mirror of
https://github.com/grocy/grocy.git
synced 2025-08-15 10:14:39 +00:00
Allow API keys in ReverseProxyAuthMiddleware (closes #1216)
This commit is contained in:
@@ -10,25 +10,30 @@ class ReverseProxyAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function authenticate(Request $request)
|
||||
{
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
||||
}
|
||||
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
// API key authentication is also ok
|
||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
if ($user !== null)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
|
||||
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
|
||||
|
||||
if (count($username) !== 1)
|
||||
{
|
||||
// Invalid configuration of Proxy
|
||||
throw new \Exception('ReverseProxyAuthMiddleware: Invalid username from proxy: ' . var_dump($username));
|
||||
}
|
||||
|
||||
$username = $username[0];
|
||||
|
||||
$user = $db->users()->where('username', $username)->fetch();
|
||||
|
||||
if ($user == null)
|
||||
{
|
||||
$user = UsersService::getInstance()->CreateUser($username, '', '', '');
|
||||
|
Reference in New Issue
Block a user