46 lines
1.1 KiB
PHP
46 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace Jakach\Logging\Api;
|
|
|
|
use Jakach\Logging\Storage\Repository;
|
|
|
|
class AuthMiddleware
|
|
{
|
|
private Repository $repo;
|
|
|
|
public function __construct(Repository $repo)
|
|
{
|
|
$this->repo = $repo;
|
|
}
|
|
|
|
public function requireAuth(): ?array
|
|
{
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
session_set_cookie_params([
|
|
'lifetime' => 86400 * 7,
|
|
'path' => '/',
|
|
'httponly' => true,
|
|
'samesite' => 'Lax',
|
|
]);
|
|
session_start();
|
|
}
|
|
|
|
if (empty($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) {
|
|
return null;
|
|
}
|
|
|
|
$allowedTokens = $this->repo->getAllowedUserTokens();
|
|
if (!empty($allowedTokens)) {
|
|
$userToken = $_SESSION['user_token'] ?? '';
|
|
if (!in_array($userToken, $allowedTokens, true)) {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
return [
|
|
'username' => $_SESSION['username'] ?? 'unknown',
|
|
'user_token' => $_SESSION['user_token'] ?? '',
|
|
'email' => $_SESSION['email'] ?? '',
|
|
];
|
|
}
|
|
} |