2018-04-11 19:49:35 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Grocy\Middleware;
|
|
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
|
|
|
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
|
2020-04-03 17:45:40 +01:00
|
|
|
use Psr\Http\Message\ResponseFactoryInterface;
|
2020-02-11 17:42:03 +01:00
|
|
|
use Psr\Http\Message\ResponseInterface as Response;
|
|
|
|
|
use Slim\Routing\RouteContext;
|
|
|
|
|
|
|
|
|
|
use Grocy\Services\SessionService;
|
|
|
|
|
use Grocy\Services\LocalizationService;
|
2018-04-11 19:49:35 +02:00
|
|
|
|
2018-04-14 11:10:38 +02:00
|
|
|
class SessionAuthMiddleware extends BaseMiddleware
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2020-04-03 17:45:40 +01:00
|
|
|
public function __construct(\DI\Container $container, string $sessionCookieName, ResponseFactoryInterface $responseFactory)
|
2018-04-19 20:44:49 +02:00
|
|
|
{
|
|
|
|
|
parent::__construct($container);
|
|
|
|
|
$this->SessionCookieName = $sessionCookieName;
|
2020-04-03 17:45:40 +01:00
|
|
|
$this->ResponseFactory = $responseFactory;
|
2018-04-19 20:44:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected $SessionCookieName;
|
2020-04-03 17:45:40 +01:00
|
|
|
protected $ResponseFactory;
|
2018-04-19 20:44:49 +02:00
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
public function __invoke(Request $request, RequestHandler $handler): Response
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2020-02-11 17:42:03 +01:00
|
|
|
$routeContext = RouteContext::fromRequest($request);
|
|
|
|
|
$route = $routeContext->getRoute();
|
2018-04-11 19:49:35 +02:00
|
|
|
$routeName = $route->getName();
|
2020-03-01 23:47:47 +07:00
|
|
|
$sessionService = SessionService::getInstance();
|
2018-04-11 19:49:35 +02:00
|
|
|
|
2018-07-25 19:28:15 +02:00
|
|
|
if ($routeName === 'root')
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2020-02-11 17:42:03 +01:00
|
|
|
$response = $handler->handle($request);
|
2018-07-25 19:28:15 +02:00
|
|
|
}
|
2020-01-05 09:11:11 +01:00
|
|
|
elseif (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
2018-07-25 19:28:15 +02:00
|
|
|
{
|
|
|
|
|
$user = $sessionService->GetDefaultUser();
|
|
|
|
|
define('GROCY_AUTHENTICATED', true);
|
|
|
|
|
define('GROCY_USER_USERNAME', $user->username);
|
2018-07-24 19:31:43 +02:00
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
$response = $handler->handle($request);
|
2018-04-11 19:49:35 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2018-04-19 20:44:49 +02:00
|
|
|
if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')
|
2018-04-15 14:49:00 +02:00
|
|
|
{
|
2018-07-24 19:41:35 +02:00
|
|
|
define('GROCY_AUTHENTICATED', false);
|
2020-04-03 18:55:48 +02:00
|
|
|
$response = $this->ResponseFactory->createResponse();
|
2020-04-03 17:45:40 +01:00
|
|
|
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
2018-04-15 14:49:00 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2018-07-24 19:31:43 +02:00
|
|
|
if ($routeName !== 'login')
|
|
|
|
|
{
|
|
|
|
|
$user = $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
2018-07-24 19:41:35 +02:00
|
|
|
define('GROCY_AUTHENTICATED', true);
|
2018-07-24 19:31:43 +02:00
|
|
|
define('GROCY_USER_USERNAME', $user->username);
|
|
|
|
|
define('GROCY_USER_ID', $user->id);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2018-07-24 19:41:35 +02:00
|
|
|
define('GROCY_AUTHENTICATED', false);
|
2018-07-24 19:31:43 +02:00
|
|
|
}
|
|
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
$response = $handler->handle($request);
|
2018-04-15 14:49:00 +02:00
|
|
|
}
|
2018-04-11 19:49:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
}
|
