grocy/middleware/SessionAuthMiddleware.php

<?php

namespace Grocy\Middleware;

use \Grocy\Services\SessionService;

class SessionAuthMiddleware extends BaseMiddleware
{
	public function __construct(\Slim\Container $container, string $sessionCookieName)
	{
		parent::__construct($container);
		$this->SessionCookieName = $sessionCookieName;
	}

	protected $SessionCookieName;

	public function __invoke(\Slim\Http\Request $request, \Slim\Http\Response $response, callable $next)
	{
		$route = $request->getAttribute('route');
		$routeName = $route->getName();

		if ($routeName === 'root' || $this->ApplicationService->IsDemoInstallation() || $this->ApplicationService->IsEmbeddedInstallation())
		{
			define('AUTHENTICATED', $this->ApplicationService->IsDemoInstallation() || $this->ApplicationService->IsEmbeddedInstallation());
			$response = $next($request, $response);
		}
		else
		{
			$sessionService = new SessionService();
			if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')
			{
				define('AUTHENTICATED', false);
				$response = $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login'));
			}
			else
			{
				define('AUTHENTICATED', $routeName !== 'login');
				$response = $next($request, $response);
			}
		}

		return $response;
	}
}
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`<?php`

			`namespace Grocy\Middleware;`

Reorganize project part 3 2018-04-12 21:13:38 +02:00			`use \Grocy\Services\SessionService;`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
Finalize project reorganization 2018-04-14 11:10:38 +02:00			`class SessionAuthMiddleware extends BaseMiddleware`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`public function __construct(\Slim\Container $container, string $sessionCookieName)`
			`{`
			`parent::__construct($container);`
			`$this->SessionCookieName = $sessionCookieName;`
			`}`

			`protected $SessionCookieName;`

Reorganize project part 2 2018-04-11 19:49:35 +02:00			`public function __invoke(\Slim\Http\Request $request, \Slim\Http\Response $response, callable $next)`
			`{`
			`$route = $request->getAttribute('route');`
			`$routeName = $route->getName();`

Prepare for embedded mode 2018-07-16 21:17:32 +02:00			`if ($routeName === 'root' \|\| $this->ApplicationService->IsDemoInstallation() \|\| $this->ApplicationService->IsEmbeddedInstallation())`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Prepare for embedded mode 2018-07-16 21:17:32 +02:00			`define('AUTHENTICATED', $this->ApplicationService->IsDemoInstallation() \|\| $this->ApplicationService->IsEmbeddedInstallation());`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`$response = $next($request, $response);`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`
			`else`
			`{`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`$sessionService = new SessionService();`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`if ((!isset($_COOKIE[$this->SessionCookieName]) \|\| !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`{`
Don't expose username when not logged in 2018-05-12 14:56:51 +02:00			`define('AUTHENTICATED', false);`
Use absolute URLs everywhere, this should fix #3 2018-04-18 19:03:39 +02:00			`$response = $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login'));`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`}`
			`else`
			`{`
Don't expose username when not logged in 2018-05-12 14:56:51 +02:00			`define('AUTHENTICATED', $routeName !== 'login');`
Fix session table missing on start with empty database 2018-04-15 14:49:00 +02:00			`$response = $next($request, $response);`
			`}`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`

			`return $response;`
			`}`
			`}`