52 lines
1.2 KiB
PHP
52 lines
1.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use App\Auth\Clock;
|
|
use App\Auth\SessionRepository;
|
|
use Closure;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class AuthMiddleware
|
|
{
|
|
public const COOKIE_NAME = 'auth_token';
|
|
|
|
public function __construct(
|
|
private SessionRepository $sessionRepo,
|
|
private Clock $clock,
|
|
) {
|
|
}
|
|
|
|
/**
|
|
* @param Closure(Request): Response $next
|
|
*/
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
$token = $request->cookie(self::COOKIE_NAME);
|
|
if (! is_string($token) || $token === '') {
|
|
return $this->unauthorized();
|
|
}
|
|
|
|
$session = $this->sessionRepo->findByToken($token);
|
|
if ($session === null) {
|
|
return $this->unauthorized();
|
|
}
|
|
|
|
if ($session->isExpired($this->clock->now())) {
|
|
$this->sessionRepo->deleteByToken($token);
|
|
|
|
return $this->unauthorized();
|
|
}
|
|
|
|
$request->attributes->set('user', $session->getUser());
|
|
|
|
return $next($request);
|
|
}
|
|
|
|
private function unauthorized(): JsonResponse
|
|
{
|
|
return new JsonResponse(['error' => 'unauthenticated'], 401);
|
|
}
|
|
}
|