Docs
This commit is contained in:
@@ -8,8 +8,20 @@ use Pecee\Http\Request;
|
||||
use Khofmann\Models\User\User;
|
||||
use Khofmann\Response\Response;
|
||||
|
||||
/**
|
||||
* Middleware for admin authenticated routes
|
||||
*/
|
||||
class AdminAuth implements IMiddleware
|
||||
{
|
||||
/**
|
||||
* Request handler
|
||||
*
|
||||
* Returns 401 if `token`is missing, no user is found with the `token`or user is not admin.
|
||||
*
|
||||
* Keeps session fresh if request is authenticated.
|
||||
*
|
||||
* @param Request $request Incoming request
|
||||
*/
|
||||
public function handle(Request $request): void
|
||||
{
|
||||
$token = $request->getHeader("token");
|
||||
@@ -26,7 +38,9 @@ class AdminAuth implements IMiddleware
|
||||
}
|
||||
|
||||
try {
|
||||
// Get user
|
||||
$user = User::getByToken($token);
|
||||
// Check if user is admin
|
||||
if (!$user->getIsAdmin()) {
|
||||
Response::response()
|
||||
->header("Cache-control: no-cache")
|
||||
|
||||
@@ -8,8 +8,20 @@ use Pecee\Http\Request;
|
||||
use Khofmann\Models\User\User;
|
||||
use Khofmann\Response\Response;
|
||||
|
||||
/**
|
||||
* Middleware for authenticated routes
|
||||
*/
|
||||
class Auth implements IMiddleware
|
||||
{
|
||||
/**
|
||||
* Request handler
|
||||
*
|
||||
* Returns 401 if `token`is missing, or no user is found with the `token`.
|
||||
*
|
||||
* Keeps session fresh if request is authenticated.
|
||||
*
|
||||
* @param Request $request Incoming request
|
||||
*/
|
||||
public function handle(Request $request): void
|
||||
{
|
||||
$token = $request->getHeader("token");
|
||||
@@ -26,6 +38,7 @@ class Auth implements IMiddleware
|
||||
}
|
||||
|
||||
try {
|
||||
// Get user
|
||||
$user = User::getByToken($token);
|
||||
|
||||
// Keep fresh
|
||||
|
||||
@@ -8,18 +8,31 @@ use Pecee\Http\Request;
|
||||
use Khofmann\Models\User\User;
|
||||
use Khofmann\Response\Response;
|
||||
|
||||
/**
|
||||
* Middleware for optional authenticated routes
|
||||
*/
|
||||
class OptAuth implements IMiddleware
|
||||
{
|
||||
/**
|
||||
* Request handler
|
||||
*
|
||||
* Returns 401 if no user is found with the `token`.
|
||||
*
|
||||
* Keeps session fresh if request is authenticated.
|
||||
*
|
||||
* @param Request $request Incoming request
|
||||
*/
|
||||
public function handle(Request $request): void
|
||||
{
|
||||
$token = $request->getHeader("token");
|
||||
|
||||
// No token
|
||||
// No token, since authentication is optional, pass
|
||||
if ($token === null) {
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
// Get user
|
||||
$user = User::getByToken($token);
|
||||
|
||||
// Keep fresh
|
||||
|
||||
Reference in New Issue
Block a user