Commit 5bbdf9ed authored by John Long's avatar John Long

Authenticate: Extract into separate middlewares for session vs. basic auth

parent 797ead83
Pipeline #48323949 failed with stage
in 29 seconds
......@@ -6,7 +6,7 @@ use Adduc\Stitcher\Client;
use Closure;
use Illuminate\Http\Request;
class Authenticate
class BasicAuthAuthenticate
{
/**
* @property Client
......@@ -24,64 +24,23 @@ class Authenticate
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
* @param string|null $guard
* @param Request $request
* @param Closure $next
* @param string $failure_method
* @return mixed
*/
public function handle(Request $request, Closure $next, $guard = null)
public function handle(Request $request, Closure $next)
{
$logged_in = $this->checkLoggedIn($request) || $this->checkBasicAuth($request);
$logged_in = $this->checkBasicAuth($request);
if (!$logged_in) {
switch ($request->route()[1]['uses']) {
case 'App\Http\Controllers\Controller@feedList':
return redirect('/login');
break;
case 'App\Http\Controllers\Controller@showFeed':
$headers = [
'WWW-Authenticate' => 'Basic realm="Unofficial RSS feeds for Stitcher Premium"'
];
return response('Unauthorized', 401, $headers);
break;
default:
var_dump($request->route()[1]);
exit;
}
}
return $next($request);
}
/**
* @return bool
*/
protected function checkLoggedIn(Request $request)
{
$has_session = $request->cookie(ini_get('session.name'));
if (!$has_session) {
return false;
}
$logged_in = false;
$bypassed_users = explode(",", env('BYPASS_USER_ID')) ?: [];
// Check session for active user
session_start();
if (!empty($_SESSION['user'])) {
$now = new \DateTime();
if ($_SESSION['user']['expiration'] > $now) {
$logged_in = true;
} elseif (in_array($_SESSION['user']['stitcher_id'], $bypassed_users)) {
return true;
} else {
session_destroy();
return false;
}
if ($logged_in) {
return $next($request);
}
return $logged_in;
$headers = [
'WWW-Authenticate' => 'Basic realm="Unofficial RSS feeds for Stitcher Premium"'
];
return response('Unauthorized', 401, $headers);
}
/**
......
<?php
namespace App\Http\Middleware;
use Adduc\Stitcher\Client;
use Closure;
use Illuminate\Http\Request;
class SessionAuthenticate
{
/**
* @property Client
*/
protected $client;
/**
* @param Client $client
*/
public function __construct(Client $client)
{
$this->client = $client;
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
* @param string $failure_method
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$logged_in = $this->checkLoggedIn($request);
if ($logged_in) {
return $next($request);
}
return redirect('/login');
}
/**
* @return bool
*/
protected function checkLoggedIn(Request $request)
{
$has_session = $request->cookie(ini_get('session.name'));
if (!$has_session) {
return false;
}
$logged_in = false;
$bypassed_users = explode(",", env('BYPASS_USER_ID')) ?: [];
// Check session for active user
session_start();
if (!empty($_SESSION['user'])) {
$now = new \DateTime();
if ($_SESSION['user']['expiration'] > $now) {
$logged_in = true;
} elseif (in_array($_SESSION['user']['stitcher_id'], $bypassed_users)) {
return true;
} else {
session_destroy();
return false;
}
}
return $logged_in;
}
}
......@@ -16,9 +16,12 @@ $app->get('/login', 'Controller@login');
$app->post('/login', 'Controller@login');
$app->get('/logout', 'Controller@logout');
$app->group(['middleware' => 'auth'], function () use ($app) {
$app->group(['middleware' => 'auth-session'], function () use ($app) {
$app->get('/shows', 'Controller@search');
$app->post('/shows', 'Controller@search');
});
$app->group(['middleware' => 'auth-basic'], function () use ($app) {
$app->get('/shows/{show_id}/feed', 'Controller@showFeed');
});
......
......@@ -68,7 +68,8 @@ $app->singleton(
// ]);
$app->routeMiddleware([
'auth' => App\Http\Middleware\Authenticate::class,
'auth-basic' => App\Http\Middleware\BasicAuthAuthenticate::class,
'auth-session' => App\Http\Middleware\SessionAuthenticate::class,
]);
/*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment