Refactor Authentication and add proxy-authentication (#921)

* Refactor Authentication-Middlewares * Add Proxy-Authentication * Disable "Logout" & "Manage Users" when using ProxyAuth * Review Co-authored-by: Bernd Bestel <bernd@berrnd.de>
2025-08-13 17:27:23 +00:00 · 2020-08-19 19:23:13 +02:00
parent 5b475d9307
commit d60d981fd1
10 changed files with 247 additions and 150 deletions
--- a/middleware/DefaultAuthMiddleware.php
+++ b/middleware/DefaultAuthMiddleware.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Grocy\Middleware;
+
+use Psr\Http\Message\ServerRequestInterface as Request;
+
+class DefaultAuthMiddleware extends AuthMiddleware
+{
+    protected function authenticate(Request $request)
+    {
+        // First try to authenticate by API key
+        $auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
+        $user = $auth->authenticate($request);
+        if ($user !== null)
+        {
+            return $user;
+        }
+
+        // Then by session cookie
+        $auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
+        $user = $auth->authenticate($request);
+        return $user;
+    }
+}