mirror of
				https://github.com/grocy/grocy.git
				synced 2025-10-26 14:07:38 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			101 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			101 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| namespace Grocy\Middleware;
 | |
| 
 | |
| use Grocy\Services\SessionService;
 | |
| use Psr\Http\Message\ResponseFactoryInterface;
 | |
| use Psr\Http\Message\ResponseInterface as Response;
 | |
| use Psr\Http\Message\ServerRequestInterface as Request;
 | |
| use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
 | |
| use Slim\Routing\RouteContext;
 | |
| 
 | |
| abstract class AuthMiddleware extends BaseMiddleware
 | |
| {
 | |
| 	protected $ResponseFactory;
 | |
| 
 | |
| 	public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
 | |
| 	{
 | |
| 		parent::__construct($container);
 | |
| 		$this->ResponseFactory = $responseFactory;
 | |
| 	}
 | |
| 
 | |
| 	public function __invoke(Request $request, RequestHandler $handler): Response
 | |
| 	{
 | |
| 		$routeContext = RouteContext::fromRequest($request);
 | |
| 		$route = $routeContext->getRoute();
 | |
| 		$routeName = $route->getName();
 | |
| 		$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
 | |
| 
 | |
| 		if ($routeName === 'root')
 | |
| 		{
 | |
| 			return $handler->handle($request);
 | |
| 		}
 | |
| 		elseif ($routeName === 'login')
 | |
| 		{
 | |
| 			define('GROCY_AUTHENTICATED', false);
 | |
| 			return $handler->handle($request);
 | |
| 		}
 | |
| 
 | |
| 		if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
 | |
| 		{
 | |
| 			$sessionService = SessionService::getInstance();
 | |
| 			$user = $sessionService->GetDefaultUser();
 | |
| 
 | |
| 			define('GROCY_AUTHENTICATED', true);
 | |
| 			define('GROCY_USER_USERNAME', $user->username);
 | |
| 			define('GROCY_USER_PICTURE_FILE_NAME', $user->picture_file_name);
 | |
| 
 | |
| 			return $handler->handle($request);
 | |
| 		}
 | |
| 		else
 | |
| 		{
 | |
| 			$user = $this->authenticate($request);
 | |
| 
 | |
| 			if ($user === null)
 | |
| 			{
 | |
| 				define('GROCY_AUTHENTICATED', false);
 | |
| 
 | |
| 				$response = $this->ResponseFactory->createResponse();
 | |
| 
 | |
| 				if ($isApiRoute)
 | |
| 				{
 | |
| 					return $response->withStatus(401);
 | |
| 				}
 | |
| 				else
 | |
| 				{
 | |
| 					return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
 | |
| 				}
 | |
| 			}
 | |
| 			else
 | |
| 			{
 | |
| 				define('GROCY_AUTHENTICATED', true);
 | |
| 				define('GROCY_USER_ID', $user->id);
 | |
| 				define('GROCY_USER_USERNAME', $user->username);
 | |
| 				define('GROCY_USER_PICTURE_FILE_NAME', $user->picture_file_name);
 | |
| 
 | |
| 				return $response = $handler->handle($request);
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	protected static function SetSessionCookie($sessionKey)
 | |
| 	{
 | |
| 		// Cookie never expires, session validity is up to SessionService
 | |
| 		setcookie(SessionService::SESSION_COOKIE_NAME, $sessionKey, PHP_INT_SIZE == 4 ? PHP_INT_MAX : PHP_INT_MAX >> 32);
 | |
| 	}
 | |
| 
 | |
| 	/**
 | |
| 	 * @param array $postParams
 | |
| 	 * @return bool True/False if the provided credentials were valid
 | |
| 	 * @throws \Exception Throws an \Exception if an error happened during credentials processing or if this AuthMiddleware doesn't provide credentials processing (e. g. handles this externally)
 | |
| 	 */
 | |
| 	abstract public static function ProcessLogin(array $postParams);
 | |
| 
 | |
| 	/**
 | |
| 	 * @param Request $request
 | |
| 	 * @return mixed|null the user row or null if the request is not authenticated
 | |
| 	 * @throws \Exception Throws an \Exception if config is invalid.
 | |
| 	 */
 | |
| 	abstract protected function authenticate(Request $request);
 | |
| }
 |