diff options
| author |  Dag <me@dvikan.no>
| 2024-08-30 00:07:58 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2024-08-30 00:07:58 +0200 |
| commit | 39952c2d95cf4806063abbc2c7508cf9ab4f93e5 (patch) | |
| tree | c3528c58eee65819754335c3ba2cd59e08fdf0a0 /middlewares/TokenAuthenticationMiddleware.php | |
| parent | e7ae06dcf08f0c977a231bb1ce9cb0b6657b4cfd (diff) | |
| download | rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.tar.gz rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.tar.zst rss-bridge-39952c2d95cf4806063abbc2c7508cf9ab4f93e5.zip | |
refactor: implement middleware chain (#4240)
* refactor: implement middleware chain
* refactor
Diffstat (limited to 'middlewares/TokenAuthenticationMiddleware.php')
| -rw-r--r-- | middlewares/TokenAuthenticationMiddleware.php | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/middlewares/TokenAuthenticationMiddleware.php b/middlewares/TokenAuthenticationMiddleware.php new file mode 100644 index 00000000..f8234629 --- /dev/null +++ b/middlewares/TokenAuthenticationMiddleware.php @@ -0,0 +1,29 @@ +<?php + +declare(strict_types=1); + +class TokenAuthenticationMiddleware implements Middleware +{ + public function __invoke(Request $request, $next): Response + { + if (! Configuration::getConfig('authentication', 'token')) { + return $next($request); + } + + // Always add token to request attribute + $request = $request->withAttribute('token', $request->get('token')); + + if (! $request->attribute('token')) { + return new Response(render(__DIR__ . '/../templates/token.html.php', [ + 'message' => 'Missing token', + ]), 401); + } + if (! hash_equals(Configuration::getConfig('authentication', 'token'), $request->attribute('token'))) { + return new Response(render(__DIR__ . '/../templates/token.html.php', [ + 'message' => 'Invalid token', + ]), 401); + } + + return $next($request); + } +} |