +134,8 @@
 
         /**
          * Create an instance of the Unifi API client class, log in to the controller and pull the requested data.
+         *
+         * @note the error *messages* are for consumption by the user, not for logging
          */
         try {
             $unifi_connection = new ApiClient(
@@ -152,7 +154,7 @@
         } catch (CurlGeneralErrorException $e) {
             error_log(get_class($e) . ': ' . $e->getMessage());
             $results['state']   = 'error';
-            $results['message'] = 'We have encountered a general cURL error! Response code: ' . $e->getHttpResponseCode();
+            $results['message'] = 'We have encountered a general cURL error: ' . $e->getMessage();
             return;
         } catch (CurlTimeoutException $e) {
             error_log(get_class($e) . ': ' . $e->getMessage());
@@ -189,7 +191,9 @@
 
         /**
          * We then determine which method is required and which parameters to pass.
-         * https://stackoverflow.com/questions/1005857/how-to-call-a-function-from-a-string-stored-in-a-variable
+         *
+         * @see https://stackoverflow.com/questions/1005857/how-to-call-a-function-from-a-string-stored-in-a-variable
+         * @note the error *messages* are for consumption by the user, not for logging
          */
         try {
             if (count($params) === 0) {

diff --git a/ajax/fetch_sites.php b/ajax/fetch_sites.php
@@ -66,6 +66,8 @@
     if (!empty($host) && !empty($port)) {
         /**
          * Create an instance of the Unifi API client class, log in to the controller and pull the requested data.
+         *
+         * @note the error *messages* are for consumption by the user, not for logging
          */
         try {
             $unifi_connection = new UniFi_API\Client(
@@ -82,7 +84,7 @@
             error_log('Exception: ' . get_class($e) . ' - Message: ' . $e->getMessage());
         } catch (CurlGeneralErrorException $e) {
             $results['state']   = 'error';
-            $results['message'] = 'We have encountered a general cURL error! Response code: ' . $e->getHttpResponseCode();
+            $results['message'] = 'We have encountered a general cURL error: ' . $e->getMessage();
             error_log('Exception: ' . get_class($e) . ' - Message: ' . $e->getMessage());
         } catch (CurlTimeoutException $e) {
             $results['state']   = 'error';
@@ -116,6 +118,8 @@
 
         /**
          * We can safely continue.
+         *
+         * @note the error *messages* are for consumption by the user, not for logging
          */
         try {
             $sites_array = $unifi_connection->list_sites();
@@ -175,8 +179,20 @@
             /**
              * Get the first site from the $results array, just to be sure we use a valid site.
              */
-            $switch_site = $unifi_connection->set_site(($results['data'][0]['site_id']));
-            $site_info   = $unifi_connection->stat_sysinfo();
+            try {
+                $switch_site = $unifi_connection->set_site(($results['data'][0]['site_id']));
+                $site_info   = $unifi_connection->stat_sysinfo();
+            } catch (InvalidSiteNameException $e) {
+                $results['state']   = 'error';
+                $results['message'] = 'The site name is invalid!';
+                error_log('Exception: ' . get_class($e) . ' - Message: ' . $e->getMessage());
+                return;
+            } catch (Exception $e) {
+                $results['state']   = 'error';
+                $results['message'] = 'An Exception was thrown:' . $e->getMessage();
+                error_log('Exception: ' . get_class($e) . ' - Message: ' . $e->getMessage());
+                return;
+            }
 
             if (!empty($site_info) && isset($site_info[0]->version)) {
                 $_SESSION['controller']['detected_version'] = $site_info[0]->version;

diff --git a/ajax/show_api_debug.php b/ajax/show_api_debug.php
@@ -72,7 +72,7 @@
                 exit;
             } catch (CurlGeneralErrorException $e) {
                 error_log('DEBUG - CurlGeneralErrorException: ' . $e->getMessage());
-                echo 'General cURL error! Response code: ' . $e->getHttpResponseCode() . PHP_EOL . PHP_EOL;
+                echo 'General cURL error: ' . $e->getMessage() . PHP_EOL . PHP_EOL;
                 exit;
             } catch (CurlTimeoutException $e) {
                 error_log('DEBUG - CurlTimeoutException: ' . $e->getMessage());

diff --git a/composer.json b/composer.json
@@ -1,4 +1,5 @@
 {
+    "type": "project",
     "require": {
         "twig/twig": ">=2.16.1",
         "kint-php/kint": "3.*",

diff --git a/index.php b/index.php
@@ -12,6 +12,13 @@
 use Twig\Error\SyntaxError;
 use Twig\Loader\FilesystemLoader;
 
+/**
+ * If we are using HTTPS, we need to set secure cookies.
+ */
+if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
+    session_set_cookie_params(0, '/', '', true, true);
+}
+
 session_start();
 
 /**

diff --git a/js/custom.js b/js/custom.js
@@ -115,7 +115,7 @@ $('.controller_idx').on('click', function(){
                 }
             },
             error: function(jqXHR, textStatus, errorThrown) {
-                console.log(jqXHR);
+                console.error(jqXHR);
                 controller.idx       = '';
                 controller.full_name = '';
             }
@@ -219,7 +219,7 @@ function switchCSS(new_theme) {
             //
         },
         error: function(jqXHR, textStatus, errorThrown) {
-            console.log(jqXHR);
+            console.error(jqXHR);
         }
     });
 }
@@ -288,13 +288,13 @@ function fetchSites() {
                  */
                 updateAboutModal();
             } else {
-                console.log(json.message);
+                console.error(json.message);
                 $('#site_dropdown > li > div').html('<h5 class="dropdown-header">Error loading sites</h5>');
                 renderGeneralErrorAlert(json.message);
             }
         },
         error: function(jqXHR, textStatus, errorThrown) {
-            console.log(jqXHR);
+            console.error(jqXHR);
 
             unifi_sites = [];
 
@@ -409,12 +409,12 @@ function fetchCollection() {
                  */
                 updateAboutModal();
             } else {
-                console.log(json.message);
+                console.error(json.message);
                 renderGeneralErrorAlert(json.message);
             }
         },
         error: function(jqXHR, textStatus, errorThrown) {
-            console.log(jqXHR);
+            console.error(jqXHR);
         }
     });
 }
@@ -424,15 +424,15 @@ function fetchCollection() {
  */
 function renderGeneralErrorAlert(error_message) {
     /**
-     * hide any existings alerts
+     * hide any existing alerts
      */
     $('.alert_wrapper').addClass('d-none');
 
     /**
      * render the alert
      */
     $('#general_error_alert_wrapper').removeClass('d-none');
-    $('#general_error').html('We encountered the following error: ' + error_message);
+    $('#general_error').html(error_message);
 }
 
 /**
@@ -453,7 +453,7 @@ function updateAboutModal() {
             $('#span_memory_used').html(json.memory_used);
         },
         error: function(jqXHR, textStatus, errorThrown) {
-            console.log(jqXHR);
+            console.error(jqXHR);
         }
     });
 }
@@ -563,7 +563,7 @@ $('#about_modal').on('shown.bs.modal', function (e) {
         error:    function(jqXHR, textStatus, errorThrown) {
             version_update_span.html('error checking updates');
             version_update_span.removeClass('badge-success').addClass('badge-danger');
-            console.log(jqXHR);
+            console.error(jqXHR);
         }
     });
 })