kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-04-29 17:45:39 +00:00
Code Issues Projects Releases Wiki Activity
grocy/middleware/AuthMiddleware.php
fipwmaqzufheoxq92ebc d60d981fd1
Refactor Authentication and add proxy-authentication (#921) 
* Refactor Authentication-Middlewares

* Add Proxy-Authentication

* Disable "Logout" & "Manage Users" when using ProxyAuth

* Review

Co-authored-by: Bernd Bestel <bernd@berrnd.de>
2020-08-19 19:23:13 +02:00

85 lines
2.7 KiB
PHP
Raw Blame History

<?php
namespace Grocy\Middleware;
use Psr\Http\Message\ResponseFactoryInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Slim\Routing\RouteContext;
use Grocy\Services\SessionService;
abstract class AuthMiddleware extends BaseMiddleware
{
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
{
parent::__construct($container);
$this->ResponseFactory = $responseFactory;
}
protected $ResponseFactory;
public function __invoke(Request $request, RequestHandler $handler): Response
{
$routeContext = RouteContext::fromRequest($request);
$route = $routeContext->getRoute();
$routeName = $route->getName();
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
if ($routeName === 'root')
{
return $handler->handle($request);
}
else if ($routeName === 'login')
{
define('GROCY_AUTHENTICATED', false);
return $handler->handle($request);
}
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
{
$sessionService = SessionService::getInstance();
$user = $sessionService->GetDefaultUser();
define('GROCY_AUTHENTICATED', true);
define('GROCY_USER_USERNAME', $user->username);
return $handler->handle($request);
}
else
{
$user = $this->authenticate($request);
if ($user === null)
{
define('GROCY_AUTHENTICATED', false);
$response = $this->ResponseFactory->createResponse();
if ($isApiRoute)
{
return $response->withStatus(401);
}
else
{
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
}
}
else
{
define('GROCY_AUTHENTICATED', true);
define('GROCY_USER_ID', $user->id);
define('GROCY_USER_USERNAME', $user->username);
return $response = $handler->handle($request);
}
}
}
/**
* @param Request $request
* @return mixed|null the user row or null if the request is not authenticated
* @throws \Exception Throws an \Exception if config is invalid.
*/
protected abstract function authenticate(Request $request);
}
Reference in New Issue View Git Blame Copy Permalink