Skip to content
Permalink
Browse files

Security: implement security middleware

  • Loading branch information...
f3l1x committed Oct 16, 2017
1 parent cc162ff commit cb920bd53049920e4972d62d4a8f2c1efcce1334
Showing with 20 additions and 2 deletions.
  1. +20 −2 src/SecurityMiddleware.php
@@ -27,7 +27,7 @@ public function __construct(IAuthenticator $authenticator)
}
/**
* Drop base path from URL
* Authenticate user from given request
*
* @param ServerRequestInterface $psr7Request
* @param ResponseInterface $psr7Response
@@ -40,7 +40,7 @@ public function __invoke(ServerRequestInterface $psr7Request, ResponseInterface
// If we have a identity, then go to next middlewares,
// otherwise stop and return current response
if (!$identity) return $psr7Response;
if (!$identity) return $this->denied($psr7Request, $psr7Response);
// Add info about current identity
$psr7Request = $psr7Request->withAttribute(self::ATTR_IDENTITY, $identity);
@@ -49,4 +49,22 @@ public function __invoke(ServerRequestInterface $psr7Request, ResponseInterface
return $next($psr7Request, $psr7Response);
}
/**
* @param ServerRequestInterface $psr7Request
* @param ResponseInterface $psr7Response
* @return ResponseInterface
*/
protected function denied(ServerRequestInterface $psr7Request, ResponseInterface $psr7Response)
{
$psr7Response->getBody()->write(json_encode([
'status' => 'error',
'message' => 'Client authentication failed',
'code' => 401,
]));
return $psr7Response
->withHeader('Content-Type', 'application/json')
->withStatus(401);
}
}

0 comments on commit cb920bd

Please sign in to comment.
You can’t perform that action at this time.