grocy/middleware/SessionAuthMiddleware.php

<?php

namespace Grocy\Middleware;

use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Psr\Http\Message\ResponseInterface as Response;
use Slim\Routing\RouteContext;

use Grocy\Services\SessionService;
use Grocy\Services\LocalizationService;

class SessionAuthMiddleware extends BaseMiddleware
{
	public function __construct(\DI\Container $container, string $sessionCookieName)
	{
		parent::__construct($container);
		$this->SessionCookieName = $sessionCookieName;
	}

	protected $SessionCookieName;

	public function __invoke(Request $request, RequestHandler $handler): Response
	{
		$routeContext = RouteContext::fromRequest($request);
		$route = $routeContext->getRoute();
		$routeName = $route->getName();
		$sessionService = new SessionService();

		if ($routeName === 'root')
		{
			$response = $handler->handle($request);
		}
		elseif (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
		{
			$user = $sessionService->GetDefaultUser();
			define('GROCY_AUTHENTICATED', true);
			define('GROCY_USER_USERNAME', $user->username);

			$response = $handler->handle($request);
		}
		else
		{
			if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')
			{
				define('GROCY_AUTHENTICATED', false);
				$response = $handler->handle($request);
				$response = $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
			}
			else
			{
				if ($routeName !== 'login')
				{
					$user = $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
					define('GROCY_AUTHENTICATED', true);
					define('GROCY_USER_USERNAME', $user->username);
					define('GROCY_USER_ID', $user->id);
				}
				else
				{
					define('GROCY_AUTHENTICATED', false);
				}

				$response = $handler->handle($request);
			}
		}

		return $response;
	}
}
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`<?php`

			`namespace Grocy\Middleware;`

Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`use Psr\Http\Message\ServerRequestInterface as Request;`
			`use Psr\Http\Server\RequestHandlerInterface as RequestHandler;`
			`use Psr\Http\Message\ResponseInterface as Response;`
			`use Slim\Routing\RouteContext;`

			`use Grocy\Services\SessionService;`
			`use Grocy\Services\LocalizationService;`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
Finalize project reorganization 2018-04-14 11:10:38 +02:00			`class SessionAuthMiddleware extends BaseMiddleware`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`public function __construct(\DI\Container $container, string $sessionCookieName)`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`{`
			`parent::__construct($container);`
			`$this->SessionCookieName = $sessionCookieName;`
			`}`

			`protected $SessionCookieName;`

Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`public function __invoke(Request $request, RequestHandler $handler): Response`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`$routeContext = RouteContext::fromRequest($request);`
			`$route = $routeContext->getRoute();`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`$routeName = $route->getName();`
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`$sessionService = new SessionService();`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`if ($routeName === 'root')`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`$response = $handler->handle($request);`
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`}`
Handle demo mode via a setting instead of checking the existence of a file (closes #484) 2020-01-05 09:11:11 +01:00			`elseif (GROCY_MODE === 'dev' \|\| GROCY_MODE === 'demo' \|\| GROCY_MODE === 'prerelease' \|\| GROCY_IS_EMBEDDED_INSTALL \|\| GROCY_DISABLE_AUTH)`
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`{`
			`$user = $sessionService->GetDefaultUser();`
			`define('GROCY_AUTHENTICATED', true);`
			`define('GROCY_USER_USERNAME', $user->username);`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00
Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`$response = $handler->handle($request);`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`
			`else`
			`{`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`if ((!isset($_COOKIE[$this->SessionCookieName]) \|\| !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`{`
Prefix all global vars 2018-07-24 19:41:35 +02:00			`define('GROCY_AUTHENTICATED', false);`
Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`$response = $handler->handle($request);`
			`$response = $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`}`
			`else`
			`{`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00			`if ($routeName !== 'login')`
			`{`
			`$user = $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);`
Prefix all global vars 2018-07-24 19:41:35 +02:00			`define('GROCY_AUTHENTICATED', true);`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00			`define('GROCY_USER_USERNAME', $user->username);`
			`define('GROCY_USER_ID', $user->id);`
			`}`
			`else`
			`{`
Prefix all global vars 2018-07-24 19:41:35 +02:00			`define('GROCY_AUTHENTICATED', false);`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00			`}`

Upgrade Slim Framework to v4 (closes #561) 2020-02-11 17:42:03 +01:00			`$response = $handler->handle($request);`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`}`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`

			`return $response;`
			`}`
			`}`