1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace BrainExe\Core\Middleware; |
4
|
|
|
|
5
|
|
|
use BrainExe\Annotations\Annotations\Inject; |
6
|
|
|
use BrainExe\Core\Annotations\Middleware; |
7
|
|
|
use BrainExe\Core\Application\UserException; |
8
|
|
|
use BrainExe\Core\Authentication\AnonymusUserVO; |
9
|
|
|
use BrainExe\Core\Authentication\Exception\UserNotFoundException; |
10
|
|
|
use BrainExe\Core\Authentication\LoadUser; |
11
|
|
|
use BrainExe\Core\Authentication\Token; |
12
|
|
|
use BrainExe\Core\Authentication\UserVO; |
13
|
|
|
use BrainExe\Core\Translation\TranslationTrait; |
14
|
|
|
use Symfony\Component\HttpFoundation\RedirectResponse; |
15
|
|
|
use Symfony\Component\HttpFoundation\Request; |
16
|
|
|
use Symfony\Component\HttpFoundation\Response; |
17
|
|
|
use Symfony\Component\Routing\Exception\MethodNotAllowedException; |
18
|
|
|
use Symfony\Component\Routing\Route; |
19
|
|
|
|
20
|
|
|
/** |
21
|
|
|
* @Middleware("Middleware.TokenAuthentication") |
22
|
|
|
*/ |
23
|
|
|
class TokenAuthentication extends AbstractMiddleware |
24
|
|
|
{ |
25
|
|
|
use TranslationTrait; |
26
|
|
|
|
27
|
|
|
/** |
28
|
|
|
* @var LoadUser |
29
|
|
|
*/ |
30
|
|
|
private $loadUser; |
31
|
|
|
|
32
|
|
|
/** |
33
|
|
|
* @var Token |
34
|
|
|
*/ |
35
|
|
|
private $token; |
36
|
|
|
|
37
|
|
|
/** |
38
|
|
|
* @Inject({ |
39
|
|
|
* "@Core.Authentication.LoadUser", |
40
|
|
|
* "@Core.Authentication.Token", |
41
|
|
|
* }) |
42
|
|
|
* @param LoadUser $loadUser |
43
|
|
|
* @param Token $token |
44
|
|
|
*/ |
45
|
|
|
public function __construct(LoadUser $loadUser, Token $token) |
46
|
|
|
{ |
47
|
|
|
$this->loadUser = $loadUser; |
48
|
|
|
$this->token = $token; |
49
|
|
|
} |
50
|
|
|
|
51
|
|
|
/** |
52
|
|
|
* {@inheritdoc} |
53
|
|
|
*/ |
54
|
|
|
public function processRequest(Request $request, Route $route) |
55
|
|
|
{ |
56
|
|
|
$token = $request->get('accessToken'); |
57
|
|
|
|
58
|
|
|
if (empty($token)) { |
59
|
|
|
return null; |
60
|
|
|
} |
61
|
|
|
|
62
|
|
|
$userId = $this->token->hasUserForRole($token); |
63
|
|
|
if (empty($userId)) { |
64
|
|
|
return null; |
65
|
|
|
} |
66
|
|
|
|
67
|
|
|
$user = $this->loadUser($userId); |
68
|
|
|
|
69
|
|
|
$request->attributes->set('user', $user); |
70
|
|
|
} |
71
|
|
|
|
72
|
|
|
/** |
73
|
|
|
* @param Route $route |
74
|
|
|
* @param UserVO $user |
75
|
|
|
* @throws MethodNotAllowedException |
76
|
|
|
*/ |
77
|
|
View Code Duplication |
protected function checkForRole(Route $route, UserVO $user) |
|
|
|
|
78
|
|
|
{ |
79
|
|
|
if ($route->hasDefault('_role')) { |
80
|
|
|
$role = $route->getDefault('_role'); |
81
|
|
|
if (!in_array($role, $user->roles)) { |
82
|
|
|
throw new MethodNotAllowedException([], sprintf('Need role %s', $role)); |
83
|
|
|
} |
84
|
|
|
} |
85
|
|
|
} |
86
|
|
|
|
87
|
|
|
/** |
88
|
|
|
* @param int $userId |
89
|
|
|
* @return AnonymusUserVO|UserVO |
90
|
|
|
*/ |
91
|
|
View Code Duplication |
private function loadUser(int $userId) : UserVO |
|
|
|
|
92
|
|
|
{ |
93
|
|
|
if ($userId > 0) { |
94
|
|
|
try { |
95
|
|
|
return $this->loadUser->loadUserById($userId); |
96
|
|
|
} catch (UserNotFoundException $e) { |
97
|
|
|
return new AnonymusUserVO(); |
98
|
|
|
} |
99
|
|
|
} else { |
100
|
|
|
return new AnonymusUserVO(); |
101
|
|
|
} |
102
|
|
|
} |
103
|
|
|
|
104
|
|
|
/** |
105
|
|
|
* @param Request $request |
106
|
|
|
* @return RedirectResponse |
107
|
|
|
* @throws UserException |
108
|
|
|
*/ |
109
|
|
|
private function handleNotAuthenticatedRequest(Request $request) |
|
|
|
|
110
|
|
|
{ |
111
|
|
|
if ($request->isXmlHttpRequest()) { |
112
|
|
|
throw new UserException($this->translate('Not logged in')); |
113
|
|
|
} |
114
|
|
|
|
115
|
|
|
return new RedirectResponse('#/login'); |
116
|
|
|
} |
117
|
|
|
} |
118
|
|
|
|
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.