This repository has been archived by the owner on Nov 25, 2020. It is now read-only.
/
AuthMiddleware.php
105 lines (85 loc) · 3.75 KB
/
AuthMiddleware.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php
/*
* Copyright 2007-2015 Abstrium <contact (at) pydio.com>
* This file is part of Pydio.
*
* Pydio is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Pydio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Pydio. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <http://pyd.io/>.
*/
namespace Pydio\Core\Http\Middleware;
use Psr\Http\Message\ServerRequestInterface;
use Pydio\Authfront\Core\AbstractAuthFrontend;
use Pydio\Authfront\Core\FrontendsLoader;
use Pydio\Core\Exception\AuthRequiredException;
use Pydio\Core\Exception\NoActiveWorkspaceException;
use Pydio\Core\Exception\PydioException;
use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Http\Server;
use Pydio\Core\PluginFramework\PluginsService;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
use Pydio\Log\Core\AJXP_Logger;
defined('AJXP_EXEC') or die('Access not allowed');
class AuthMiddleware
{
/**
* @param ServerRequestInterface $requestInterface
* @param \Psr\Http\Message\ResponseInterface $responseInterface
* @return \Psr\Http\Message\ResponseInterface
* @param callable|null $next
* @throws PydioException
*/
public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$requestInterface, \Psr\Http\Message\ResponseInterface &$responseInterface, callable $next = null){
$response = FrontendsLoader::frontendsAsAuthMiddlewares($requestInterface, $responseInterface);
if($response != null){
return $response;
}
self::bootSessionServer($requestInterface);
try{
ConfService::reloadServicesAndActivePlugins();
}catch (NoActiveWorkspaceException $ex){
$logged = AuthService::getLoggedUser();
if($logged !== null) $lock = $logged->getLock();
if(empty($lock)){
throw new AuthRequiredException();
}
}
return Server::callNextMiddleWare($requestInterface, $responseInterface, $next);
}
protected static function bootSessionServer(ServerRequestInterface $request){
$parameters = $request->getParsedBody();
if (isSet($parameters["tmp_repository_id"])) {
try{
ConfService::switchRootDir($parameters["tmp_repository_id"], true);
}catch(PydioException $e){}
} else if (isSet($_SESSION["SWITCH_BACK_REPO_ID"])) {
ConfService::switchRootDir($_SESSION["SWITCH_BACK_REPO_ID"]);
unset($_SESSION["SWITCH_BACK_REPO_ID"]);
}
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$res = ConfService::switchUserToActiveRepository($loggedUser, (isSet($parameters["tmp_repository_id"])?$parameters["tmp_repository_id"]:"-1"));
if (!$res) {
AuthService::disconnect();
}
}
}
//Set language
$loggedUser = AuthService::getLoggedUser();
if($loggedUser != null && $loggedUser->getPref("lang") != "") ConfService::setLanguage($loggedUser->getPref("lang"));
else if(isSet($request->getCookieParams()["AJXP_lang"])) ConfService::setLanguage($request->getCookieParams()["AJXP_lang"]);
}
}