gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-11-28 10:30:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add middleware for basic authentication

Browse Source
This commit is contained in:
Uwe Steinmann 2025-10-24 12:51:10 +02:00
parent d73a89c616
commit 2f668328fa
1 changed files with 77 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
inc/inc.ClassAuthenticationMiddleware.php
View File

@ -63,7 +63,7 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */
return $response; return $response;
} }
$logger->log("Invoke middleware for method " . $request->getMethod() . " on '" . $request->getUri()->getPath() . "'", PEAR_LOG_INFO); $logger->log("Invoke AuthSessionMiddleware for method " . $request->getMethod() . " on '" . $request->getUri()->getPath() . "'", PEAR_LOG_INFO);
require_once("inc/inc.ClassSession.php"); require_once("inc/inc.ClassSession.php");
$session = new SeedDMS_Session($dms->getDb()); $session = new SeedDMS_Session($dms->getDb());
if (isset($_COOKIE["mydms_session"])) { if (isset($_COOKIE["mydms_session"])) {
@ -106,3 +106,79 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */
return $response; return $response;
} }
} /* }}} */ } /* }}} */
/**
* Middleware for authentication based on basic authentication
*
**/
class SeedDMS_Auth_Middleware_Basic { /* {{{ */
private $container;
public function __construct($container) {
$this->container = $container;
}
/**
* Basic authentication middleware invokable class
*
* @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request
* @param \Psr\Http\Message\ResponseInterface $response PSR7 response
* @param callable $next Next middleware
*
* @return \Psr\Http\Message\ResponseInterface
*/
public function __invoke($request, $handler) {
$dms = $this->container->get('dms');
$settings = $this->container->get('config');
$logger = $this->container->get('logger');
$userobj = null;
if ($this->container->has('userobj')) {
$userobj = $this->container->get('userobj');
}
if ($userobj) {
$response = $handler->handle($request);
return $response;
}
$logger->log("Invoke AuthBasicMiddleware for method " . $request->getMethod() . " on '" . $request->getUri()->getPath() . "'", PEAR_LOG_INFO);
$environment = $request->getServerParams();
if(!empty($environment['HTTP_AUTHORIZATION'])) {
$tmp = explode(' ', $environment['HTTP_AUTHORIZATION'], 2);
switch($tmp[0]) {
case 'Basic':
$logger->log("Basic authentication with ".$tmp[0]."=".$tmp[1], PEAR_LOG_INFO);
$authenticator = $this->container->get('authenticator');
$kk = explode(':', base64_decode($tmp[1]));
$userobj = $authenticator->authenticate($kk[0], $kk[1]);
if(!$userobj) {
$logger->log("Login with basic authentication for '".$kk[0]."' failed", PEAR_LOG_ERR);
$response = $this->responsefactory->createResponse();
return $response->withStatus(403);
}
$dms->setUser($userobj);
if($this->container instanceof \Slim\Container)
$this->container['userobj'] = $userobj;
else
$this->container->set('userobj', $userobj);
$logger->log("Login with basic authentication as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
break;
}
}
$this->container->set('userobj', $userobj);
if(!$userobj)
$logger->log("Not yet authenticated. Pass on to next middleware", PEAR_LOG_INFO);
else
$logger->log("Authenticated as ".(is_object($userobj) ? $userobj->getLogin() : "annon").". Pass on to next middleware", PEAR_LOG_INFO);
/* Always pass on to the next middleware. If that middleware does
* authentication, then it should first check if 'userobj' in the container
* is already set. The authentication shipped with seeddms restapi does that
* and skips its own authentication, if userobj already exists.
*/
$response = $handler->handle($request);
return $response;
}
} /* }}} */