Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity
1278fb4969
BookStack/app/Http/Middleware/Authenticate.php

48 lines
1.1 KiB
PHP
Raw Normal View History

Initial commit
2015-07-12 15:01:42 -04:00
<?php
Change application namespace to BookStack
2015-09-10 14:31:09 -04:00
namespace BookStack\Http\Middleware;
Initial commit
2015-07-12 15:01:42 -04:00
use Closure;
Change email confirmation from own middle to trait Email confirmation middleware caused more mess than good, As caused priority issues and it depended on auth actions. Instead its now a trai used on auth middlewares. Also used 'EncryptCookies' middleware on API instead of custom decryption in custom middleware since we'd need to do replicate all the same actions anyway. Shouldn't have too much effect since it only actions over cookies that exist, of which none should be there for most API requests. Also split out some large guard functions to be a little more readable and appease codeclimate.
2019-12-30 10:46:12 -05:00
use Illuminate\Http\Request;
Initial commit
2015-07-12 15:01:42 -04:00
class Authenticate
{
/**
* Handle an incoming request.
*/
Linked new API token system into middleware Base logic in place but needs review and refactor to see if can better fit into Laravel using 'Guard' system. Currently has issues due to cookies in use from active session on API.
2019-12-29 21:16:07 -05:00
public function handle(Request $request, Closure $next)
Initial commit
2015-07-12 15:01:42 -04:00
{
Updated auth pages to new design, Removed public layout
2019-02-03 12:34:15 -05:00
if (!hasAppAccess()) {
Initial commit
2015-07-12 15:01:42 -04:00
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
Replaced use of custom 'baseUrl' helper with 'url' Also changed up how base URL setting was being done by manipulating incoming request URLs instead of altering then on generation.
2019-08-04 09:26:39 -04:00
return redirect()->guest(url('/login'));
Initial commit
2015-07-12 15:01:42 -04:00
}
}
return $next($request);
}
Added API listing filtering & cleaned ApiAuthenticate returns API listing endpoint filter can be found via &filter[name]=my+book query parameters. There are a range of operators that can be used such as &filter[id:gte]=4
2020-01-01 11:33:47 -05:00
/**
* Provide an error response for when the current user's email is not confirmed
* in a system which requires it.
*/
protected function emailConfirmationErrorResponse(Request $request)
{
if ($request->wantsJson()) {
return response()->json([
'error' => [
Apply fixes from StyleCI
2021-06-26 11:23:15 -04:00
'code' => 401,
'message' => trans('errors.email_confirmation_awaiting'),
],
Added API listing filtering & cleaned ApiAuthenticate returns API listing endpoint filter can be found via &filter[name]=my+book query parameters. There are a range of operators that can be used such as &filter[id:gte]=4
2020-01-01 11:33:47 -05:00
], 401);
}
Updated flow to ensure /register/confirm route is used where needed Was accidentally skipped during previous updates. Will now be used on saml, ldap & standard registration where required. Uses session to know if the email was just sent and, if so, show the confirmation route.
2020-09-05 12:26:48 -04:00
if (session()->get('sent-email-confirmation') === true) {
return redirect('/register/confirm');
}
Added API listing filtering & cleaned ApiAuthenticate returns API listing endpoint filter can be found via &filter[name]=my+book query parameters. There are a range of operators that can be used such as &filter[id:gte]=4
2020-01-01 11:33:47 -05:00
return redirect('/register/confirm/awaiting');
}
Initial commit
2015-07-12 15:01:42 -04:00
}
Reference in New Issue Copy Permalink