AuthenticateSession::handle() - Code Metrics - Inspection of "Adds columns for all FREE fields types" - Laravel-Backpack/CRUD - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — v6 (#4675)

by Pedro

created 2022-12-30 10:17 UTC

AuthenticateSession::handle() B

↳ Parent: AuthenticateSession

Complexity

Conditions	9
Paths	13

Size

Total Lines	25
Code Lines	13

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	1	Features	0

Metric	Value
cc	9
eloc	13
c	1
b	1
f	0
nc	13
nop	2
dl	0
loc	25
rs	8.0555

<?php

namespace Backpack\CRUD\app\Http\Middleware;

use Closure;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Auth\Factory as AuthFactory;
use Illuminate\Session\Middleware\AuthenticateSession as LaravelAuthenticateSession;

class AuthenticateSession extends LaravelAuthenticateSession
{
    /**
     * The authentication factory implementation.
     *
     * @var \Illuminate\Contracts\Auth\Factory
     */
    protected $auth;

    protected $user;

    /**
     * Create a new middleware instance.
     *
     * @param  \Illuminate\Contracts\Auth\Factory  $auth
     * @return void
     */
    public function __construct(AuthFactory $auth)
    {
        $this->auth = $auth;
        $this->user = backpack_user();
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (! $request->hasSession() || ! $this->user) {
            return $next($request);
        }

        if ($this->guard()->viaRemember()) {
            $passwordHash = explode('|', $request->cookies->get($this->guard()->getRecallerName()))[2] ?? null;

            if (! $passwordHash || $passwordHash != $this->user->getAuthPassword()) {
                $this->logout($request);
            }
        }

        if (! $request->session()->has('password_hash_'.backpack_guard_name())) {
            $this->storePasswordHashInSession($request);
        }

        if ($request->session()->get('password_hash_'.backpack_guard_name()) !== $this->user->getAuthPassword()) {
            $this->logout($request);
        }

        return tap($next($request), function () use ($request) {
            if (! is_null($this->guard()->user())) {
                $this->storePasswordHashInSession($request);
            }
        });
    }

    /**
     * Store the user's current password hash in the session.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return void
     */
    protected function storePasswordHashInSession($request)
    {
        if (! $this->user) {
            return;
        }

        $request->session()->put([
            'password_hash_'.backpack_guard_name() => $this->user->getAuthPassword(),
        ]);
    }

    /**
     * Log the user out of the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return void
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    protected function logout($request)
    {
        $this->guard()->logoutCurrentDevice();

        $request->session()->flush();

        \Alert::error('Your password was changed in another browser session. Please login again using the new password.')->flash();
filter:
    dependency_paths: ["lib/*"]

        throw new AuthenticationException('Unauthenticated.', [backpack_guard_name()], backpack_url('login'));
    }

    /**
     * Get the guard instance that should be used by the middleware.
     *
     * @return \Illuminate\Contracts\Auth\Factory|\Illuminate\Contracts\Auth\Guard
     */
    protected function guard()
    {
        return $this->auth;
    }
}


1			<?php
2
3			namespace Backpack\CRUD\app\Http\Middleware;
4
5			use Closure;
6			use Illuminate\Auth\AuthenticationException;
7			use Illuminate\Contracts\Auth\Factory as AuthFactory;
8			use Illuminate\Session\Middleware\AuthenticateSession as LaravelAuthenticateSession;
9
10			class AuthenticateSession extends LaravelAuthenticateSession
11			{
12			/**
13			* The authentication factory implementation.
14			*
15			* @var \Illuminate\Contracts\Auth\Factory
16			*/
17			protected $auth;
18
19			protected $user;
20
21			/**
22			* Create a new middleware instance.
23			*
24			* @param \Illuminate\Contracts\Auth\Factory $auth
25			* @return void
26			*/
27			public function __construct(AuthFactory $auth)
28			{
29			$this->auth = $auth;
30			$this->user = backpack_user();
31			}
32
33			/**
34			* Handle an incoming request.
35			*
36			* @param \Illuminate\Http\Request $request
37			* @param \Closure $next
38			* @return mixed
39			*/
40			public function handle($request, Closure $next)
41			{
42			if (! $request->hasSession() \|\| ! $this->user) {
43			return $next($request);
44			}
45
46			if ($this->guard()->viaRemember()) {
47			$passwordHash = explode('\|', $request->cookies->get($this->guard()->getRecallerName()))[2] ?? null;
48
49			if (! $passwordHash \|\| $passwordHash != $this->user->getAuthPassword()) {
50			$this->logout($request);
51			}
52			}
53
54			if (! $request->session()->has('password_hash_'.backpack_guard_name())) {
55			$this->storePasswordHashInSession($request);
56			}
57
58			if ($request->session()->get('password_hash_'.backpack_guard_name()) !== $this->user->getAuthPassword()) {
59			$this->logout($request);
60			}
61
62			return tap($next($request), function () use ($request) {
63			if (! is_null($this->guard()->user())) {
64			$this->storePasswordHashInSession($request);
65			}
66			});
67			}
68
69			/**
70			* Store the user's current password hash in the session.
71			*
72			* @param \Illuminate\Http\Request $request
73			* @return void
74			*/
75			protected function storePasswordHashInSession($request)
76			{
77			if (! $this->user) {
78			return;
79			}
80
81			$request->session()->put([
82			'password_hash_'.backpack_guard_name() => $this->user->getAuthPassword(),
83			]);
84			}
85
86			/**
87			* Log the user out of the application.
88			*
89			* @param \Illuminate\Http\Request $request
90			* @return void
91			*
92			* @throws \Illuminate\Auth\AuthenticationException
93			*/
94			protected function logout($request)
95			{
96			$this->guard()->logoutCurrentDevice();
97
98			$request->session()->flush();
99
100			\Alert::error('Your password was changed in another browser session. Please login again using the new password.')->flash();
			0 ignored issues – show Bug introduced 2022-11-08 12:00 UTC by Report Bug Copy Issue Report The type `Alert` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
101
102			throw new AuthenticationException('Unauthenticated.', [backpack_guard_name()], backpack_url('login'));
103			}
104
105			/**
106			* Get the guard instance that should be used by the middleware.
107			*
108			* @return \Illuminate\Contracts\Auth\Factory\|\Illuminate\Contracts\Auth\Guard
109			*/
110			protected function guard()
111			{
112			return $this->auth;
113			}
114			}
115

Laravel-Backpack / CRUD

Scrutinizer GitHub App not installed

Pull Request — v6 (#4675)

AuthenticateSession::handle() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like