From a4e7de700769ec2841f3290c9a378ad408bb425d Mon Sep 17 00:00:00 2001 From: Hideyuki MORI Date: Thu, 21 May 2026 21:40:20 +0900 Subject: [PATCH 1/2] =?UTF-8?q?feat(ini):=20LOGOUT=5FURI=20=E3=82=92=20NEN?= =?UTF-8?q?E=5FLOGOUT=5FURI=20=E3=81=A7=20env=20override=20=E5=8F=AF?= =?UTF-8?q?=E8=83=BD=E3=81=AB=E3=81=99=E3=82=8B=20(#277)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ini/xSystemIni.php の const LOGOUT_URI は hard-coded '/' で、protected HTML page を unauth で叩いた時の redirect 先を変更できなかった。 カスタム login page (/auth/login 等) を持つアプリで、unauth visitor が index splash に飛ばされて何のシグナルも出ない UX になっていた (FT5 で実走確認、ini 直書き換えで workaround していた)。 他の NENE_* env var (NENE_PORT, NENE_DB_TYPE 等) と同じ pattern で env override: const LOGOUT_URI = (getenv('NENE_LOGOUT_URI') !== false) ? (string)getenv('NENE_LOGOUT_URI') : '/'; compose.yaml の app environment に NENE_LOGOUT_URI 行追加、 docs/development/docker.md の Environment Variables section に 使用例を追記。default '/' は維持なので既存 deployment は無変更。 Closes #277. Co-Authored-By: Claude Opus 4.7 (1M context) --- compose.yaml | 1 + docs/development/docker.md | 8 ++++++++ ini/xSystemIni.php | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/compose.yaml b/compose.yaml index d26f196..6626c2d 100644 --- a/compose.yaml +++ b/compose.yaml @@ -20,6 +20,7 @@ services: NENE_DB_USER: "${NENE_DB_USER:-nene}" NENE_DB_PASS: "${NENE_DB_PASS:-nene}" NENE_SAMPLE_ADMIN_PASSWORD: "${NENE_SAMPLE_ADMIN_PASSWORD:-admin}" + NENE_LOGOUT_URI: "${NENE_LOGOUT_URI:-/}" ports: - "${NENE_PORT:-8080}:80" volumes: diff --git a/docs/development/docker.md b/docs/development/docker.md index 8cc81de..d065c40 100644 --- a/docs/development/docker.md +++ b/docs/development/docker.md @@ -70,6 +70,14 @@ Use another phpMyAdmin port if needed: NENE_PHPMYADMIN_PORT=8083 docker compose up --build ``` +Override the unauthenticated redirect target if your app has a custom login page: + +```sh +NENE_LOGOUT_URI=/auth/login docker compose up --build +``` + +`LOGOUT_URI` is used by `ControllerBase::sessionCheck()` when an unauthenticated visitor hits an HTML page that requires login. The default `/` sends them to the site root; set this to your login URL (e.g. `/auth/login`) so they land on a useful page instead of the index splash. + ## Session Cookie Settings The app explicitly configures PHP session Cookie attributes before `session_start()`: diff --git a/ini/xSystemIni.php b/ini/xSystemIni.php index 9c5ca52..779d4d0 100644 --- a/ini/xSystemIni.php +++ b/ini/xSystemIni.php @@ -122,7 +122,7 @@ const OWN_DOMAIN = 'localhost'; const URI_ROOT = '/'; const LAYERS_NUM = 0; -const LOGOUT_URI = '/'; +const LOGOUT_URI = (getenv('NENE_LOGOUT_URI') !== false) ? (string)getenv('NENE_LOGOUT_URI') : '/'; /* * Public assets. From ae2b1565236d2dca523b5b3509a7509de55d4b77 Mon Sep 17 00:00:00 2001 From: Hideyuki MORI Date: Thu, 21 May 2026 22:03:40 +0900 Subject: [PATCH 2/2] =?UTF-8?q?fix(ini):=20LOGOUT=5FURI=20=E3=82=92=20defi?= =?UTF-8?q?ne()=20=E3=81=A7=20env=20=E8=A7=A3=E6=B1=BA=E3=81=99=E3=82=8B?= =?UTF-8?q?=20(PHP=20const=20=E3=81=AF=20invalid)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 直前のコミット (#284 初版) で const LOGOUT_URI = (getenv(...) !== false) ? ... : '/'; と書いたが、PHP の const 宣言は constant expression に限定され getenv() 呼び出しは許されないため PHP Fatal error: Constant expression contains invalid operations in ini/xSystemIni.php on line 125 で全リクエストが 500 になる致命バグだった (CI で発覚)。 xSystemIni.php の DB_* / SESSION_* と同じ define() + \$getEnv() helper パターンに揃えて修正。挙動は仕様通り (default '/'、 NENE_LOGOUT_URI で上書き可能)。 Co-Authored-By: Claude Opus 4.7 (1M context) --- ini/xSystemIni.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ini/xSystemIni.php b/ini/xSystemIni.php index 779d4d0..507cf97 100644 --- a/ini/xSystemIni.php +++ b/ini/xSystemIni.php @@ -122,7 +122,7 @@ const OWN_DOMAIN = 'localhost'; const URI_ROOT = '/'; const LAYERS_NUM = 0; -const LOGOUT_URI = (getenv('NENE_LOGOUT_URI') !== false) ? (string)getenv('NENE_LOGOUT_URI') : '/'; +define('LOGOUT_URI', $getEnv('NENE_LOGOUT_URI', '/')); /* * Public assets.