mirror of
https://github.com/grocy/grocy.git
synced 2025-08-14 01:37:22 +00:00
Refactor Authentication and add proxy-authentication (#921)
* Refactor Authentication-Middlewares * Add Proxy-Authentication * Disable "Logout" & "Manage Users" when using ProxyAuth * Review Co-authored-by: Bernd Bestel <bernd@berrnd.de>
This commit is contained in:
fipwmaqzufheoxq92ebc
committed by
GitHub
GitHub
parent
5b475d9307
commit
d60d981fd1
@@ -1,73 +1,38 @@
|
||||
<?php
|
||||
|
||||
|
||||
namespace Grocy\Middleware;
|
||||
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
|
||||
use Psr\Http\Message\ResponseFactoryInterface;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Slim\Routing\RouteContext;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
use Grocy\Services\SessionService;
|
||||
use Grocy\Services\LocalizationService;
|
||||
|
||||
class SessionAuthMiddleware extends BaseMiddleware
|
||||
class SessionAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, string $sessionCookieName, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->SessionCookieName = $sessionCookieName;
|
||||
$this->ResponseFactory = $responseFactory;
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
|
||||
}
|
||||
|
||||
protected $SessionCookieName;
|
||||
protected $ResponseFactory;
|
||||
protected $SessionCookieName;
|
||||
|
||||
public function __invoke(Request $request, RequestHandler $handler): Response
|
||||
{
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$sessionService = SessionService::getInstance();
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
|
||||
if ($routeName === 'root')
|
||||
{
|
||||
$response = $handler->handle($request);
|
||||
}
|
||||
elseif (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
||||
{
|
||||
$user = $sessionService->GetDefaultUser();
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
|
||||
$response = $handler->handle($request);
|
||||
}
|
||||
else
|
||||
{
|
||||
if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
$response = $this->ResponseFactory->createResponse();
|
||||
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($routeName !== 'login')
|
||||
{
|
||||
$user = $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
define('GROCY_USER_ID', $user->id);
|
||||
}
|
||||
else
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
}
|
||||
|
||||
$response = $handler->handle($request);
|
||||
}
|
||||
}
|
||||
|
||||
return $response;
|
||||
}
|
||||
$sessionService = SessionService::getInstance();
|
||||
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user