From ce26bf1d5aa0aef44d58fea311008f419a2a6685 Mon Sep 17 00:00:00 2001
From: Paragon Initiative Enterprises <security@paragonie.com>
Date: Tue, 28 Jun 2016 00:46:15 -0400
Subject: [PATCH] Installer: Enable Cabins by default

---
 CHANGELOG.md                         |  5 +++
 src/Cabin/Hull/Landing/IndexPage.php |  2 +-
 src/Installer/Install.php            |  4 +++
 src/Installer/skins/cabins.twig      | 54 ++++++++++++++++++++++++----
 4 files changed, 57 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 682ef87..a52dbee 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## Version 1.0.2 - 2016-06-28
+
+  * Fixed a default configuration issue which caused Cabins to be disabled.
+  * Improved the UX of the Installer. Populate more default settings.
+
 ## Version 1.0.1 - 2016-06-27
 
   * Fixed a syntax error that snuck into our installer SQL code.
diff --git a/src/Cabin/Hull/Landing/IndexPage.php b/src/Cabin/Hull/Landing/IndexPage.php
index 09511aa..5fb1b05 100755
--- a/src/Cabin/Hull/Landing/IndexPage.php
+++ b/src/Cabin/Hull/Landing/IndexPage.php
@@ -35,7 +35,7 @@ public function index()
         }
 
         $blogRoll = $this->blog->recentFullPosts(
-            $this->config('homepage.blog-posts') ?? 5
+            (int) ($this->config('homepage.blog-posts') ?? 5)
         );
         $mathJAX = false;
         foreach ($blogRoll as $i => $blog) {
diff --git a/src/Installer/Install.php b/src/Installer/Install.php
index 38aae71..151420e 100755
--- a/src/Installer/Install.php
+++ b/src/Installer/Install.php
@@ -8,6 +8,7 @@
 };
 use \Airship\Engine\Security\CSRF;
 use \GuzzleHttp\Client;
+use ParagonIE\ConstantTime\Base64UrlSafe;
 use \ParagonIE\Halite\Password;
 use \ParagonIE\ConstantTime\Base64;
 
@@ -611,9 +612,11 @@ protected function databaseFinalPgsql()
      */
     protected function finalProcessAdminAccount()
     {
+        $sessionCanary = Base64UrlSafe::encode(\random_bytes(33));
         $this->db->insert('airship_users', [
             'username' => $this->data['admin']['username'],
             'password' => $this->data['admin']['passphrase'],
+            'session_canary' => $sessionCanary,
             'uniqueid' => \Airship\uniqueId()
         ]);
         
@@ -632,6 +635,7 @@ protected function finalProcessAdminAccount()
         
         // Log in as the user
         $_SESSION['userid'] = $userid;
+        $_SESSION['session_canary'] = $sessionCanary;
     }
 
     /**
diff --git a/src/Installer/skins/cabins.twig b/src/Installer/skins/cabins.twig
index 21e7989..11fc7cd 100755
--- a/src/Installer/skins/cabins.twig
+++ b/src/Installer/skins/cabins.twig
@@ -64,14 +64,42 @@
                     "enabled": true,
                     "captcha": true
                 },
+                "editor": {
+                    "default-format": "Markdown"
+                },
                 "file": {
-                    "cache": 900
+                    "cache": 3600
+                },
+                "password-reset": {
+                    "enabled": true,
+                    "logout": true,
+                    "ttl": 30
+                },
+                "recaptcha": {
+                    "secret-key": "",
+                    "site-key": ""
                 },
                 "two-factor": {
+                    "issuer": "",
+                    "label": "",
                     "length": 6,
                     "period": 30
+                },
+                "user-directory": {
+                    "per-page": 20
                 }
             } %}
+            {% set motifs =
+                {
+                    "name": {
+                        "config": {
+                            "display_name": "Airship Classic (You can change this later)",
+                            "name": "airship-classic",
+                            "supplier": "paragonie",
+                        }
+                    }
+                }
+            %}
             {% set twig_vars = {
                 "title": "Airship Blog",
                 "tagline": "Even the sky shall not limit you."
@@ -94,8 +122,14 @@
             <label for="hull_url">
                 Canon URL (for hyperlinks from other Cabins):
             </label>
-            <input id="hull_url" class="pure-input-1" type="text" name="cabin[Hull][canon_url]" value="http://{{ SERVER.HTTP_HOST|e('html_attr') }}" />
-            
+            <input
+                id="hull_url"
+                class="pure-input-1"
+                type="text"
+                name="cabin[Hull][canon_url]"
+                value="http://{{ SERVER.HTTP_HOST|e('html_attr') }}"
+            />
+
             <div>
                 <input id="hull_https" class="inblock" type="checkbox" name="cabin[Hull][https]" value="1" checked="checked" />
                 <label for="hull_https" class="inblock">
@@ -122,18 +156,24 @@
             {% set config_extra = {
                 "blog": {
                     "cachelists": false,
-                    "per_page": "20",
                     "comments": {
+                        "depth_max": 5,
                         "enabled": true,
                         "guests": true,
                         "recaptcha": true
-                    }
+                    },
+                    "per_page": 20
                 },
+                "cache-secret": "",
                 "file": {
-                    "cache": 900
+                    "cache": 3600
                 },
                 "homepage": {
-                    "blog-posts": 5
+                    "blog-posts": 3
+                },
+                "recaptcha": {
+                    "secret-key": "",
+                    "site-key": ""
                 }
             } %}
             {% set twig_vars = {