From 3fc38c15a3afa7e0377e3b6cb4ffec1335a36f63 Mon Sep 17 00:00:00 2001
From: Dag <me@dvikan.no>
Date: Fri, 3 Jan 2025 06:19:24 +0100
Subject: fix: cache 400 and 404, and refactor token auth (#4388)

* fix(cache): also cache 400 and 404 responses

* refactor(token_auth)
---
 middlewares/TokenAuthenticationMiddleware.php | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'middlewares/TokenAuthenticationMiddleware.php')

diff --git a/middlewares/TokenAuthenticationMiddleware.php b/middlewares/TokenAuthenticationMiddleware.php
index f8234629..31544ab7 100644
--- a/middlewares/TokenAuthenticationMiddleware.php
+++ b/middlewares/TokenAuthenticationMiddleware.php
@@ -10,20 +10,24 @@ class TokenAuthenticationMiddleware implements Middleware
             return $next($request);
         }
 
-        // Always add token to request attribute
-        $request = $request->withAttribute('token', $request->get('token'));
+        $token = $request->get('token');
 
-        if (! $request->attribute('token')) {
+        if (! $token) {
             return new Response(render(__DIR__ . '/../templates/token.html.php', [
-                'message' => 'Missing token',
+                'message'   => 'Missing token',
+                'token'     => '',
             ]), 401);
         }
-        if (! hash_equals(Configuration::getConfig('authentication', 'token'), $request->attribute('token'))) {
+
+        if (! hash_equals(Configuration::getConfig('authentication', 'token'), $token)) {
             return new Response(render(__DIR__ . '/../templates/token.html.php', [
-                'message' => 'Invalid token',
+                'message'   => 'Invalid token',
+                'token'     => $token,
             ]), 401);
         }
 
+        $request = $request->withAttribute('token', $token);
+
         return $next($request);
     }
 }
-- 
cgit v1.2.3