File size: 1,545 Bytes
e4f4821 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
<?php
namespace Kanboard\Middleware;
use Kanboard\Core\Controller\AccessForbiddenException;
use Kanboard\Core\Controller\BaseMiddleware;
use Kanboard\Core\Security\Role;
/**
* Class AuthenticationMiddleware
*
* @package Kanboard\Middleware
* @author Frederic Guillot
*/
class AuthenticationMiddleware extends BaseMiddleware
{
/**
* Execute middleware
*/
public function execute()
{
if (! $this->authenticationManager->checkCurrentSession()) {
$this->response->redirect($this->helper->url->to('AuthController', 'login'));
return;
}
if (! $this->isPublicAccess()) {
$this->handleAuthentication();
}
$this->next();
}
protected function handleAuthentication()
{
if (! $this->userSession->isLogged() && ! $this->authenticationManager->preAuthentication()) {
$this->nextMiddleware = null;
if ($this->request->isAjax()) {
$this->response->text('Not Authorized', 401);
} else {
session_set('redirectAfterLogin', $this->request->getUri());
$this->response->redirect($this->helper->url->to('AuthController', 'login'));
}
}
}
protected function isPublicAccess()
{
if ($this->applicationAuthorization->isAllowed($this->router->getController(), $this->router->getAction(), Role::APP_PUBLIC)) {
$this->nextMiddleware = null;
return true;
}
return false;
}
}
|